jaeswift-website/api/data/awesomelist/sector_PRP-008.json

{"code": "PRP-008", "name": "SECURITY", "icon": "\ud83d\udd12", "lists": [{"name": "Piracy", "subcategories": [{"name": "Piracy \u2014 Background Information", "entries": [{"name": "Wikipedia \"File sharing\" category", "url": "https://en.wikipedia.org/wiki/Category:File_sharing", "description": ""}, {"name": "VPNs", "url": "#vpns", "description": ""}, {"name": "Browser Extensions", "url": "#browser-extensions", "description": ""}, {"name": "Userscripts", "url": "#userscripts", "description": ""}, {"name": "Password Vaults", "url": "#password-vaults", "description": ""}, {"name": "Antivirus", "url": "#antivirus", "description": ""}, {"name": "Privacy", "url": "#privacy", "description": ""}, {"name": "Email", "url": "#email", "description": ""}, {"name": "Operating Systems", "url": "#operating-systems", "description": ""}, {"name": "Decentralised Networks", "url": "#decentralised-networks", "description": ""}, {"name": "Domain Names", "url": "#domain-names", "description": ""}, {"name": "Torrenting", "url": "#torrenting", "description": ""}, {"name": "Usenet", "url": "#usenet", "description": ""}, {"name": "Direct Downloads", "url": "#direct-downloads", "description": ""}, {"name": "Media Centre Applications", "url": "#media-centre-applications", "description": ""}, {"name": "Stremio", "url": "#stremio", "description": ""}, {"name": "Plex", "url": "#plex", "description": ""}, {"name": "Kodi", "url": "#kodi", "description": ""}, {"name": "Gaming", "url": "#gaming", "description": ""}, {"name": "Music", "url": "#music", "description": ""}, {"name": "Software", "url": "#software", "description": ""}, {"name": "Ebooks", "url": "#ebooks", "description": ""}, {"name": "Magazines", "url": "#magazines", "description": ""}, {"name": "Academic Papers and Material", "url": "#academic-papers-and-material", "description": ""}, {"name": "Textbooks", "url": "#textbooks", "description": ""}, {"name": "Courses and Tutorials", "url": "#courses-and-tutorials", "description": ""}, {"name": "Audiobooks", "url": "#audiobooks", "description": ""}, {"name": "Comicbooks", "url": "#comicbooks", "description": ""}, {"name": "Manga", "url": "#manga", "description": ""}, {"name": "Documentaries", "url": "#documentaries", "description": ""}, {"name": "Fonts, Icons and Graphics", "url": "#fonts-icons-and-graphics", "description": ""}, {"name": "Automation", "url": "#automation", "description": ""}, {"name": "P2P Networks", "url": "#p2p-networks", "description": ""}, {"name": "Ripping, Transcoding, Converting, Encoding", "url": "#ripping-transcoding-converting-encoding", "description": ""}, {"name": "Cloud Storage", "url": "#cloud-storage", "description": ""}, {"name": "File Renaming and Tagging", "url": "#file-renaming-and-tagging", "description": ""}, {"name": "Mobile Apps", "url": "#mobile-apps", "description": ""}, {"name": "Discord Servers", "url": "#discord-servers", "description": ""}, {"name": "IPTV and DVR", "url": "#iptv-and-dvr", "description": ""}, {"name": "IRC", "url": "#irc", "description": ""}, {"name": "DC++", "url": "#dc", "description": ""}, {"name": "Full Movies On", "url": "#full-movies-on", "description": ""}, {"name": "Piracy Blogs and News", "url": "#piracy-blogs-and-news", "description": ""}, {"name": "Content Discovery", "url": "#content-discovery", "description": ""}, {"name": "Dashboards and Homepages", "url": "#dashboards-and-homepages", "description": ""}, {"name": "Proxy Sites", "url": "#proxy-sites", "description": ""}, {"name": "File Sharing Tools", "url": "#file-sharing-tools", "description": ""}, {"name": "Stream Synchronisation", "url": "#stream-synchronisation", "description": ""}, {"name": "Telegram Piracy", "url": "#telegram-piracy", "description": ""}, {"name": "Miscellaneous", "url": "#miscellaneous", "description": ""}], "notes": []}, {"name": "Piracy \u2014 VPN Guides and Tutorials", "entries": [{"name": "That One Privacy Site", "url": "https://thatoneprivacysite.net/vpn-section/", "description": ""}, {"name": "Choosing the best VPN (for you)", "url": "https://www.reddit.com/r/VPN/comments/4iho8e/that_one_privacy_guys_guide_to_choosing_the_best/?st=iu9u47u7\\&sh=459a76f2", "description": ""}, {"name": "/r/VPN wiki", "url": "https://www.reddit.com/r/VPN/wiki/index", "description": ""}, {"name": "Choosing the VPN that's right for you", "url": "https://ssd.eff.org/en/module/choosing-vpn-thats-right-you", "description": ""}, {"name": "Which VPN services keep you anonymous in 2018?", "url": "https://torrentfreak.com/vpn-services-keep-anonymous-2018/", "description": ""}, {"name": "privacytools.io", "url": "https://www.privacytools.io/", "description": ""}, {"name": "VPN over SSH", "url": "https://wiki.archlinux.org/index.php/VPN_over_SSH", "description": ""}, {"name": "/r/VPNTorrents", "url": "https://www.reddit.com/r/VPNTorrents", "description": ""}], "notes": []}, {"name": "Piracy \u2014 VPN Subscription Services", "entries": [{"name": "Private Internet Access", "url": "https://www.privateinternetaccess.com/", "description": ""}, {"name": "Mullvad", "url": "https://mullvad.net/en/", "description": ""}, {"name": "ProtonVPN", "url": "https://protonvpn.com/", "description": ""}, {"name": "NordVPN", "url": "https://nordvpn.com/", "description": ""}, {"name": "Windscribe", "url": "https://windscribe.com/", "description": ""}, {"name": "ExpressVPN", "url": "https://www.expressvpn.com/vpnmentor1", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Self-hosted VPNs", "entries": [{"name": "n2n", "url": "https://github.com/ntop/n2n", "description": "", "stars": "5.1k"}, {"name": "PeerVPN", "url": "https://peervpn.net/", "description": ""}, {"name": "OpenVPN", "url": "https://openvpn.net/", "description": ""}, {"name": "Nebula", "url": "https://github.com/slackhq/nebula", "description": "", "stars": "12k"}, {"name": "Pritunl", "url": "https://pritunl.com/", "description": ""}, {"name": "WireGuard VPN", "url": "https://www.wireguard.com/", "description": ""}, {"name": "sshuttle", "url": "https://github.com/sshuttle/sshuttle", "description": "", "stars": "10k"}, {"name": "ZeroTier", "url": "https://www.zerotier.com", "description": ""}, {"name": "Outline by Alphabet", "url": "https://www.getoutline.org/", "description": ""}, {"name": "Mysterium Network", "url": "https://mysterium.network/", "description": ""}, {"name": "tinc", "url": "https://tinc-vpn.org/", "description": ""}, {"name": "OpenConnect", "url": "https://www.infradead.org/openconnect/", "description": ""}, {"name": "Shadowsocks", "url": "https://shadowsocks.org/", "description": ""}, {"name": "Decentraleyes", "url": "https://decentraleyes.org/", "description": ""}, {"name": "Privacy Badger", "url": "https://www.eff.org/privacybadger", "description": ""}, {"name": "HTTPS Everywhere", "url": "https://www.eff.org/https-everywhere", "description": ""}, {"name": "uBlock Origin", "url": "https://github.com/gorhill/uBlock", "description": "", "stars": "36k"}, {"name": "TamperMonkey", "url": "https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?hl=en", "description": ""}, {"name": "WebRTC Network Limiter", "url": "https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia?hl=en", "description": ""}, {"name": "ScriptSafe", "url": "https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en", "description": ""}, {"name": "NoScript", "url": "https://noscript.net/getit", "description": ""}, {"name": "Burlesco", "url": "https://burles.co/en/", "description": ""}, {"name": "Universal Bypass", "url": "https://github.com/Sainan/Universal-Bypass", "description": ""}, {"name": "Violentmonkey", "url": "https://violentmonkey.github.io/", "description": ""}, {"name": "Anti-Paywall", "url": "https://github.com/nextgens/anti-paywall", "description": "", "stars": "647"}, {"name": "Google Unlocked", "url": "https://github.com/Ibit-to/google-unlocked", "description": "", "stars": "2k"}, {"name": "IMDb Scout", "url": "https://greasyfork.org/en/scripts/3967-imdb-scout", "description": ""}, {"name": "IMDb Scout Mod", "url": "https://greasyfork.org/en/scripts/407284-imdb-scout-mod", "description": ""}, {"name": "AdsBypasser", "url": "https://adsbypasser.github.io/", "description": ""}, {"name": "AntiAdware", "url": "https://greasyfork.org/en/scripts/4294-antiadware", "description": ""}, {"name": "Direct download from Google Play", "url": "https://greasyfork.org/en/scripts/33005-direct-download-from-google-play/", "description": ""}, {"name": "AdGuard Popup Blocker", "url": "https://github.com/AdguardTeam/PopupBlocker", "description": "", "stars": "241"}, {"name": "Torrentz2 Magnet", "url": "https://greasyfork.org/en/scripts/21547-torrentz2-magnet", "description": ""}, {"name": "Bypass paywalls for scientific documents", "url": "https://greasyfork.org/en/scripts/35521-bypass-paywalls-for-scientific-documents", "description": ""}, {"name": "Bypass Google Sorry (reCAPTCHA)", "url": "https://greasyfork.org/en/scripts/33226-bypass-google-sorry-recaptcha", "description": ""}, {"name": "Google Image \"View Image\" button", "url": "https://greasyfork.org/en/scripts/392076-google-images-direct-link-fix", "description": ""}, {"name": "MoreCAPTCHA", "url": "https://greasyfork.org/en/scripts/31088-morecaptcha", "description": ""}, {"name": "MAL-Sync", "url": "https://greasyfork.org/en/scripts/372847-mal-sync", "description": ""}, {"name": "Remove fake TPB torrents", "url": "https://www.removeddit.com/r/Piracy/comments/78aicx/i_wrote_a_small_script_that_automatically_hides/", "description": ""}, {"name": "Get DLC Info from SteamDB", "url": "https://cs.rin.ru/forum/viewtopic.php?t=71837", "description": ""}, {"name": "The Pirate Bay Cleaner", "url": "https://greasyfork.org/en/scripts/1573-the-pirate-bay-cleaner", "description": ""}, {"name": "BitWarden", "url": "https://bitwarden.com/", "description": ""}, {"name": "1Password", "url": "https://1password.com/", "description": ""}, {"name": "KeePass", "url": "https://keepass.info/", "description": ""}, {"name": "LastPass", "url": "https://www.lastpass.com/", "description": ""}, {"name": "Pass", "url": "https://www.passwordstore.org/", "description": ""}, {"name": "Dashlane", "url": "https://www.dashlane.com/", "description": ""}, {"name": "Passbolt", "url": "https://www.passbolt.com/", "description": ""}, {"name": "LessPass", "url": "https://lesspass.com/", "description": ""}, {"name": "Psono", "url": "https://psono.com/", "description": ""}, {"name": "Buttercup", "url": "https://buttercup.pw/", "description": ""}, {"name": "MalwareBytes", "url": "https://www.malwarebytes.com/", "description": ""}, {"name": "HitmanPro", "url": "https://www.hitmanpro.com", "description": ""}, {"name": "VirusTotal", "url": "https://www.virustotal.com/", "description": ""}, {"name": "How to remove viruses and malware on your Windows PC", "url": "https://www.howtogeek.com/126911/what-to-do-if-you-get-a-virus-on-your-computer/", "description": ""}, {"name": "Avast Antivirus", "url": "https://www.avast.com", "description": ""}, {"name": "Prism Break", "url": "https://prism-break.org/en/", "description": ""}, {"name": "/r/privacy", "url": "https://www.reddit.com/r/privacy/", "description": ""}, {"name": "Any Soft Keyboard", "url": "https://github.com/AnySoftKeyboard/AnySoftKeyboard", "description": "", "stars": "2.5k"}], "notes": []}, {"name": "Piracy \u2014 Windows 10 Privacy", "entries": [{"name": "O\\&O ShutUp10", "url": "https://www.oo-software.com/en/shutup10", "description": ""}, {"name": "Windows 10 Privacy Guide", "url": "https://github.com/adolfintel/Windows10-Privacy", "description": "", "stars": "1.4k"}, {"name": "Windows Privacy Tweaker", "url": "https://www.phrozen.io/freeware/windows-privacy-tweaker/", "description": ""}, {"name": "Winaero", "url": "https://winaero.com/blog/about-us/", "description": ""}, {"name": "WPD", "url": "https://wpd.app/", "description": ""}, {"name": "Destroy-Windows-10-Spying", "url": "http://m.majorgeeks.com/files/details/destroy_windows_10_spying.html", "description": ""}, {"name": "Tron", "url": "https://www.reddit.com/r/TronScript", "description": ""}, {"name": "Tallow", "url": "https://github.com/basil00/TorWall", "description": "", "stars": "474"}, {"name": "ProtonMail", "url": "https://protonmail.com/", "description": ""}, {"name": "10 Minute Mail", "url": "https://10minutemail.net/", "description": ""}, {"name": "Cock.li", "url": "https://cock.li/", "description": ""}, {"name": "Tutanota", "url": "https://tutanota.com/", "description": ""}, {"name": "Tor", "url": "https://www.torproject.org/", "description": ""}, {"name": "I2P", "url": "https://geti2p.net/en/", "description": ""}, {"name": "Freenet", "url": "https://freenetproject.org", "description": ""}, {"name": "Zeronet", "url": "https://zeronet.io/", "description": ""}, {"name": "Loki", "url": "https://github.com/loki-project/loki-network", "description": "", "stars": "1.5k"}, {"name": "IPFS", "url": "https://ipfs.io/", "description": ""}, {"name": "Yggdrasil", "url": "https://yggdrasil-network.github.io/about.html", "description": ""}, {"name": "Qubes OS", "url": "https://www.qubes-os.org/", "description": ""}, {"name": "Tails", "url": "https://tails.boum.org/", "description": ""}, {"name": "Njalla", "url": "https://njal.la/", "description": ""}, {"name": "xip.io", "url": "http://xip.io/", "description": ""}, {"name": "Domainr", "url": "https://domainr.com/", "description": ""}, {"name": "/r/torrents", "url": "https://www.reddit.com/r/torrents", "description": ""}, {"name": "BitTorrent", "url": "https://en.wikipedia.org/wiki/BitTorrent", "description": ""}, {"name": "Live Tracer", "url": "https://trace.corrupt-net.org/live.php", "description": ""}, {"name": "magent2torrent.me", "url": "http://magnet2torrent.me/", "description": ""}, {"name": "mgnet.me", "url": "http://mgnet.me/", "description": ""}, {"name": "Torrent\ud83e\uddf2Parts", "url": "https://torrent.parts/", "description": "Inspect and edit what's in your Torrent file or Magnet link"}, {"name": "Torrage", "url": "https://torrage.info/", "description": ""}, {"name": "peerflix Google Search", "url": "https://www.google.com/search?q=peerflix+site%3Aherokuapp.com", "description": ""}, {"name": "Torznab", "url": "https://nzbdrone.readthedocs.io/Implementing-a-Torznab-indexer/", "description": ""}, {"name": "xbit", "url": "https://xbit.pw", "description": ""}, {"name": "torrents.csv", "url": "https://gitlab.com/dessalines/torrents.csv", "description": ""}, {"name": "torrents-csv.ml", "url": "https://torrents-csv.ml", "description": ""}, {"name": "mktorrent", "url": "https://github.com/Rudde/mktorrent", "description": "", "stars": "415"}, {"name": "Torrent Paradise", "url": "https://torrent-paradise.ml/", "description": ""}, {"name": "torrent.nz", "url": "https://torrent.nz/", "description": ""}, {"name": "magnetico", "url": "https://github.com/boramalper/magnetico", "description": "", "stars": "2.9k"}], "notes": []}, {"name": "Piracy \u2014 Trackers", "entries": [{"name": "/r/trackers", "url": "https://www.reddit.com/r/trackers", "description": ""}, {"name": "A Simple Guide To A Better Ratio", "url": "https://www.reddit.com/r/trackers/comments/fthja/a_simple_guide_to_a_better_ratio/", "description": ""}, {"name": "Tracker Twitters", "url": "https://filenetworks.blogspot.com/2010/12/list-of-private-torrent-trackers.html", "description": ""}, {"name": "Bravo List", "url": "http://www.bvlist.com/", "description": ""}, {"name": "AlphaRatio", "url": "https://alpharatio.cc", "description": ""}, {"name": "AnimeBytes", "url": "https://animebytes.tv/", "description": ""}, {"name": "Audionews", "url": "https://audionews.org/", "description": ""}, {"name": "Awesome HD", "url": "https://awesome-hd.me/", "description": ""}, {"name": "BakaBT", "url": "https://bakabt.me/", "description": ""}, {"name": "Bibliotik", "url": "https://bibliotik.me/", "description": ""}, {"name": "Bitspyder", "url": "http://bitspyder.net/", "description": ""}, {"name": "Blutopia", "url": "https://blutopia.xyz", "description": ""}, {"name": "CGPeers", "url": "https://www.cgpeers.com/", "description": ""}, {"name": "Filelist", "url": "https://filelist.io/", "description": ""}, {"name": "GazelleGames", "url": "https://gazellegames.net/login.php", "description": ""}, {"name": "HD4Free", "url": "https://hd4.xyz", "description": ""}, {"name": "HD-Forever", "url": "https://hdf.world/", "description": ""}, {"name": "HD-Space", "url": "https://hd-space.org/", "description": ""}, {"name": "IPTorrents", "url": "https://iptorrents.com/", "description": ""}, {"name": "JPopsuki", "url": "https://jpopsuki.eu/", "description": ""}, {"name": "MyAnonaMouse", "url": "https://www.myanonamouse.net/", "description": ""}, {"name": "MySpleen", "url": "http://www.myspleen.org/login.php", "description": ""}, {"name": "Nostalgic Torrents", "url": "https://nostalgic.is/", "description": ""}, {"name": "PassThePopcorn", "url": "https://passthepopcorn.me/", "description": ""}, {"name": "PolishTracker", "url": "https://pte.nu/", "description": ""}, {"name": "PolishSource", "url": "https://polishsource.cz/", "description": ""}, {"name": "PrivateHD", "url": "https://privatehd.to/", "description": ""}, {"name": "Redacted", "url": "https://redacted.ch/", "description": ""}, {"name": "TheGeeks", "url": "https://thegeeks.click/", "description": ""}, {"name": "TorrentLeech", "url": "https://torrentleech.org/", "description": ""}, {"name": "TVChaos UK", "url": "https://www.tvchaosuk.com/", "description": ""}, {"name": "UHDBits", "url": "https://uhdbits.org/", "description": ""}, {"name": "WorldOfP2P", "url": "https://worldofp2p.net", "description": ""}, {"name": "/PTG tracker manifesto", "url": "https://pastebin.com/thLgSkNE", "description": ""}, {"name": "0QoLttS.jpg", "url": "https://i.imgur.com/0QoLttS.jpg", "description": ""}, {"name": "Private Tracker Flowchart", "url": "https://wiki.installgentoo.com/images/9/97/Private_tracker_flowchart.png", "description": ""}, {"name": "Private trackers", "url": "https://wiki.installgentoo.com/index.php/Private_trackers", "description": ""}, {"name": "RED Interview Prep", "url": "https://interviewfor.red/en/index.html", "description": ""}, {"name": "Tracker Spreadsheet", "url": "https://docs.google.com/spreadsheets/d/1zYZ2107xOZwQ37AjLTc5A4dUJl0ilg8oMrZyA0BGvc0/edit#gid=1357476050", "description": ""}, {"name": "ruTracker", "url": "https://rutracker.org/forum/index.php", "description": ""}, {"name": "Zamunda.net", "url": "http://zamunda.net", "description": ""}, {"name": "ArenaBG", "url": "https://arenabg.com/", "description": ""}, {"name": "NoNaMe Club", "url": "https://nnmclub.to/", "description": ""}, {"name": "MetalArea", "url": "https://metalarea.org/", "description": ""}, {"name": "1337x", "url": "https://1337x.to/", "description": ""}, {"name": "ETTV", "url": "https://www.ettv.tv/", "description": ""}, {"name": "EZTV", "url": "https://eztv.ag/", "description": ""}, {"name": "Isohunt2", "url": "https://isohunt2.net/", "description": ""}, {"name": "KickAss Torrents", "url": "https://katcr.co/", "description": ""}, {"name": "RARBG", "url": "https://rarbg.to/", "description": ""}, {"name": "YTS", "url": "https://yts.am/", "description": ""}, {"name": "The Pirate Bay", "url": "https://thepiratebay.org/", "description": ""}, {"name": "The Proxy Bay", "url": "https://proxybay.bz/", "description": ""}, {"name": "Idope (Clone)", "url": "https://idope.se/", "description": ""}, {"name": "Torrentz2", "url": "https://torrentz2.is/", "description": ""}, {"name": "Zooqle", "url": "https://zooqle.com/", "description": ""}, {"name": "rutor", "url": "http://rutor.info/", "description": ""}, {"name": "GloTorrents", "url": "https://glodls.to/", "description": ""}, {"name": "BTDB", "url": "https://btdb.eu/", "description": ""}, {"name": "BTDigg", "url": "https://btdig.com/", "description": ""}, {"name": "trackerslist", "url": "https://github.com/ngosang/trackerslist", "description": "", "stars": "40k"}, {"name": "MagnetDL", "url": "http://www.magnetdl.com/", "description": ""}, {"name": "TorrentGalaxy", "url": "https://torrentgalaxy.org/", "description": ""}, {"name": "Games4theworld", "url": "https://games4theworld.org", "description": ""}, {"name": "metal-tracker.com", "url": "http://en.metal-tracker.com/", "description": ""}, {"name": "SkyTorrents", "url": "https://www.skytorrents.lol/", "description": ""}, {"name": "Pirateiro", "url": "http://pirateiro.com/", "description": ""}, {"name": "TorrentKing", "url": "https://torrentking.io/", "description": ""}, {"name": "moviemagnet", "url": "http://moviemagnet.co/", "description": ""}, {"name": "Zonatorrent", "url": "https://zonatorrent.tv/", "description": ""}, {"name": "TorrentFunk", "url": "https://www.torrentfunk.com/", "description": ""}, {"name": "OTorrents", "url": "https://otorrents.com/", "description": ""}, {"name": "Torlock", "url": "https://www.torlock.com/", "description": ""}, {"name": "DIGBT", "url": "https://www.digbt.org/", "description": ""}, {"name": "Torrent9", "url": "https://www.torrent9.ph/", "description": ""}, {"name": "YggTorrent", "url": "https://yggtorrent.li/", "description": ""}, {"name": "WorldWide Torrents", "url": "https://worldwidetorrents.me/", "description": ""}, {"name": "Rock Box", "url": "https://rawkbawx.rocks/", "description": ""}, {"name": "Music Torrent", "url": "http://music-torrent.net", "description": ""}, {"name": "7torrents", "url": "https://www.7torrents.cc/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Tracker Aggregators", "entries": [{"name": "snowfl", "url": "https://snowfl.com/", "description": ""}, {"name": "Torrents.me", "url": "https://torrents.me/", "description": ""}, {"name": "rats-search", "url": "https://github.com/DEgITx/rats-search", "description": "", "stars": "1.3k"}, {"name": "AIO Search", "url": "http://www.aiosearch.com/", "description": ""}, {"name": "SolidTorrents", "url": "https://solidtorrents.net", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Tracker Proxies", "entries": [{"name": "Jackett", "url": "https://github.com/Jackett/Jackett", "description": "", "stars": "9.3k"}, {"name": "Cardigann", "url": "https://github.com/cardigann/cardigann", "description": "", "stars": "439"}, {"name": "nzbhydra2", "url": "https://github.com/theotherp/nzbhydra2/", "description": "", "stars": "1k"}], "notes": []}, {"name": "Piracy \u2014 Tracker Invites", "entries": [{"name": "/r/OpenSignups", "url": "https://www.reddit.com/r/opensignups", "description": ""}, {"name": "/r/Invites", "url": "https://www.reddit.com/r/invites", "description": ""}, {"name": "Open sign-ups thread", "url": "https://www.reddit.com/r/trackers/comments/7ildxx/open_signups_thread/", "description": ""}, {"name": "Opentrackers.org", "url": "https://opentrackers.org/", "description": ""}, {"name": "getting\\_into\\_private\\_trackers", "url": "https://www.reddit.com/r/trackers/wiki/getting_into_private_trackers", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Torrent Clients", "entries": [{"name": "qBitTorrent", "url": "https://www.qbittorrent.org/", "description": ""}, {"name": "qBitTorrent search function", "url": "https://www.techsupportalert.com/qbittorrent-help-torrent-search-engine", "description": ""}, {"name": "qBitTorrent plugins for public sites", "url": "https://github.com/qbittorrent/search-plugins/wiki/Unofficial-search-plugins#plugins-for-public-sites", "description": "", "stars": "2.9k"}, {"name": "Transmission", "url": "https://transmissionbt.com/", "description": ""}, {"name": "Popcorn Time", "url": "https://github.com/popcorn-official/popcorn-desktop", "description": "", "stars": "8.1k"}, {"name": "Butter Project", "url": "http://butterproject.org/", "description": ""}, {"name": "BitLord", "url": "http://www.bitlord.com/", "description": ""}, {"name": "Tixati", "url": "https://tixati.com/", "description": ""}, {"name": "PicoTorrent", "url": "https://picotorrent.org/", "description": ""}, {"name": "FrostWire", "url": "https://www.frostwire.com/", "description": ""}, {"name": "peerflix", "url": "https://github.com/mafintosh/peerflix", "description": "", "stars": "6.1k"}, {"name": "RapidBay", "url": "https://github.com/hauxir/rapidbay", "description": "", "stars": "542"}, {"name": "Tornado", "url": "https://tornado-torrent.gitlab.io/posts/first-beta/", "description": ""}, {"name": "Deluge", "url": "https://www.deluge-torrent.org/", "description": ""}, {"name": "AutoRemovePlus", "url": "https://github.com/omaralvarez/deluge-autoremoveplus", "description": "", "stars": "149"}, {"name": "ltConfig", "url": "https://github.com/ratanakvlun/deluge-ltconfig/releases", "description": "", "stars": "295"}, {"name": "Deluge Plugins", "url": "https://dev.deluge-torrent.org/wiki/Plugins", "description": ""}, {"name": "rTorrent", "url": "https://rakshasa.github.io/rtorrent/", "description": ""}, {"name": "ruTorrent", "url": "https://github.com/Novik/ruTorrent", "description": "", "stars": "1.9k"}, {"name": "rTorrent Community wiki", "url": "https://github.com/rtorrent-community/rtorrent-community.github.io/wiki", "description": "", "stars": "6"}, {"name": "rTorrent Docs", "url": "https://rtorrent-docs.readthedocs.io/en/latest/", "description": ""}, {"name": "rutorrent-themes", "url": "https://github.com/InAnimaTe/rutorrent-themes", "description": "", "stars": "11"}, {"name": "flood", "url": "https://github.com/jfurrow/flood", "description": "", "stars": "1.8k"}, {"name": "rTorrent ArchWiki Page", "url": "https://wiki.archlinux.org/index.php/RTorrent", "description": ""}, {"name": "rTorrent Seedbox Guide", "url": "https://jes.sc/kb/rTorrent-ruTorrent-Seedbox-Guide.php", "description": ""}, {"name": "rtorrent-ps", "url": "https://github.com/pyroscope/rtorrent-ps", "description": "", "stars": "442"}, {"name": "pyrocore", "url": "https://github.com/pyroscope/pyrocore", "description": "", "stars": "281"}, {"name": "rTorrent research", "url": "https://calomel.org/rtorrent_mods.html", "description": ""}, {"name": "rutorrent-all-seeders", "url": "https://github.com/AkdM/rutorrent-all-seeders", "description": "", "stars": "3"}, {"name": "magnetoo", "url": "https://www.magnetoo.io/", "description": ""}, {"name": "\u03b2Torrent", "url": "https://btorrent.xyz/", "description": ""}, {"name": "WebTorrent Desktop", "url": "https://webtorrent.io/desktop/", "description": ""}, {"name": "Instant.io", "url": "https://instant.io/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 autodl-irssi", "entries": [{"name": "autodl-irssi", "url": "https://autodl-community.github.io/autodl-irssi/", "description": ""}, {"name": "autodl-curl-sonarr", "url": "https://github.com/Zymest/autodl-curl-sonarr", "description": ""}, {"name": "mreg", "url": "https://github.com/Igglybuff/mreg", "description": "", "stars": "15"}, {"name": "Slack notifications for autodl-irssi", "url": "https://gist.github.com/Igglybuff/00d5e91274a562ac724d358bbbc8bc7b", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Seedboxes", "entries": [{"name": "/r/seedboxes", "url": "https://www.reddit.com/r/seedboxes", "description": ""}, {"name": "SeedSync", "url": "https://github.com/ipsingh06/seedsync", "description": "", "stars": "268"}, {"name": "Seedr", "url": "https://www.seedr.cc/", "description": ""}, {"name": "ZXCFiles", "url": "http://www.zxcfiles.net", "description": ""}, {"name": "Bitport.io", "url": "https://bitport.io/", "description": ""}, {"name": "Torrent Safe", "url": "https://www.torrentsafe.com/", "description": ""}, {"name": "Furk.net", "url": "https://www.furk.net/", "description": ""}, {"name": "FileStream.me", "url": "https://filestream.me/", "description": ""}, {"name": "2Giga.link", "url": "https://www.2giga.link/", "description": ""}, {"name": "Foxleech", "url": "https://www.foxleech.com/", "description": ""}, {"name": "Boxopus", "url": "https://boxopus.com/", "description": ""}, {"name": "Put.io", "url": "https://put.io/", "description": ""}, {"name": "Put.io automator", "url": "https://github.com/datashaman/putio-automator", "description": "", "stars": "69"}, {"name": "novaDedi", "url": "https://novadedi.net/index.php", "description": ""}, {"name": "CheckServers.OVH", "url": "https://checkservers.ovh/", "description": ""}, {"name": "Kimsufi", "url": "https://www.kimsufi.com/uk/", "description": ""}, {"name": "Online.net", "url": "https://www.online.net/en", "description": ""}, {"name": "Hetzner", "url": "https://hetzner.co.za/", "description": ""}, {"name": "/u/Andy10gbit", "url": "https://www.reddit.com/r/seedboxes/comments/9iu7o8/andy10gbit_server_and_seedbox_list/", "description": ""}, {"name": "Bytesized Hosting", "url": "https://bytesized-hosting.com/", "description": ""}, {"name": "FeralHosting", "url": "https://www.feralhosting.com/pricing", "description": ""}, {"name": "Whatbox", "url": "https://whatbox.ca/", "description": ""}, {"name": "Seedboxes.cc", "url": "https://seedboxes.cc/", "description": ""}, {"name": "UltraSeedbox", "url": "https://www.ultraseedbox.com/", "description": ""}, {"name": "SeedHost", "url": "https://www.seedhost.eu/seedboxes.php", "description": ""}, {"name": "Chmuranet", "url": "https://www.chmuranet.com/", "description": ""}, {"name": "Xirvik", "url": "https://www.xirvik.com/", "description": ""}, {"name": "OVH", "url": "https://www.ovh.com/world/", "description": ""}, {"name": "SoYouStart", "url": "https://www.soyoustart.com/us/", "description": ""}, {"name": "PulsedMedia", "url": "https://pulsedmedia.com/", "description": ""}, {"name": "Cloudboxes.io", "url": "https://cloudboxes.io/", "description": ""}, {"name": "Seedbox.io", "url": "https://seedbox.io/", "description": ""}, {"name": "Giga-Rapid.com", "url": "https://giga-rapid.com/gigaseedbox.php", "description": ""}, {"name": "swizzin", "url": "https://swizzin.ltd/", "description": ""}, {"name": "Seedbox Guide", "url": "https://seedboxgui.de/", "description": ""}, {"name": "rtinst", "url": "https://github.com/arakasi72/rtinst", "description": "", "stars": "1.2k"}, {"name": "sboxsetup", "url": "https://github.com/dannyti/sboxsetup", "description": "", "stars": "125"}, {"name": "QuickBox IO", "url": "https://quickbox.io/", "description": ""}, {"name": "MediaServer-DockerComposeFiles", "url": "https://github.com/vaeyo/MediaServer-DockerComposeFiles", "description": "", "stars": "125"}, {"name": "usenet-docker", "url": "https://github.com/justinhamlett/usenet-docker", "description": "", "stars": "170"}, {"name": "DockSTARTer", "url": "https://github.com/GhostWriters/DockSTARTer", "description": "", "stars": "1.9k"}, {"name": "OpenFLIXR", "url": "http://www.openflixr.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Tracker Frameworks", "entries": [{"name": "Torrent-Tracker-Platforms", "url": "https://github.com/HDVinnie/Torrent-Tracker-Platforms", "description": "", "stars": "410"}, {"name": "UNIT3D", "url": "https://github.com/HDInnovations/UNIT3D", "description": "", "stars": "1.7k"}, {"name": "meanTorrent", "url": "https://github.com/taobataoma/meanTorrent", "description": "", "stars": "481"}, {"name": "NexusPHP", "url": "https://github.com/ZJUT/NexusPHP", "description": "", "stars": "406"}, {"name": "Gazelle", "url": "https://whatcd.github.io/Gazelle/", "description": ""}, {"name": "opentracker", "url": "https://erdgeist.org/arts/software/opentracker/", "description": ""}, {"name": "Usenet", "url": "https://en.wikipedia.org/wiki/Usenet", "description": ""}, {"name": "Usenet newsgroup", "url": "https://en.wikipedia.org/wiki/Usenet_newsgroup", "description": ""}, {"name": "/r/Usenet", "url": "https://www.reddit.com/r/Usenet", "description": ""}, {"name": "/r/UsenetInvites", "url": "https://www.reddit.com/r/UsenetInvites", "description": ""}, {"name": "NZBLINK", "url": "https://nzblnk.info/", "description": ""}, {"name": "Usenet-Uploaders", "url": "https://github.com/animetosho/Nyuu/wiki/Usenet-Uploaders", "description": "", "stars": "176"}, {"name": "QuickPar", "url": "http://www.quickpar.org.uk/index.htm", "description": ""}, {"name": "NZB Monkey", "url": "https://nzblnk.info/nzb-monkey/", "description": ""}, {"name": "SABconnect++", "url": "https://github.com/gboudreau/sabconnectplusplus", "description": "", "stars": "71"}], "notes": []}, {"name": "Piracy \u2014 Usenet Providers", "entries": [{"name": "Usenet Providers and Backbones", "url": "https://upload.wikimedia.org/wikipedia/commons/7/7d/Usenet_Providers_and_Backbones.svg", "description": ""}, {"name": "A Quick Guide to Choosing a Usenet Provider", "url": "https://www.reddit.com/r/usenet/comments/a7ffm7/a_quick_guide_to_choosing_a_usenet_provider/", "description": ""}, {"name": "Eweka", "url": "https://www.eweka.nl/", "description": ""}, {"name": "Newsdemon", "url": "https://www.newsdemon.com/", "description": ""}, {"name": "Newsgroup Ninja", "url": "https://www.newsgroup.ninja/en", "description": ""}, {"name": "Usenet Express", "url": "http://usenetexpress.com/", "description": ""}, {"name": "Usenet.Farm", "url": "https://usenet.farm/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Usenet Indexers", "entries": [{"name": "/r/Usenet wiki: indexers", "url": "https://www.reddit.com/r/Usenet/wiki/indexers", "description": ""}, {"name": "nZEDb", "url": "https://github.com/nZEDb/nZEDb", "description": "", "stars": "601"}, {"name": "newznab-tmux", "url": "https://github.com/NNTmux/newznab-tmux", "description": "", "stars": "187"}, {"name": "newznab", "url": "http://www.newznab.com/", "description": ""}, {"name": "nZEDb-deploy", "url": "https://github.com/PREngineer/nZEDb-deploy", "description": "", "stars": "22"}, {"name": "NZBgeek", "url": "https://nzbgeek.info/", "description": ""}, {"name": "NZBFinder", "url": "https://nzbfinder.ws/", "description": ""}, {"name": "DrunkenSlug", "url": "https://drunkenslug.com/", "description": ""}, {"name": "NZBCat", "url": "https://nzb.cat/", "description": ""}, {"name": "DOGnzb", "url": "https://dognzb.cr/login", "description": ""}, {"name": "omgwtfnzbs", "url": "https://omgwtfnzbs.me/login", "description": ""}, {"name": "6box", "url": "https://6box.me/", "description": ""}, {"name": "Usenet Crawler", "url": "https://usenet-crawler.com/", "description": ""}, {"name": "NZBIndex", "url": "https://www.nzbindex.com", "description": ""}, {"name": "Binsearch", "url": "https://www.binsearch.info/", "description": ""}, {"name": "NZBKing", "url": "http://nzbking.com/", "description": ""}, {"name": "GingaDADDY", "url": "https://www.gingadaddy.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Usenet Clients", "entries": [{"name": "SABnzbd", "url": "https://sabnzbd.org/", "description": ""}, {"name": "NZBget", "url": "https://nzbget.net/", "description": ""}, {"name": "Usenetic", "url": "https://www.usenetic.com/", "description": ""}, {"name": "Unison", "url": "https://panic.com/blog/the-future-of-unison/", "description": ""}, {"name": "spotweb", "url": "https://github.com/spotweb/spotweb", "description": "", "stars": "459"}, {"name": "Newsbin", "url": "http://newsbin.com/about.php", "description": ""}, {"name": "NZBVortex 3", "url": "https://www.nzbvortex.com/landing/", "description": ""}, {"name": "alt.binz", "url": "https://www.altbinz.net/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Download Managers", "entries": [{"name": "JDownloader2", "url": "https://jdownloader.org/jdownloader2", "description": ""}, {"name": "Internet Download Manager", "url": "https://www.internetdownloadmanager.com/", "description": ""}, {"name": "idm-trial-reset", "url": "https://github.com/J2TeaM/idm-trial-reset", "description": "", "stars": "1.9k"}, {"name": "Persepolis", "url": "https://github.com/persepolisdm/persepolis", "description": "", "stars": "5.7k"}, {"name": "pyLoad", "url": "https://pyload.net/", "description": ""}, {"name": "Xtreme Download Manager", "url": "https://subhra74.github.io/xdm/#", "description": ""}, {"name": "Plowshare", "url": "https://github.com/mcrapet/plowshare", "description": "", "stars": "830"}, {"name": "FreeDownloadManager", "url": "https://www.freedownloadmanager.org/", "description": ""}, {"name": "EagleGet", "url": "http://www.eagleget.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 DDL Tools", "entries": [{"name": "youtube-dl", "url": "https://youtube-dl.org/", "description": ""}, {"name": "youtube-dl-gui", "url": "https://mrs0m30n3.github.io/youtube-dl-gui/", "description": ""}, {"name": "youtube-dl-helper", "url": "https://youtube-dl-helper.github.io/", "description": ""}, {"name": "YouTube MP3 Rip", "url": "https://ytmp3.cc/en9/", "description": ""}, {"name": "Leonflix", "url": "https://leonflix.net/", "description": ""}, {"name": "maulvi.github.io", "url": "https://maulvi.github.io/", "description": ""}, {"name": "RapidLeech", "url": "https://github.com/Th3-822/rapidleech", "description": "", "stars": "574"}, {"name": "megatools", "url": "https://github.com/megous/megatools", "description": "", "stars": "1.6k"}, {"name": "MegaCrypt.js", "url": "https://github.com/JohnDeved/megacrypt.js", "description": "", "stars": "106"}, {"name": "netclix", "url": "https://github.com/ston3o/netclix", "description": "", "stars": "84"}, {"name": "FilePursuit", "url": "https://filepursuit.com", "description": ""}, {"name": "grayhatwarfare S3 bucket search", "url": "https://buckets.grayhatwarfare.com/", "description": ""}, {"name": "annie", "url": "https://github.com/iawia002/annie", "description": "", "stars": "21k"}, {"name": "aria2", "url": "https://aria2.github.io/", "description": ""}, {"name": "Persepolis", "url": "https://persepolisdm.github.io/", "description": ""}, {"name": "axel", "url": "https://github.com/axel-download-accelerator/axel", "description": "", "stars": "2.5k"}, {"name": "uGet", "url": "https://ugetdm.com/", "description": ""}, {"name": "ripme", "url": "https://github.com/RipMeApp/ripme", "description": "", "stars": "3.4k"}, {"name": "rdcli", "url": "https://github.com/ston3o/rdcli", "description": "", "stars": "114"}, {"name": "get\\_iplayer", "url": "https://github.com/get-iplayer/get_iplayer", "description": "", "stars": "1.8k"}, {"name": "MEGAsync", "url": "https://mega.nz/sync", "description": ""}, {"name": "wget", "url": "https://www.gnu.org/software/wget/", "description": ""}, {"name": "wget - a noob's guide", "url": "https://the-eye.eu/public/Wget_Linux_Guide.pdf", "description": ""}, {"name": "wget for Windows", "url": "https://eternallybored.org/misc/wget/", "description": ""}, {"name": "curl", "url": "https://en.wikipedia.org/wiki/CURL", "description": ""}, {"name": "FlixGrab", "url": "https://www.flixgrab.com/", "description": ""}, {"name": "Mega.nz IDM Downloader", "url": "https://web.archive.org/web/20200629125743/https://github.com/CHEF-KOCH/Mega.nz-IDM-downloader", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Custom Google Search Engines", "entries": [{"name": "Musgle", "url": "http://www.musgle.com/", "description": ""}, {"name": "Jimmyr", "url": "http://www.jimmyr.com/mp3_search.php", "description": ""}], "notes": []}, {"name": "Piracy \u2014 FTP Indexers", "entries": [{"name": "Davos", "url": "https://github.com/linuxserver/davos", "description": "", "stars": "144"}, {"name": "Napalm FTP Indexer", "url": "https://www.searchftps.net/", "description": ""}, {"name": "Mamont's open FTP Index", "url": "http://www.mmnt.net/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 DDL Search Engines and Crawlers", "entries": [{"name": "ololo", "url": "https://ololo.to/", "description": ""}, {"name": "MegaSearch", "url": "http://megasearch.co", "description": ""}, {"name": "VideoSpider", "url": "https://videospider.in/", "description": ""}, {"name": "Orion", "url": "https://orionoid.com/", "description": ""}, {"name": "Alluc", "url": "https://w1.alluc.uno/", "description": ""}, {"name": "OD-Database", "url": "https://od-db.the-eye.eu/", "description": ""}, {"name": "IPLIVE", "url": "https://iplive.club/", "description": ""}, {"name": "SoftArchive", "url": "https://sanet.st/full/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 DDL Link Sites", "entries": [{"name": "/r/ZippyShare", "url": "https://www.reddit.com/r/ZippyShare", "description": ""}, {"name": "DirtyWarez Forum", "url": "https://forum.dirtywarez.com/", "description": ""}, {"name": "snahp.it", "url": "https://snahp.it/", "description": ""}, {"name": "BlackPearl.biz", "url": "https://blackpearl.biz/", "description": ""}, {"name": "hdencode", "url": "https://hdencode.com/", "description": ""}, {"name": "WarezForums", "url": "https://warezforums.com/", "description": ""}, {"name": "Movies \"R\" Us", "url": "https://moviesrus.tk", "description": ""}, {"name": "Movie Glide", "url": "https://www.movieglide.com/", "description": ""}, {"name": "Release BB", "url": "http://rlsbb.ru", "description": ""}, {"name": "DDLValley", "url": "https://www.ddlvalley.me/", "description": ""}, {"name": "AdiT-HD", "url": "http://adit-hd.com/", "description": ""}, {"name": "TwoDDL", "url": "http://2ddl.ws", "description": ""}, {"name": "RapidMoviez", "url": "http://rmz.cr/", "description": ""}, {"name": "SceneSource", "url": "https://scnsrc.me/", "description": ""}, {"name": "MkvCage", "url": "https://www.mkvcage.ws/", "description": ""}, {"name": "MovieFiles", "url": "https://moviefiles.org/", "description": ""}, {"name": "IceFilms.info", "url": "https://www.icefilms.info/", "description": ""}, {"name": "DownArchive", "url": "http://downarchive.org/", "description": ""}, {"name": "PSARips", "url": "https://psarips.com/", "description": ""}, {"name": "DeeJayPirate's Pastebin", "url": "https://pastebin.com/u/DeeJayPirate", "description": ""}, {"name": "AvaxHome", "url": "https://avxhm.se", "description": ""}, {"name": "Moviesleak", "url": "https://moviesleak.net/", "description": ""}, {"name": "Dospelis", "url": "https://www.dospelis.net", "description": ""}, {"name": "movidy", "url": "https://movidy.co", "description": ""}, {"name": "Vidics", "url": "https://www.vidics.to/", "description": ""}, {"name": "watchepisodeseries", "url": "https://watchepisodeseries.bypassed.wtf/", "description": ""}, {"name": "watchtvseries", "url": "http://watchtvseries.unblckd.club/", "description": ""}, {"name": "DownTurk", "url": "https://www.downturk.net/", "description": ""}, {"name": "ScnLog", "url": "https://scnlog.me/", "description": ""}, {"name": "filewarez.tv", "url": "https://filewarez.tv/", "description": ""}, {"name": "Movie-blog.org", "url": "http://movie-blog.sx/", "description": ""}, {"name": "Movieworld.to", "url": "http://movieworld.to/", "description": ""}, {"name": "DDL-Warez", "url": "https://ddl-warez.to/", "description": ""}, {"name": "DDL-Music", "url": "https://ddl-music.to/", "description": ""}, {"name": "AppNee Freeware Group", "url": "https://appnee.com/", "description": ""}, {"name": "480mkv", "url": "http://480mkv.com/", "description": ""}, {"name": "FilmRls", "url": "https://filmrls.com/", "description": ""}, {"name": "Tinymkv", "url": "https://tinymkv.xyz/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Premium Link Generators", "entries": [{"name": "File Hosting Wiki", "url": "https://filehostlist.miraheze.org/wiki/Main_Page", "description": ""}, {"name": "Real-Debrid", "url": "https://real-debrid.com/", "description": ""}, {"name": "Premiumize", "url": "https://www.premiumize.me/", "description": ""}, {"name": "Premiumizer", "url": "https://github.com/piejanssens/premiumizer", "description": "", "stars": "168"}, {"name": "OffCloud", "url": "https://offcloud.com/?=85a8b709", "description": ""}, {"name": "Reevown", "url": "https://reevown.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Premium Link Hosts", "entries": [{"name": "File sharing table", "url": "https://nafanz.github.io/", "description": ""}, {"name": "Mega", "url": "https://mega.nz/", "description": ""}, {"name": "OpenLoad", "url": "https://openload.co/", "description": ""}, {"name": "RapidGator", "url": "https://rapidgator.net/", "description": ""}, {"name": "4shared", "url": "https://www.4shared.com/", "description": ""}, {"name": "Mediafire", "url": "https://www.mediafire.com/", "description": ""}, {"name": "Sendspace", "url": "https://www.sendspace.com/", "description": ""}, {"name": "Uploaded", "url": "https://uploaded.net/", "description": ""}, {"name": "Zippyshare", "url": "https://www.zippyshare.com/", "description": ""}, {"name": "NitroFlare", "url": "http://nitroflare.net/", "description": ""}, {"name": "PutLocker", "url": "https://www5.putlockertv.to/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Open Directories", "entries": [{"name": "httpdirfs", "url": "https://github.com/fangfufu/httpdirfs", "description": "", "stars": "660"}, {"name": "\"All resources I know related to Open Directories\"", "url": "https://www.reddit.com/r/opendirectories/comments/933pzm/all_resources_i_know_related_to_open_directories/", "description": ""}, {"name": "The Eye", "url": "https://the-eye.eu/public/", "description": ""}, {"name": "The Holy Grail of Indexes", "url": "https://www.reddit.com/r/opendirectories/comments/75ya8g/the_holy_grail_of_indexes/", "description": ""}, {"name": "36 GB of Flash Games", "url": "https://www.reddit.com/r/opendirectories/comments/902j1i/36_gb_of_flash_games_19k_files/", "description": ""}, {"name": "FileMasta", "url": "https://github.com/HerbL27/FileMasta", "description": "", "stars": "628"}, {"name": "/r/opendirectories", "url": "https://www.reddit.com/r/opendirectories", "description": ""}, {"name": "opendirectories-bot", "url": "https://github.com/simon987/opendirectories-bot", "description": "", "stars": "31"}, {"name": "Panelshow.club", "url": "http://panelshow.club/", "description": ""}, {"name": "andesite", "url": "https://github.com/nektro/andesite", "description": "", "stars": "76"}, {"name": "OpenDirectoryDownloader", "url": "https://github.com/KoalaBear84/OpenDirectoryDownloader", "description": "", "stars": "926"}], "notes": []}, {"name": "Piracy \u2014 Streaming Sites", "entries": [{"name": "How To Stream Movies, TV, Anime & Sports Online", "url": "https://www.reddit.com/r/FREEMEDIAHECKYEAH/wiki/index", "description": ""}, {"name": "/r/MovieStreamingSites", "url": "https://www.reddit.com/r/MovieStreamingSites/", "description": ""}, {"name": "HD MultiredditHD", "url": "https://www.reddit.com/user/nbatman/m/streaming2/", "description": ""}, {"name": "Best Free Streaming", "url": "https://www.bestfreestreaming.com/", "description": ""}, {"name": "YMovies", "url": "https://ymovies.tv/", "description": ""}, {"name": "HDO", "url": "https://hdo.to/", "description": ""}, {"name": "M4UFree.TV", "url": "http://m4ufree.tv/", "description": ""}, {"name": "Movie123", "url": "http://movie123.club/", "description": ""}, {"name": "LookMovie", "url": "https://lookmovie.ag/", "description": ""}, {"name": "AZMovies", "url": "https://azmovies.xyz/", "description": ""}, {"name": "Streamlord", "url": "http://www.streamlord.com/", "description": ""}, {"name": "FlixGo", "url": "https://flixgo.net/", "description": ""}, {"name": "Solarmovie", "url": "https://solarmoviez.ru/solar.html", "description": ""}, {"name": "123Movies", "url": "https://123movies.website/", "description": ""}, {"name": "Yes! Movies", "url": "https://yesmovies.to", "description": ""}, {"name": "Spacemov", "url": "http://spacemov.io/", "description": ""}, {"name": "HDOnline", "url": "https://www1.hdonline.eu", "description": ""}, {"name": "#1 Movies Website", "url": "https://www1.1movies.is", "description": ""}, {"name": "CMoviesHD", "url": "https://www2.cmovieshd.bz", "description": ""}, {"name": "Vidcloud", "url": "https://vidcloud.icu/", "description": ""}, {"name": "Series9", "url": "https://www2.series9.io/", "description": ""}, {"name": "Soap2day", "url": "https://www.soap2day.com/", "description": ""}, {"name": "Best-movies.watch", "url": "https://best-movies.watch/", "description": ""}, {"name": "Streaming Multireddit", "url": "https://www.reddit.com/user/nbatman/m/streaming/", "description": ""}, {"name": "5Movies", "url": "http://5movies.to/", "description": ""}, {"name": "2TwoMovies", "url": "https://two-movies.net/", "description": ""}, {"name": "CafeHulu", "url": "http://cafehulu.com/", "description": ""}, {"name": "Solarmovie.fm", "url": "http://www.solarmovie.fm/", "description": ""}, {"name": "Afdah", "url": "http://afdah.to/", "description": ""}, {"name": "YouTube", "url": "http://YouTube.com/", "description": ""}, {"name": "WorldSrc", "url": "https://worldsrc.org", "description": ""}, {"name": "WatchSeries", "url": "http://dwatchseries.to/", "description": ""}, {"name": "TVBox", "url": "https://tvbox.ag/", "description": ""}, {"name": "Nyaa", "url": "https://nyaa.si/", "description": ""}, {"name": "Hi10 Anime", "url": "https://hi10anime.com/", "description": ""}, {"name": "Anime Kaizoku", "url": "https://animekaizoku.com/", "description": ""}, {"name": "Anime Kayo", "url": "https://animekayo.com/", "description": ""}, {"name": "/r/animepiracy", "url": "https://www.reddit.com/r/animepiracy", "description": ""}, {"name": "/r/animepiracy wiki", "url": "https://www.reddit.com/r/animepiracy/wiki/index", "description": ""}, {"name": "9Anime", "url": "https://9anime.to", "description": ""}, {"name": "All-animes", "url": "https://all-animes.com", "description": ""}, {"name": "GoGo Anime", "url": "https://www3.gogoanime.in/", "description": ""}, {"name": "AniLinkz", "url": "https://anilinkz.to/", "description": ""}, {"name": "NyaaPantsu", "url": "https://nyaa.pantsu.cat/", "description": ""}, {"name": "Alternatives to Kiss websites", "url": "https://www.reddit.com/r/KissCartoon/wiki/alternatives", "description": ""}, {"name": "anime-sharing", "url": "http://www.anime-sharing.com/forum/", "description": ""}, {"name": "AniDex", "url": "https://anidex.info", "description": ""}, {"name": "animeEncodes", "url": "https://www.animencodes.com/", "description": ""}, {"name": "Anime Twist", "url": "https://twist.moe/", "description": ""}, {"name": "AnimeOut", "url": "https://www.animeout.xyz/", "description": ""}, {"name": "Kissanime.ac", "url": "https://kissanime.ac/", "description": ""}, {"name": "Anime8", "url": "https://anime8.me/", "description": ""}, {"name": "4anime", "url": "https://4anime.to/", "description": ""}, {"name": "AnimeRam", "url": "https://ww2.animeram.cc/", "description": ""}, {"name": "animepahe", "url": "https://animepahe.com/", "description": ""}, {"name": "KissCartoon", "url": "https://kisscartoon.ac/", "description": ""}, {"name": "watchcartoononline.com", "url": "https://www.watchcartoononline.com/", "description": ""}, {"name": "watchcartoononline.io", "url": "https://www.watchcartoononline.io/", "description": ""}, {"name": "animetoon", "url": "http://www.animetoon.org/", "description": ""}, {"name": "Toonova", "url": "http://www.toonova.net/", "description": ""}, {"name": "KimCartoon", "url": "https://kimcartoon.to/", "description": ""}, {"name": "WatchCartoon", "url": "https://www.watchcartoononline.io/", "description": ""}, {"name": "/r/MLBstreams", "url": "https://www.reddit.com/r/MLBstreams/", "description": ""}, {"name": "/r/NHLstreams", "url": "https://www.reddit.com/r/NHLstreams/", "description": ""}, {"name": "/r/ncaaBBallstreams", "url": "https://www.reddit.com/r/ncaaBBallstreams/", "description": ""}, {"name": "/r/CFBstreams", "url": "https://www.reddit.com/r/CFBstreams/", "description": ""}, {"name": "/r/WWEstreams", "url": "https://www.reddit.com/r/WWEstreams/", "description": ""}, {"name": "/r/rugbystreams", "url": "https://www.reddit.com/r/rugbystreams/", "description": ""}, {"name": "/r/mmafights", "url": "https://www.reddit.com/r/mmafights/", "description": ""}, {"name": "/r/motorsportsstreams", "url": "https://www.reddit.com/r/motorsportsstreams", "description": ""}, {"name": "Best Sport Streaming", "url": "https://www.bestsportstreaming.com/", "description": ""}, {"name": "LiveTV", "url": "https://livesx.eu/", "description": ""}, {"name": "Cricfree", "url": "https://crickfree.org/", "description": ""}, {"name": "VIPBox", "url": "https://www.vipbox.live/", "description": ""}, {"name": "MamaHD", "url": "https://www.mamahd.org/", "description": ""}, {"name": "Send It", "url": "https://sendit.gg/", "description": ""}, {"name": "SportsHD", "url": "http://www.speedsports.me", "description": ""}, {"name": "720pStream", "url": "http://www.720pstream.me/", "description": ""}, {"name": "footybite", "url": "https://www.footybite.com/", "description": ""}, {"name": "Einthusan", "url": "https://einthusan.tv/intro/", "description": ""}, {"name": "Dramago", "url": "http://www.dramago.com/", "description": ""}, {"name": "WatchAsian", "url": "https://www2.watchasian.co/", "description": ""}, {"name": "Layarkaca", "url": "http://layarkaca21.ru/", "description": ""}, {"name": "DramaCool", "url": "http://www1.dramacoolfirst.com/", "description": ""}, {"name": "Daxiv Video", "url": "https://daxiv.com/", "description": ""}, {"name": "KingsofHorror", "url": "https://www.YouTube.com/user/TheKingsofHorror/", "description": ""}, {"name": "MutantSorority", "url": "https://www.YouTube.com/channel/UCWcF6KTn_sSSJ1AIj1bQmRg", "description": ""}, {"name": "TromaMovies", "url": "https://www.YouTube.com/channel/UC4O0LNYmaOczcSMHA_FE1Mw", "description": ""}, {"name": "Film1k", "url": "http://www.film1k.com/la-bestia-uccide-a-sangue-freddo-1971.html", "description": ""}, {"name": "Rulu", "url": "https://www.rulu.co/", "description": ""}, {"name": "Club MST3k", "url": "http://www.club-mst3k.com/", "description": ""}, {"name": "Archive.org", "url": "https://archive.org/", "description": ""}, {"name": "MioMio", "url": "http://www.miomio.tv/", "description": ""}, {"name": "MovieZion", "url": "https://www.nicemoviezion.pro/", "description": ""}, {"name": "Vmovee", "url": "https://vmovee.me/", "description": ""}, {"name": "MovieJagg", "url": "https://www.coolmoviejagg.pro/", "description": ""}, {"name": "IWannaWatch", "url": "https://www.iwannawatch.is/", "description": ""}, {"name": "UWatchFree", "url": "https://www.uwatchfree.tv/", "description": ""}, {"name": "Oakmovies", "url": "http://oakmovies.com/", "description": ""}, {"name": "Vexmovies", "url": "http://vexmovies.org/", "description": ""}, {"name": "Openloadmovie", "url": "https://openloadmovie.ws/", "description": ""}, {"name": "cine.to", "url": "https://cine.to/", "description": ""}, {"name": "cinebloom", "url": "https://www2.cinebloom.com", "description": ""}, {"name": "HDEUROPIX", "url": "https://topeuropix.net/", "description": ""}, {"name": "openloadmovies.net", "url": "https://openloadmovies.net/", "description": ""}, {"name": "HD MOVIES", "url": "https://hdm.to/", "description": ""}, {"name": "VodLocker", "url": "https://vodlocker.tv/", "description": ""}, {"name": "StreamCouch", "url": "https://www2.streamcouch.com/", "description": ""}, {"name": "Qwemovies", "url": "https://www3.qwemovies.com/", "description": ""}, {"name": "movies2k", "url": "http://www.movie2k.st", "description": ""}, {"name": "xPau.se", "url": "http://xpau.se/", "description": ""}, {"name": "Flixanity", "url": "https://flixanity.xyz/", "description": ""}, {"name": "MegaShare", "url": "http://megashare9.su", "description": ""}, {"name": "XMovies8", "url": "https://xmovies8.ru/", "description": ""}, {"name": "IceFilms", "url": "http://www.icefilms.info/", "description": ""}, {"name": "FilmXY", "url": "https://www.filmxy.nl/", "description": ""}, {"name": "1Movies", "url": "http://1movies.nl", "description": ""}, {"name": "WatchFullMovie", "url": "http://watchfullmovie.co", "description": ""}, {"name": "FMOVIES", "url": "https://www3.fmovies.to/", "description": ""}, {"name": "WatchFree", "url": "https://watchfree.at/", "description": ""}, {"name": "pahe.in", "url": "https://pahe.in/", "description": ""}, {"name": "megaDDL", "url": "https://megaddl.co/", "description": ""}, {"name": "Plex", "url": "https://www.plex.tv/", "description": ""}, {"name": "Emby", "url": "https://emby.media/", "description": ""}, {"name": "Kodi", "url": "https://kodi.tv/", "description": ""}, {"name": "OpenPHT", "url": "https://github.com/RasPlex/OpenPHT", "description": "", "stars": "593"}, {"name": "Viewscreen", "url": "https://github.com/viewscreen/viewscreen", "description": "", "stars": "225"}, {"name": "Streama", "url": "https://github.com/streamaserver/streama", "description": "", "stars": "9.3k"}, {"name": "Myflix", "url": "https://github.com/pastapojken/Myflix", "description": "", "stars": "306"}, {"name": "Stremio", "url": "https://www.stremio.com/", "description": ""}, {"name": "Gerbera", "url": "https://github.com/gerbera/gerbera", "description": "", "stars": "1k"}, {"name": "Serviio", "url": "http://serviio.org/", "description": ""}, {"name": "OSMC", "url": "https://osmc.tv/", "description": ""}, {"name": "Subsonic", "url": "http://www.subsonic.org/pages/index.jsp", "description": ""}, {"name": "Rygel", "url": "https://wiki.gnome.org/Projects/Rygel", "description": ""}, {"name": "jellyfin", "url": "https://github.com/jellyfin/jellyfin", "description": "", "stars": "23k"}, {"name": "r/StremioAddons", "url": "https://www.reddit.com/r/StremioAddons/", "description": ""}, {"name": "A complete curated list of all working Stremio Add-ons", "url": "https://www.reddit.com/r/StremioAddons/comments/ahd6gk/sticky_stremio_addons_list/", "description": ""}, {"name": "PimpMyStremio", "url": "https://github.com/sungshon/PimpMyStremio", "description": "", "stars": "252"}, {"name": "Stremio Downloader", "url": "https://github.com/BurningSands70/stremio-downloader", "description": "", "stars": "140"}, {"name": "Stremio - Watch together with friends", "url": "https://www.reddit.com/r/StremioAddons/comments/cvmu80/guide_stremio_how_to_watch_together/", "description": ""}, {"name": "Stremio - Phone Remote", "url": "https://www.reddit.com/r/StremioAddons/comments/cuc3yo/news_phone_remote_for_stremio/", "description": ""}, {"name": "Stremio Catalog Builder", "url": "https://www.reddit.com/r/StremioAddons/comments/atizrk/news_stremio_catalog_builder/", "description": ""}, {"name": "linuxserver/docker-plex", "url": "https://github.com/linuxserver/docker-plex", "description": "", "stars": "957"}, {"name": "plexinc/pms-docker", "url": "https://github.com/plexinc/pms-docker", "description": "", "stars": "2.6k"}, {"name": "timhaak/plex", "url": "https://github.com/timhaak/docker-plex", "description": ""}, {"name": "PGBlitz.com", "url": "https://pgblitz.com/", "description": ""}, {"name": "hoarding.me", "url": "https://hoarding.me/", "description": ""}, {"name": "PlexPi", "url": "http://plexpi.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Plex Plugins", "entries": [{"name": "Official Plex Plugins", "url": "https://github.com/plexinc-plugins", "description": ""}, {"name": "WebTools.bundle", "url": "https://github.com/ukdtom/WebTools.bundle", "description": "", "stars": "1.3k"}, {"name": "Audiobooks.bundle", "url": "https://github.com/macr0dev/Audiobooks.bundle", "description": "", "stars": "573"}, {"name": "Sub-Zero.bundle", "url": "https://github.com/pannal/Sub-Zero.bundle", "description": "", "stars": "1.6k"}, {"name": "TvplexendChannel.bundle", "url": "https://github.com/pgaubatz/TvplexendChannel.bundle", "description": "", "stars": "68"}, {"name": "IPTV.bundle", "url": "https://github.com/Cigaras/IPTV.bundle", "description": "", "stars": "902"}, {"name": "HDGrandSlam.bundle", "url": "https://github.com/jumpmanjay/HDGrandSlam.bundle", "description": "", "stars": "78"}, {"name": "HDHRViewerV2.bundle", "url": "https://github.com/zynine-/HDHRViewerV2.bundle", "description": "", "stars": "95"}, {"name": "SS Plex", "url": "https://mikew.github.io/ss-plex.bundle/", "description": ""}, {"name": "ExportTools.bundle", "url": "https://github.com/ukdtom/ExportTools.bundle", "description": "", "stars": "331"}, {"name": "Plex-Trakt-Scrobbler", "url": "https://github.com/trakt/Plex-Trakt-Scrobbler", "description": "", "stars": "1.4k"}, {"name": "Moviemania.bundle", "url": "https://www.reddit.com/r/MoviemaniaHQ/comments/6znf6b/plex_pluginagent_beta_1/", "description": ""}, {"name": "lmwt-kiss.bundle", "url": "https://github.com/Twoure/lmwt-kiss.bundle", "description": "", "stars": "18"}, {"name": "RequestChannel.bundle", "url": "https://github.com/ngovil21/RequestChannel.bundle", "description": "", "stars": "158"}, {"name": "SRT2UTF-8.bundle", "url": "https://github.com/ukdtom/SRT2UTF-8.bundle", "description": "", "stars": "121"}, {"name": "PlexTools.bundle", "url": "https://github.com/jwdempsey/PlexTools.bundle", "description": ""}, {"name": "FMoviesPlus.bundle", "url": "https://github.com/coder-alpha/FMoviesPlus.bundle", "description": "", "stars": "58"}, {"name": "SuperPLEX", "url": "https://normantheidiot.neocities.org/superplex/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Plex Requests", "entries": [{"name": "Ombi", "url": "http://ombi.io/", "description": ""}, {"name": "plexrequests-meteor", "url": "https://github.com/lokenx/plexrequests-meteor", "description": "", "stars": "532"}, {"name": "Mellow", "url": "https://github.com/v0idp/Mellow/", "description": "", "stars": "206"}, {"name": "MediaButler", "url": "https://github.com/physk/MediaButler", "description": "", "stars": "3"}], "notes": []}, {"name": "Piracy \u2014 Plex Scripts and Tools", "entries": [{"name": "plex\\_top\\_playlists", "url": "https://github.com/pbrink231/plex_top_playlists", "description": "", "stars": "107"}, {"name": "JBOPS", "url": "https://github.com/blacktwin/JBOPS", "description": "", "stars": "1.4k"}, {"name": "plex-subtitles-normalizer", "url": "https://github.com/caridy/plex-subtitles-normalizer", "description": "", "stars": "14"}, {"name": "plex\\_autoscan", "url": "https://github.com/l3uddz/plex_autoscan", "description": "", "stars": "400"}, {"name": "plexupdate", "url": "https://github.com/mrworf/plexupdate", "description": "", "stars": "1.7k"}, {"name": "plex2netflix", "url": "https://github.com/SpaceK33z/plex2netflix", "description": "", "stars": "270"}, {"name": "plexReport", "url": "https://github.com/bstascavage/plexReport", "description": "", "stars": "65"}, {"name": "plex-sync", "url": "https://github.com/jacobwgillespie/plex-sync", "description": "", "stars": "293"}, {"name": "PlexIPTV", "url": "https://github.com/xiaodoudou/PlexIPTV", "description": "", "stars": "185"}, {"name": "Plex Media Tagger", "url": "https://github.com/ccjensen/PlexMediaTagger", "description": "", "stars": "144"}, {"name": "PlexEmail", "url": "https://github.com/jakewaldron/PlexEmail", "description": "", "stars": "205"}, {"name": "Transmogrify", "url": "https://github.com/Transmogrify-for-Plex/Transmogrify-for-Plex-chrome", "description": "", "stars": "70"}, {"name": "PlexAuth", "url": "https://github.com/hjone72/PlexAuth", "description": "", "stars": "105"}, {"name": "Phlex", "url": "https://github.com/d8ahazard/Phlex", "description": "", "stars": "615"}, {"name": "Plex Redirect", "url": "https://github.com/ITRav4/PlexRedirect", "description": "", "stars": "227"}, {"name": "Plaxt", "url": "https://plaxt.herokuapp.com/", "description": ""}, {"name": "goplaxt", "url": "https://github.com/XanderStrike/goplaxt/", "description": "", "stars": "274"}, {"name": "plxdwnld", "url": "https://piplong.run/plxdwnld/", "description": ""}, {"name": "Kitana", "url": "https://github.com/pannal/Kitana", "description": "", "stars": "444"}, {"name": "Python-PlexLibrary", "url": "https://github.com/adamgot/python-plexlibrary", "description": "", "stars": "202"}, {"name": "NowShowing", "url": "https://github.com/ninthwalker/NowShowing", "description": "", "stars": "70"}, {"name": "\"My (scripted) solution to having a single Movies library for 4k and non-4k.\"", "url": "https://www.reddit.com/r/PleX/comments/afs8m9/my_scripted_solution_to_having_a_single_movies/", "description": ""}, {"name": "PlexMissingEpisodes", "url": "https://github.com/MysticRyuujin/PlexMissingEpisodes", "description": "", "stars": "43"}, {"name": "Gaps", "url": "https://github.com/JasonHHouse/Gaps", "description": "", "stars": "546"}, {"name": "PlexRecs", "url": "https://github.com/nwithan8/PlexRecs", "description": "", "stars": "33"}, {"name": "\"I made my own Pseudo TV for Plex with Kodi and Nvidia Shield\"", "url": "https://old.reddit.com/r/PleX/comments/awsvp9/i_made_my_own_pseudo_tv_for_plex_with_kodi_and/ehox9zf/", "description": ""}, {"name": "Varken", "url": "https://github.com/Boerderij/Varken", "description": "", "stars": "1.1k"}], "notes": []}, {"name": "Piracy \u2014 Plex Shares", "entries": [{"name": "/r/plexshares", "url": "https://www.reddit.com/r/plexshares/", "description": ""}, {"name": "Elysium", "url": "https://elysium.to/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Plex Transcoding", "entries": [{"name": "kube-plex", "url": "https://github.com/munnerz/kube-plex", "description": "", "stars": "1.2k"}, {"name": "UnicornTranscoder", "url": "https://github.com/UnicornTranscoder/UnicornTranscoder", "description": "", "stars": "646"}, {"name": "Plex-Remote-Transcoder", "url": "https://github.com/wnielson/Plex-Remote-Transcoder", "description": "", "stars": "640"}, {"name": "nvidia-patch", "url": "https://github.com/keylase/nvidia-patch", "description": "", "stars": "2.1k"}], "notes": []}, {"name": "Piracy \u2014 Plex Logging and Metrics", "entries": [{"name": "Tautulli", "url": "https://tautulli.com/", "description": ""}, {"name": "plexWatch", "url": "https://github.com/ljunkie/plexWatch", "description": "", "stars": "427"}, {"name": "Plex-Data-Collector-For-InfluxDB", "url": "https://github.com/barrycarey/Plex-Data-Collector-For-InfluxDB", "description": "", "stars": "170"}], "notes": []}, {"name": "Piracy \u2014 Plex Clients", "entries": [{"name": "RasPlex", "url": "https://github.com/RasPlex/RasPlex", "description": "", "stars": "645"}, {"name": "PlexConnect", "url": "https://github.com/iBaa/PlexConnect", "description": "", "stars": "1.9k"}, {"name": "go-plex-client", "url": "https://github.com/jrudio/go-plex-client", "description": "", "stars": "123"}, {"name": "/r/Addons4Kodi", "url": "https://www.reddit.com/r/addons4kodi", "description": ""}, {"name": "Seren", "url": "https://www.reddit.com/r/Addons4Kodi/comments/dt4kg2/recommended_addons_november_2019/f6ukyfr?utm_source=share\\&utm_medium=web2x", "description": ""}, {"name": "Recommended Addons - November 2019", "url": "https://www.reddit.com/r/Addons4Kodi/comments/dt4kg2/recommended_addons_november_2019/", "description": ""}, {"name": "Placenta", "url": "http://www.wirelesshack.org/how-to-install-placenta-Kodi-addon.html", "description": ""}, {"name": "Gaia", "url": "https://gaiakodi.com/", "description": ""}, {"name": "Yoda", "url": "http://supremacy.org.uk/zip/repo/", "description": ""}, {"name": "Elementum", "url": "https://elementum.surge.sh/", "description": ""}, {"name": "Tooonmania2", "url": "https://github.com/doko-desuka/doko.repository/releases", "description": "", "stars": "1"}, {"name": "PlexKodiConnect", "url": "https://github.com/croneter/PlexKodiConnect", "description": "", "stars": "1k"}, {"name": "Official Plex Addon", "url": "https://forums.plex.tv/t/installation-instructions/168854", "description": ""}, {"name": "Ultimate Kodi Guide", "url": "https://www.reddit.com/r/Piracy/comments/7wp42u/ultimate_guide_to_install_kodi_popular_streaming/", "description": ""}, {"name": "kodi-headless", "url": "https://hub.docker.com/r/linuxserver/kodi-headless/", "description": ""}, {"name": "Exodus Redux", "url": "https://www.reddit.com/r/Addons4Kodi/comments/9tasx5/requests_recommendations_basics_november_2018/e8uti6w", "description": ""}, {"name": "Sparkle", "url": "https://github.com/iwannabelikemike/plugin.video.sparkle", "description": "", "stars": "41"}, {"name": "Plexus", "url": "http://fusion.tvaddons.co/", "description": ""}, {"name": "Pneumatic", "url": "https://forum.kodi.tv/showthread.php?tid=97657", "description": ""}, {"name": "Python-GoogleDrive-VideoStream", "url": "https://github.com/ddurdle/Python-GoogleDrive-VideoStream", "description": ""}, {"name": "Quasar", "url": "http://quasar.surge.sh", "description": ""}, {"name": "Burst", "url": "http://burst.surge.sh", "description": ""}, {"name": "/r/CrackWatch", "url": "https://reddit.com/r/CrackWatch/", "description": ""}, {"name": "Beginners Guide to Crack Watch", "url": "https://www.reddit.com/r/CrackWatch/comments/a7l141/crack_watch_beginners_guide_to_crack_watch/", "description": ""}, {"name": "GOD scraped URLs", "url": "https://drive.google.com/file/d/17MB0gCcCMr3QqE_CgJkaxmdXtZk61TdZ/view", "description": ""}, {"name": "Free GOG PC Games", "url": "http://freegogpcgames.com/", "description": ""}, {"name": "cs.rin.ru", "url": "https://cs.rin.ru/", "description": ""}, {"name": "SmartSteamEmu", "url": "https://github.com/MAXBURAOT/SmartSteamEmu", "description": "", "stars": "367"}, {"name": "goldberg\\_emulator", "url": "https://gitlab.com/Mr_Goldberg/goldberg_emulator", "description": ""}, {"name": "CreamAPI", "url": "https://cs.rin.ru/forum/viewtopic.php?t=70576", "description": ""}, {"name": "cream-api-autoinstaller", "url": "https://github.com/Douile/cream-api-autoinstaller", "description": ""}, {"name": "CDRomance", "url": "https://cdromance.com/", "description": ""}, {"name": "redump.org", "url": "http://redump.org/", "description": ""}, {"name": "Steamless", "url": "https://github.com/atom0s/Steamless", "description": "", "stars": "1.9k"}, {"name": "MachineGunnur/GOG-Games", "url": "https://github.com/MachineGunnur/GOG-Games", "description": "", "stars": "20"}], "notes": []}, {"name": "Piracy \u2014 Repacks", "entries": [{"name": "FitGirl Repacks", "url": "http://fitgirl-repacks.site/", "description": ""}, {"name": "Xatab Repacks", "url": "https://xatab-repack.net", "description": ""}, {"name": "ElAmigos Games", "url": "https://www.elamigos-games.com/", "description": ""}, {"name": "qoob.name", "url": "http://qoob.name/", "description": ""}, {"name": "Nicoblog", "url": "https://nicoblog.org/", "description": ""}, {"name": "Dark Umbra", "url": "https://darkumbra.net/", "description": ""}, {"name": "Skidrow Repacks", "url": "https://skidrowrepacks.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 ROMs", "entries": [{"name": "Romsmania", "url": "https://romsmania.cc/", "description": ""}, {"name": "Doperoms", "url": "https://www.doperoms.com/", "description": ""}, {"name": "Vimm's Lair", "url": "https://vimm.net/?p=vault", "description": ""}, {"name": "ROM/ISO sites", "url": "http://emulation.gametechwiki.com/index.php/ROM_%26_ISO_Sites", "description": ""}, {"name": "Romulation.net", "url": "https://www.romulation.net/", "description": ""}, {"name": "The Eye ROMs", "url": "http://the-eye.eu/public/rom/", "description": ""}, {"name": "myabandonware", "url": "https://www.myabandonware.com/", "description": ""}, {"name": "Old Games Finder", "url": "http://www.oldgamesfinder.com/", "description": ""}, {"name": "The ROM Depot", "url": "https://theromdepot.com/roms/", "description": ""}, {"name": "Emulator.Games", "url": "https://emulator.games/", "description": ""}, {"name": "\"A simple script for easily downloading emulator.games roms\"", "url": "https://www.reddit.com/r/Piracy/comments/aytutr/a_simple_script_for_easily_downloading/", "description": ""}, {"name": "3DSISO", "url": "http://www.3dsiso.com/", "description": ""}, {"name": "3DSCIA.com", "url": "https://www.3dscia.com/", "description": ""}, {"name": "Ziperto", "url": "https://www.ziperto.com/nintendo/3ds-roms/3ds-cia/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Console Games", "entries": [{"name": "/r/PkgLinks", "url": "https://www.reddit.com/r/PkgLinks/", "description": ""}, {"name": "NoPayStation", "url": "https://nopaystation.com", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Homebrew and Custom Firmware", "entries": [{"name": "3DS Hacks Guide", "url": "https://3ds.hacks.guide/", "description": ""}, {"name": "/r/3dshacks", "url": "https://www.reddit.com/r/3dshacks", "description": ""}, {"name": "/r/WiiHacks", "url": "https://www.reddit.com/r/WiiHacks/", "description": ""}, {"name": "/r/WiiUHacks", "url": "https://www.reddit.com/r/WiiUHacks", "description": ""}, {"name": "/r/vitahacks", "url": "https://www.reddit.com/r/vitahacks/", "description": ""}, {"name": "/r/ps4homebrew", "url": "https://www.reddit.com/r/ps4homebrew", "description": ""}, {"name": "/r/SwitchHaxing", "url": "https://www.reddit.com/r/SwitchHaxing", "description": ""}, {"name": "/r/SwitchHacks", "url": "https://www.reddit.com/r/SwitchHacks", "description": ""}, {"name": "/r/ps3homebrew", "url": "https://www.reddit.com/r/ps3homebrew/", "description": ""}, {"name": "/r/YuzuPiracy", "url": "https://www.reddit.com/r/YuzuPiracy", "description": ""}, {"name": "/r/VitaPiracy", "url": "https://www.reddit.com/r/VitaPiracy/", "description": ""}, {"name": "MOOVAL", "url": "https://www.mooval.de/", "description": ""}, {"name": "Madsonic", "url": "https://www.madsonic.org/", "description": ""}, {"name": "MusicBrainz", "url": "https://musicbrainz.org/", "description": ""}, {"name": "airsonic", "url": "https://airsonic.github.io/", "description": ""}, {"name": "Beets", "url": "http://beets.io/", "description": ""}, {"name": "gonic", "url": "https://github.com/sentriz/gonic", "description": "", "stars": "1.1k"}, {"name": "LibreSonic", "url": "https://github.com/Libresonic/libresonic", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Music Streaming", "entries": [{"name": "Muxiv Music", "url": "https://muxiv.com/", "description": ""}, {"name": "Hikarinoakariost", "url": "https://hikarinoakariost.info/", "description": ""}, {"name": "mp3Clan", "url": "http://mp3guild.com/", "description": ""}, {"name": "GoSong", "url": "https://gosong.unblocked.gdn/", "description": ""}, {"name": "MP3Juices", "url": "https://mp3juices.unblocked.gdn/", "description": ""}, {"name": "mp3.li", "url": "http://mp3li.unblckd.club", "description": ""}, {"name": "SongsPK", "url": "https://songs-pk.in/", "description": ""}, {"name": "datmusic", "url": "https://datmusic.xyz/", "description": ""}, {"name": "MusicPleer", "url": "https://musicpleer.la/", "description": ""}, {"name": "slider.kz", "url": "http://slider.kz/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Music Downloading", "entries": [{"name": "Soulseek", "url": "http://www.soulseekqt.net/news/", "description": ""}, {"name": "irs", "url": "https://github.com/kepoorhampond/irs", "description": "", "stars": "368"}, {"name": "Deezloader Remaster", "url": "https://www.reddit.com/r/DeezloadersIsBack/comments/9n3pf1/deezloader_alpha_latest_version_download10102018/", "description": ""}, {"name": "Deezloader Remix", "url": "https://notabug.org/RemixDevs/DeezloaderRemix", "description": ""}, {"name": "/r/DeezloaderIsBack", "url": "https://www.reddit.com/r/DeezloadersIsBack", "description": ""}, {"name": "Deemix", "url": "https://codeberg.org/RemixDev/deemix", "description": ""}, {"name": "/r/deemix", "url": "https://www.reddit.com/r/deemix", "description": ""}, {"name": "New Album Releases", "url": "http://newalbumreleases.net/", "description": ""}, {"name": "KHInsider", "url": "https://downloads.khinsider.com/", "description": ""}, {"name": "VGMLoader", "url": "https://github.com/TheLastZombie/VGMLoader", "description": "", "stars": "60"}, {"name": "Free MPS Download.net", "url": "https://free-mp3-download.net/", "description": ""}, {"name": "chimera", "url": "https://notabug.org/Aesir/chimera", "description": ""}, {"name": "YouTube to MP3", "url": "https://ytformp3.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Spotify", "entries": [{"name": "Get rid of Spotify ads", "url": "https://www.reddit.com/r/Piracy/comments/9jvlf8/get_rid_of_spotify_adsbannerslimited_skips_and/", "description": ""}, {"name": "Spotify AdBlock Host file", "url": "https://www.reddit.com/r/Piracy/comments/9tcbvc/spotify_adblock_host_file_uptodate_effective/", "description": ""}, {"name": "EZBlocker", "url": "https://github.com/Xeroday/Spotify-Ad-Blocker/", "description": "", "stars": "1.8k"}, {"name": "BlockTheSpot", "url": "https://github.com/mrpond/BlockTheSpot", "description": "", "stars": "6.3k"}, {"name": "Spytify", "url": "https://jwallet.github.io/spy-spotify/", "description": ""}, {"name": "Spotify modded APK", "url": "https://forum.mobilism.org/viewtopic.php?f=1332\\&t=2950704", "description": ""}, {"name": "Downtify", "url": "https://github.com/eviabs/downtify-premium", "description": "", "stars": "336"}], "notes": []}, {"name": "Piracy \u2014 iTunes", "entries": [{"name": "TunesKit", "url": "https://www.tuneskit.com/", "description": ""}, {"name": "Requiem", "url": "https://digiex.net/threads/requiem-4-1-remove-itunes-drm-fairplay-from-music-video-and-books.11796/", "description": ""}, {"name": "How to Remove DRM From iTunes Movies and TV Shows", "url": "https://www.howtogeek.com/291612/how-to-remove-drm-from-itunes-movies-and-tv-shows/", "description": ""}, {"name": "Plus Premieres", "url": "https://www.pluspremieres.eu/", "description": ""}, {"name": "forked-daapd", "url": "https://ejurgensen.github.io/forked-daapd/", "description": ""}, {"name": "/r/piracy/wiki/tools", "url": "https://www.reddit.com/r/piracy/wiki/tools", "description": ""}, {"name": "nsane.down", "url": "https://www.nsanedown.com/", "description": ""}, {"name": "CrackingPatching.com", "url": "https://crackingpatching.com/", "description": ""}, {"name": "Appked", "url": "https://www.macbed.com/", "description": ""}, {"name": "Team-OS HKRG", "url": "https://www.teamos-hkrg.com/index.php", "description": ""}, {"name": "CracksNow", "url": "https://cracksnow.com/", "description": ""}, {"name": "Nulled", "url": "https://www.nulled.to/", "description": ""}, {"name": "/s/sjain\\_guides", "url": "https://saidit.net/s/sjain_guides", "description": ""}, {"name": "My Digital Life Forums", "url": "https://forums.mydigitallife.net/", "description": ""}, {"name": "Pro Design Tools", "url": "https://prodesigntools.com", "description": ""}, {"name": "ShareAppsCrack", "url": "https://shareappscrack.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Adobe CC", "entries": [{"name": "Adobe CC 2019/2020 AIO Patcher", "url": "https://cracked.to/Thread-Cracked-CRACK-ADOBE-CC-2019-2020-GENP-V2-7", "description": ""}, {"name": "Adobe Master Collector", "url": "https://saidit.net/s/sjain_guides/wiki/downloads#wiki_adobe_master_collector.3A", "description": ""}, {"name": "Adobe CC 2018", "url": "https://saidit.net/s/sjain_guides/comments/9oz/adobe_cc_2018_full_indepth_guide_to_installing/", "description": ""}, {"name": "Adobe Zii 4.0.3", "url": "https://www.reddit.com/r/Piracy/comments/9v7tr6/adobe_zii_403_released_now_includes_incopy/", "description": ""}, {"name": "Adobe Acrobat Pro DC", "url": "https://saidit.net/s/sjain_guides/comments/9p5/adobe_acrobat_pro_dc_full_indepth_guide_to/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Windows", "entries": [{"name": "/f/MSToolkit", "url": "https://raddle.me/f/MSToolkit", "description": ""}, {"name": "Windows 10 Digital License", "url": "https://www.nsaneforums.com/topic/316668-microsoft-activation-scripts/", "description": ""}, {"name": "How to download and install Windows 10 LTSB", "url": "https://www.reddit.com/r/Piracy/comments/8pfnun/how_to_download_and_install_windows_10_ltsb/", "description": ""}, {"name": "TechBench", "url": "https://tb.rg-adguard.net/public.php", "description": ""}, {"name": "Windows 10 Digital License (HWID) & KMS38 Generation", "url": "https://web.archive.org/web/20190114172332/https://www.reddit.com/r/s1ave77_library/comments/9o13fq/windows_10_digital_license_hwid_kms38_generation/", "description": ""}, {"name": "BookStack", "url": "https://www.bookstackapp.com/", "description": ""}, {"name": "Ubooquity", "url": "http://vaemendis.net/ubooquity/", "description": ""}, {"name": "COPS", "url": "https://github.com/seblucas/cops", "description": "", "stars": "1.3k"}, {"name": "b-ok", "url": "http://b-ok.xyz/", "description": ""}, {"name": "The idiot-proof guide to downloading ebooks off IRC", "url": "https://www.reddit.com/r/Piracy/comments/2oftbu/guide_the_idiot_proof_guide_to_downloading_ebooks/", "description": ""}, {"name": "Guide to Copy Kindle Content to PDF using Calibre", "url": "https://www.reddit.com/r/Piracy/comments/bm837l/guide_to_copy_kindle_content_to_pdf_using_calibre/", "description": ""}, {"name": "Apprentice Alf's Blog", "url": "https://apprenticealf.wordpress.com/", "description": ""}, {"name": "Calibre", "url": "https://calibre-ebook.com/", "description": ""}, {"name": "Calibre-Web", "url": "https://github.com/janeczku/calibre-web", "description": "", "stars": "9.3k"}, {"name": "Custom Search Engine", "url": "https://cse.google.com/cse?cx=000661023013169144559:a1-kkiboeco", "description": ""}, {"name": "Exploring over 1,800 Calibre ebook servers", "url": "https://blog.chrisbonk.ca/2018/12/knowledge-is-power-exploring-over-1800.html?m=1", "description": ""}, {"name": "DeDRM\\_tools", "url": "https://github.com/apprenticeharper/DeDRM_tools", "description": "", "stars": "14k"}, {"name": "ReadAnyBook", "url": "https://readanybook.com/", "description": ""}, {"name": "PDFdrive", "url": "http://pdfdrive.com", "description": ""}, {"name": "Memory of the world", "url": "http://library.memoryoftheworld.org", "description": ""}, {"name": "PDF Giant", "url": "http://pdf-giant.com/", "description": ""}, {"name": "MagazineLib", "url": "https://magazinelib.com/", "description": ""}, {"name": "LibGen", "url": "https://libgen.fun/", "description": ""}, {"name": "Sci-Hub", "url": "https://sci-hub.se/", "description": ""}, {"name": "BookSC", "url": "http://booksc.org/", "description": ""}, {"name": "Academic Torrents", "url": "http://academictorrents.com/", "description": ""}, {"name": "All IT eBooks", "url": "http://www.allitebooks.com/", "description": ""}, {"name": "it-ebooks", "url": "http://it-ebooks.info", "description": ""}, {"name": "PDF/Ebook trackers for college textbooks", "url": "https://www.reddit.com/r/trackers/comments/hrgmv/tracker_with_pdfsebooks_of_college_textbooks/c1xrq44/", "description": ""}, {"name": "How to \"rent\" your textbooks for free from Amazon", "url": "https://www.reddit.com/r/Piracy/comments/3ma9qe/guide_how_to_rent_your_textbooks_for_free_from/", "description": ""}, {"name": "Guide for Finding Textbooks", "url": "https://www.reddit.com/r/Piracy/comments/3i9y7n/guide_for_finding_textbooks/", "description": ""}, {"name": "forcoder", "url": "https://forcoder.su/", "description": ""}, {"name": "CourseClub", "url": "https://courseclub.me/", "description": ""}, {"name": "FreeCourseSite", "url": "https://freecoursesite.com/", "description": ""}, {"name": "FreeTutorials.eu", "url": "https://www.freetutorials.eu/", "description": ""}, {"name": "Gigacourse", "url": "https://gigacourse.com/", "description": ""}, {"name": "Desire Course", "url": "https://desirecourse.net/", "description": ""}, {"name": "GFXDomain.net Tutorials board", "url": "http://forum.gfxdomain.net/forums/others-tutorials.42/", "description": ""}, {"name": "tpget", "url": "https://github.com/0x6a73/tpget", "description": ""}, {"name": "udemy-downloader-gui", "url": "https://github.com/FaisalUmair/udemy-downloader-gui", "description": "", "stars": "5.9k"}, {"name": "tut4dl", "url": "https://tut4dl.com/", "description": ""}, {"name": "AudioBook Bay", "url": "http://audiobookbay.nl/", "description": ""}, {"name": "AAXtoMP3", "url": "https://github.com/KrumpetPirate/AAXtoMP3", "description": "", "stars": "1.1k"}, {"name": "Booksonic", "url": "http://booksonic.org/", "description": ""}, {"name": "The Eye /public/AudioBooks", "url": "http://the-eye.eu/public/AudioBooks/", "description": ""}, {"name": "AudioBooks.Cloud", "url": "https://audiobooks.cloud/", "description": ""}, {"name": "Tokybook", "url": "https://tokybook.com/", "description": ""}, {"name": "Kindle Comic Converter", "url": "https://kcc.iosphe.re/", "description": ""}, {"name": "readcomiconline.to", "url": "https://readcomiconline.to/", "description": ""}, {"name": "Readcomicbooksonline", "url": "https://readcomicbooksonline.org/", "description": ""}, {"name": "Comic Extra", "url": "https://www.comicextra.com/", "description": ""}, {"name": "GetComics", "url": "https://getcomics.info/", "description": ""}, {"name": "Gazee!", "url": "https://hub.docker.com/r/linuxserver/gazee/", "description": ""}, {"name": "Comix-Load", "url": "https://comix-load.in/", "description": ""}, {"name": "Omnibus", "url": "https://github.com/fireshaper/Omnibus", "description": "", "stars": "158"}, {"name": "MangaDex", "url": "https://www.mangadex.org/", "description": ""}, {"name": "/r/manga", "url": "https://www.reddit.com/r/manga", "description": ""}, {"name": "Madokami", "url": "https://manga.madokami.al/", "description": ""}, {"name": "Madokami 0-E", "url": "https://archive.org/download/Madokami.Manga.0-E", "description": ""}, {"name": "Madokami F-K", "url": "https://archive.org/download/Madokami.Manga.F-K", "description": ""}, {"name": "Madokami L-Q", "url": "https://archive.org/download/Madokami.Manga.L-Q", "description": ""}, {"name": "Madokami R-Z", "url": "https://archive.org/download/Madokami.Manga.R-Z", "description": ""}, {"name": "Madokami novels, raws and artbooks", "url": "https://archive.org/download/Madokami.NotManga", "description": ""}, {"name": "Tachiyomi", "url": "https://tachiyomi.org/", "description": ""}, {"name": "MangaZone", "url": "http://mangazoneapp.com/", "description": ""}, {"name": "NineAnime", "url": "https://www.nineanime.com/", "description": ""}, {"name": "Free Manga Downloader (FMD)", "url": "https://github.com/fmd-project-team/FMD", "description": "", "stars": "269"}, {"name": "HakuNeko", "url": "https://github.com/manga-download/hakuneko", "description": "", "stars": "3.4k"}, {"name": "/r/Documentaries", "url": "https://www.reddit.com/r/documentaries", "description": ""}, {"name": "My big list of documentary sites (streaming and download)", "url": "https://www.reddit.com/r/Documentaries/comments/h9pu7/my_big_list_of_documentary_sites_streaming_and/", "description": ""}, {"name": "DocuWiki.net", "url": "http://docuwiki.net/index.php?title=Main_Page", "description": ""}, {"name": "MVGroup", "url": "http://forums.mvgroup.org/", "description": ""}, {"name": "Documentary Addict", "url": "https://documentaryaddict.com/", "description": ""}, {"name": "iHaveNoTv", "url": "https://ihavenotv.com/", "description": ""}, {"name": "Web4Sync", "url": "https://web4sync.com/", "description": ""}, {"name": "GFXDomain", "url": "http://forum.gfxdomain.net/", "description": ""}, {"name": "GFxtra", "url": "https://www.gfxtra.com/", "description": ""}, {"name": "GraphicEx", "url": "https://graphicex.com/", "description": ""}, {"name": "Tomato.to", "url": "https://tomato.to/", "description": ""}, {"name": "How to download paid fonts for free", "url": "https://www.reddit.com/r/Piracy/comments/8tqfg6/how_to_download_paid_fonts_for_free/", "description": ""}, {"name": "gallery-dl", "url": "https://github.com/mikf/gallery-dl", "description": "", "stars": "7.6k"}, {"name": "FlexGet", "url": "https://flexget.com/", "description": ""}, {"name": "Pulsarr", "url": "https://github.com/roboticsound/Pulsarr", "description": "", "stars": "178"}, {"name": "Bonarr", "url": "https://github.com/klassicstudios/Bonarr", "description": "", "stars": "137"}, {"name": "traktarr", "url": "https://github.com/l3uddz/traktarr", "description": "", "stars": "520"}, {"name": "Mylar", "url": "https://github.com/evilhero/mylar", "description": "", "stars": "977"}, {"name": "LazyLibrarian", "url": "https://github.com/DobyTang/LazyLibrarian", "description": "", "stars": "727"}, {"name": "CloudBox", "url": "https://cloudbox.works/", "description": ""}, {"name": "Piracy and automation, an overview", "url": "https://docs.google.com/document/d/1TwUrRj982WlWUhrxvMadq6gdH0mPW0CGtHsTOFWprCo/edit", "description": ""}, {"name": "Nefarious", "url": "https://lardbit.github.io/nefarious/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 TV Automation", "entries": [{"name": "Sonarr", "url": "https://github.com/Sonarr/Sonarr", "description": "", "stars": "8.7k"}, {"name": "SickRage", "url": "https://github.com/SiCKRAGE/SiCKRAGE", "description": "", "stars": "1.5k"}, {"name": "SickChill", "url": "https://sickchill.github.io/", "description": ""}, {"name": "SickBeard", "url": "http://sickbeard.com/", "description": ""}, {"name": "SickGear", "url": "https://github.com/SickGear/SickGear", "description": "", "stars": "599"}, {"name": "Medusa", "url": "https://pymedusa.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Movie Automation", "entries": [{"name": "Radarr", "url": "https://radarr.video/", "description": ""}, {"name": "RadarrSync", "url": "https://github.com/Sperryfreak01/RadarrSync", "description": "", "stars": "117"}, {"name": "CouchPotato", "url": "https://github.com/CouchPotato/CouchPotatoServer", "description": "", "stars": "3.9k"}, {"name": "Watcher", "url": "https://github.com/nosmokingbandit/Watcher3", "description": "", "stars": "278"}], "notes": []}, {"name": "Piracy \u2014 Music Automation", "entries": [{"name": "betanin", "url": "https://github.com/sentriz/betanin", "description": "", "stars": "230"}, {"name": "Lidarr", "url": "https://github.com/lidarr/Lidarr", "description": "", "stars": "2.8k"}, {"name": "Headphones", "url": "https://github.com/rembo10/headphones", "description": "", "stars": "3.2k"}], "notes": []}, {"name": "Piracy \u2014 Subtitles Automation", "entries": [{"name": "Bazarr", "url": "https://github.com/morpheus65535/bazarr", "description": "", "stars": "2.1k"}, {"name": "autosub", "url": "https://github.com/agermanidis/autosub", "description": "", "stars": "4k"}, {"name": "nzb-subliminal", "url": "https://github.com/caronc/nzb-subliminal", "description": "", "stars": "90"}, {"name": "subsync", "url": "https://github.com/smacke/subsync", "description": "", "stars": "6k"}, {"name": "vlsub", "url": "https://github.com/exebetche/vlsub", "description": "", "stars": "1.3k"}, {"name": "eDonkey network", "url": "https://en.wikipedia.org/wiki/EDonkey_network", "description": ""}, {"name": "Gnutella", "url": "https://en.wikipedia.org/wiki/Gnutella", "description": ""}, {"name": "FastTrack", "url": "https://en.wikipedia.org/wiki/FastTrack", "description": ""}, {"name": "Napster", "url": "https://en.wikipedia.org/wiki/Napster", "description": ""}, {"name": "Peer-to-peer file sharing", "url": "https://en.wikipedia.org/wiki/Peer-to-peer_file_sharing", "description": ""}, {"name": "IPFS - Distributed Web", "url": "https://en.wikipedia.org/wiki/InterPlanetary_File_System", "description": ""}, {"name": "Kad", "url": "https://en.wikipedia.org/wiki/Kad_network", "description": ""}, {"name": "Handbrake", "url": "https://handbrake.fr/", "description": ""}, {"name": "MakeMKV", "url": "http://www.makemkv.com/", "description": ""}, {"name": "ffmpeg", "url": "https://ffmpeg.org/", "description": ""}, {"name": "sickbeard\\_mp4\\_automator", "url": "https://github.com/mdhiggins/sickbeard_mp4_automator", "description": "", "stars": "1.4k"}, {"name": "Automatic Ripping Machine", "url": "https://b3n.org/automatic-ripping-machine/", "description": ""}, {"name": "DVD Decrypter", "url": "http://dvddecrypter.org.uk/", "description": ""}, {"name": "DVDFab", "url": "https://www.dvdfab.cn/", "description": ""}, {"name": "The Encoding Guide", "url": "https://encoding-guide.neocities.org/", "description": ""}, {"name": "google-drive-ocamlfuse", "url": "https://github.com/astrada/google-drive-ocamlfuse", "description": "", "stars": "5.1k"}, {"name": "rclone", "url": "https://rclone.org/", "description": ""}, {"name": "plexdrive", "url": "https://github.com/dweidenfeld/plexdrive", "description": "", "stars": "1.7k"}, {"name": "/r/PlexACD", "url": "https://www.reddit.com/r/PlexACD/", "description": ""}, {"name": "rclone-gdrive", "url": "https://bytesized-hosting.com/pages/rclone-gdrive", "description": ""}, {"name": "Connect Your Plex Server To Your Google Drive", "url": "https://bytesized-hosting.com/pages/plexdrive", "description": ""}, {"name": "RcloneBrowser", "url": "https://martins.ninja/RcloneBrowser/", "description": ""}, {"name": "UDS", "url": "https://github.com/stewartmcgown/uds", "description": "", "stars": "4.3k"}, {"name": "Comparison of file hosting services", "url": "https://en.wikipedia.org/wiki/Comparison_of_file_hosting_services", "description": ""}, {"name": "Cloud storage table", "url": "https://nafanz.github.io/cloudstorage.html", "description": ""}, {"name": "FileBot", "url": "https://www.filebot.net/", "description": ""}, {"name": "filebot-node", "url": "https://github.com/filebot/filebot-node", "description": "", "stars": "58"}, {"name": "docker-filebot", "url": "https://github.com/coppit/docker-filebot", "description": "", "stars": "33"}, {"name": "MediaMonkey", "url": "https://www.mediamonkey.com/", "description": ""}, {"name": "MP3TAG", "url": "https://www.mp3tag.de/en/", "description": ""}, {"name": "Picard", "url": "https://picard.musicbrainz.org/", "description": ""}, {"name": "Beets", "url": "https://github.com/beetbox/beets", "description": "", "stars": "12k"}, {"name": "Metatogger", "url": "https://www.luminescence-software.org/en/metatogger.html", "description": ""}, {"name": "MediaInfo", "url": "https://mediaarea.net/en/MediaInfo", "description": ""}, {"name": "iFlicks2", "url": "https://iflicksapp.com/", "description": ""}, {"name": "MediaElch", "url": "https://www.kvibes.de/mediaelch/", "description": ""}, {"name": "/r/datacurator", "url": "https://www.reddit.com/r/datacurator/", "description": ""}, {"name": "AdAway", "url": "https://adaway.org/", "description": ""}, {"name": "NewPipe", "url": "https://newpipe.schabi.org/", "description": ""}, {"name": "nzb360", "url": "http://nzb360.com/", "description": ""}, {"name": "Ombi", "url": "https://play.google.com/store/apps/details?id=com.tidusjar.Ombi", "description": ""}, {"name": "Tautulli Remote", "url": "https://play.google.com/store/apps/details?id=com.williamcomartin.plexpyremote", "description": ""}, {"name": "MyJDownloader", "url": "https://play.google.com/store/apps/details?id=org.appwork.myjdandroid\\&hl=en_US", "description": ""}, {"name": "FilePursuit Pro", "url": "https://play.google.com/store/apps/details?id=com.filepursuit.filepursuitpro", "description": ""}, {"name": "YMusic", "url": "https://forum.xda-developers.com/android/apps-games/app-youtube-music-sound-stream-youtubes-t3399722", "description": ""}, {"name": "Cygery AdSkip for YouTube", "url": "https://labs.xda-developers.com/store/app/com.cygery.adskip.xda", "description": ""}, {"name": "Blokada", "url": "https://blokada.org", "description": ""}, {"name": "Tachiyomi", "url": "https://github.com/inorichi/tachiyomi", "description": "", "stars": "23k"}, {"name": "4PDA.ru", "url": "http://4pda.ru/forum/index.php?act=idx", "description": ""}, {"name": "AnYme", "url": "https://github.com/zunjae/anYme", "description": "", "stars": "1.1k"}, {"name": "Perfect Player", "url": "https://play.google.com/store/apps/details?id=com.niklabs.pp", "description": ""}, {"name": "\"My little guide for piracy on iPhone\"", "url": "https://www.reddit.com/r/Piracy/comments/ajkeq2/my_little_guide_for_piracy_on_iphone/", "description": ""}, {"name": "nzbUnity", "url": "https://nzbunity.dozenzb.com/", "description": ""}, {"name": "TiviMate IPTV player", "url": "https://play.google.com/store/apps/details?id=ar.tvplayer.tv", "description": ""}, {"name": "Fildo", "url": "https://fildo.net/android/en/#", "description": ""}, {"name": "YouTube Vanced", "url": "https://vancedapp.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Streaming Apps", "entries": [{"name": "MediaBox HD", "url": "https://mediaboxhd.net", "description": ""}, {"name": "Kokotime", "url": "https://www.kokotime.tv/", "description": ""}, {"name": "Mobdro", "url": "https://forum.mobilism.org/viewtopic.php?f=429\\&t=2720792\\&hilit=mobdro", "description": ""}, {"name": "Cinema", "url": "https://forum.mobilism.org/viewtopic.php?t=2786441", "description": ""}, {"name": "Fildo", "url": "https://fildo.net/android/en/", "description": ""}, {"name": "TeaTV", "url": "https://teatv.net/", "description": ""}, {"name": "Anim\u00e9Glare", "url": "https://animeglare.xyz/", "description": ""}, {"name": "Anim\u00e9Vibe", "url": "http://animevibe.tv/", "description": ""}, {"name": "ApolloTV", "url": "https://apollotv.xyz/", "description": ""}, {"name": "BeeTV", "url": "http://beetvapk.me/", "description": ""}, {"name": "Cinema", "url": "https://cinemaapk.com/", "description": ""}, {"name": "CKayTV", "url": "http://ckaytv.com/", "description": ""}, {"name": "Cyberflix", "url": "https://cybercloud.media/", "description": ""}, {"name": "DreamTV", "url": "http://dream-tv.xyz/", "description": ""}, {"name": "Morph TV", "url": "http://titaniumtv.xyz/Morph2.apk", "description": ""}, {"name": "PhoenixTV", "url": "https://tinyurl.com/y7z5zct8", "description": ""}, {"name": "TitaniumTV", "url": "http://titaniumtv.xyz/", "description": ""}, {"name": "TVZion", "url": "https://tvzionapp.live/", "description": ""}, {"name": "UnlockMyTV", "url": "https://unlockmytv.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 Torrent Apps", "entries": [{"name": "Transdrone", "url": "https://play.google.com/store/apps/details?id=org.transdroid.lite", "description": ""}, {"name": "Flud", "url": "https://play.google.com/store/apps/details?id=com.delphicoder.flud\\&hl=en", "description": ""}, {"name": "BiglyBT", "url": "https://f-droid.org/packages/com.biglybt.android.client/", "description": ""}, {"name": "LibreTorrent", "url": "https://f-droid.org/en/packages/org.proninyaroslav.libretorrent/", "description": ""}, {"name": "Vuze", "url": "https://play.google.com/store/apps/details?id=com.vuze.torrent.downloader", "description": ""}, {"name": "aTorrent", "url": "https://play.google.com/store/apps/details?id=com.mobilityflow.torrent", "description": ""}, {"name": "Trireme", "url": "https://www.f-droid.org/en/packages/org.deluge.trireme/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 APKs", "entries": [{"name": "Aptoide", "url": "https://en.aptoide.com/", "description": ""}, {"name": "F-Droid", "url": "https://f-droid.org/fr/", "description": ""}, {"name": "Yalp Store", "url": "https://github.com/yeriomin/YalpStore", "description": "", "stars": "2.2k"}, {"name": "Mobilism Forum", "url": "https://forum.mobilism.org/index.php", "description": ""}, {"name": "On HAX", "url": "https://onhax.me/", "description": ""}, {"name": "APKMirror", "url": "https://www.apkmirror.com/", "description": ""}, {"name": "ApkPure", "url": "https://apkpure.com/", "description": ""}, {"name": "ACMARKET", "url": "https://acmarket.net/", "description": ""}, {"name": "BlackMod", "url": "https://blackmod.net/", "description": ""}, {"name": "Android Zone", "url": "https://android-zone.ws/", "description": ""}, {"name": "RevDl", "url": "https://www.revdl.com/", "description": ""}, {"name": "/r/ApksApps", "url": "https://www.reddit.com/r/apksapps", "description": ""}, {"name": "/r/moddedandroidapps", "url": "https://www.reddit.com/r/moddedandroidapps", "description": ""}, {"name": "IndexOutOfBounds Store", "url": "https://store.ioob.pw/", "description": ""}, {"name": "Aurora OSS", "url": "https://gitlab.com/AuroraOSS/AuroraStore", "description": ""}, {"name": "AuroraDroid", "url": "https://gitlab.com/AuroraOSS/auroradroid", "description": ""}, {"name": "The Ratio", "url": "https://discordapp.com/invite/wab3Qag", "description": ""}, {"name": "DoujinStyle", "url": "https://discord.gg/z2QDFdA", "description": ""}, {"name": "The Eye", "url": "https://discordapp.com/invite/py3kX3Z", "description": ""}, {"name": "PlayStation Homebrew", "url": "https://discord.gg/JJnvEN8", "description": ""}, {"name": "Snahp.it", "url": "https://discord.gg/ypyKZCj", "description": ""}, {"name": "WarezNX", "url": "https://discord.gg/d6xxuPq", "description": ""}, {"name": "/hbg/ Homebrew General", "url": "https://discord.io/homebrew", "description": ""}, {"name": "/r/soccerstreams", "url": "https://discord.gg/geyTtth", "description": ""}, {"name": "APK'S 2 Day", "url": "https://discord.gg/2qWqzN8", "description": ""}, {"name": "iptv-org/iptv", "url": "https://github.com/iptv-org/iptv", "description": "", "stars": "65k"}, {"name": "telly", "url": "https://github.com/tellytv/telly", "description": "", "stars": "686"}, {"name": "tvheadend", "url": "https://github.com/tvheadend/tvheadend", "description": "", "stars": "2.4k"}, {"name": "/r/IPTV", "url": "https://www.reddit.com/r/IPTV", "description": ""}, {"name": "/r/iptvresellers", "url": "https://www.reddit.com/r/IPTVresellers", "description": ""}, {"name": "/r/IPTVReviews", "url": "https://www.reddit.com/r/IPTVreviews", "description": ""}, {"name": "MythTV", "url": "https://www.mythtv.org/", "description": ""}, {"name": "allsprk.tv", "url": "https://stream.allsprk.tv", "description": ""}, {"name": "UlstreaMix", "url": "https://ssl.ustreamix.com/", "description": ""}, {"name": "Xtream Editor", "url": "http://www.xtream-editor.com/", "description": ""}, {"name": "xTeVe", "url": "https://xteve.de/", "description": ""}, {"name": "STBEmulator", "url": "http://rocketstreams.tv/stbemu", "description": ""}, {"name": "IPTV Community", "url": "https://iptv.community/", "description": ""}, {"name": "antennas", "url": "https://github.com/TheJF/antennas", "description": "", "stars": "260"}, {"name": "IPTV Providers list", "url": "https://docs.google.com/spreadsheets/d/1ehpk3OCkqj4QgF71v410avGpGC5bQ_lOLl5ppRb3Q9s/edit", "description": ""}, {"name": "fastocloud", "url": "https://github.com/fastogt/fastocloud", "description": "", "stars": "76"}], "notes": []}, {"name": "Piracy \u2014 Acestreams", "entries": [{"name": "acestream.org", "url": "http://acestream.org/", "description": ""}, {"name": "AceStreamSearch", "url": "https://acestreamsearch.com/en/", "description": ""}, {"name": "aceproxy", "url": "https://github.com/ValdikSS/aceproxy", "description": "", "stars": "194"}, {"name": "iktason/aceproxy", "url": "https://hub.docker.com/r/ikatson/aceproxy/", "description": ""}, {"name": "XDCC Tutorial", "url": "http://theloadguru.com/xdcc-irc-beginners-guide/", "description": ""}, {"name": "XDCC", "url": "https://en.wikipedia.org/wiki/XDCC", "description": ""}, {"name": "ZNC", "url": "https://github.com/znc/znc", "description": "", "stars": "1.9k"}], "notes": []}, {"name": "Piracy \u2014 IRC Clients", "entries": [{"name": "weechat", "url": "https://github.com/weechat/weechat", "description": "", "stars": "2.7k"}, {"name": "irssi", "url": "https://irssi.org/", "description": ""}, {"name": "HexChat", "url": "https://hexchat.github.io/", "description": ""}, {"name": "KVIrc", "url": "https://github.com/kvirc/KVIrc", "description": "", "stars": "208"}, {"name": "mIRC", "url": "https://www.mirc.com/", "description": ""}, {"name": "Shout", "url": "https://github.com/erming/shout", "description": "", "stars": "3.7k"}, {"name": "Kiwi IRC", "url": "https://kiwiirc.com/", "description": ""}, {"name": "TheLounge", "url": "https://hub.docker.com/r/linuxserver/thelounge/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 IRC Networks", "entries": [{"name": "irc.p2p-network.net", "url": "https://p2p-network.net/", "description": ""}, {"name": "p2p-network.net channel list", "url": "https://search.mibbit.com/channels/p2p-network", "description": ""}, {"name": "Orpheus", "url": "https://orpheus.network/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 IRC Search Engines", "entries": [{"name": "xWeasel", "url": "http://xweasel.org", "description": ""}, {"name": "ixIRC", "url": "https://ixirc.com/", "description": ""}, {"name": "SunXDCC", "url": "http://sunxdcc.com/", "description": ""}, {"name": "xdcc.eu", "url": "http://www.xdcc.eu/", "description": ""}, {"name": "Direct Connect (protocol)", "url": "https://en.wikipedia.org/wiki/Direct_Connect_\\(protocol\\", "description": ""}, {"name": "DC++", "url": "https://en.wikipedia.org/wiki/DC%2B%2B", "description": ""}, {"name": "AirDC++", "url": "https://www.airdcpp.net/", "description": ""}, {"name": "FlylinkDC++", "url": "http://www.flylinkdc.com/", "description": ""}, {"name": "EiskaltDC++", "url": "https://github.com/eiskaltdcpp/eiskaltdcpp", "description": "", "stars": "346"}, {"name": "LinuxDC++", "url": "https://launchpad.net/linuxdcpp", "description": ""}, {"name": "Tankafett", "url": "http://tankafett.biz/?do=hublist", "description": ""}, {"name": "Linux DC++", "url": "https://launchpad.net/linuxdcpp", "description": ""}, {"name": "/r/fullmoviesonyoutube", "url": "https://www.reddit.com/r/fullmoviesonyoutube/", "description": ""}, {"name": "/r/fullmovierequest", "url": "https://www.reddit.com/r/fullmovierequest/", "description": ""}, {"name": "/r/Fullmoviesonvimeo", "url": "https://www.reddit.com/r/Fullmoviesonvimeo/", "description": ""}, {"name": "/r/fulltvshowsonyoutube", "url": "https://www.reddit.com/r/fulltvshowsonyoutube/", "description": ""}, {"name": "/r/fulltvshowsonvimeo", "url": "https://www.reddit.com/r/fulltvshowsonvimeo/", "description": ""}, {"name": "/r/fullcartoonsonyoutube", "url": "https://www.reddit.com/r/fullcartoonsonyoutube/", "description": ""}, {"name": "/r/FullLengthFilms", "url": "https://www.reddit.com/r/FullLengthFilms/", "description": ""}, {"name": "/r/FullMoviesDailyMotion", "url": "https://www.reddit.com/r/FullMoviesDailyMotion", "description": ""}, {"name": "/r/1080pMoviesOnline", "url": "https://www.reddit.com/r/1080pMoviesOnline", "description": ""}, {"name": "fullmoviesandtv multireddit", "url": "https://www.reddit.com/user/Wiggly_Poop/m/fullmoviesandtv/", "description": ""}, {"name": "TorrentFreak", "url": "https://torrentfreak.com", "description": ""}, {"name": "TechWorm", "url": "https://www.techworm.net", "description": ""}, {"name": "Trakt.tv", "url": "https://trakt.tv/", "description": ""}, {"name": "IMDb", "url": "https://www.imdb.com/", "description": ""}, {"name": "Movieo", "url": "https://movieo.me/", "description": ""}, {"name": "MetaCritic", "url": "https://www.metacritic.com", "description": ""}, {"name": "popular-movies", "url": "https://github.com/sjlu/popular-movies", "description": "", "stars": "317"}, {"name": "Letterboxd", "url": "https://letterboxd.com/", "description": ""}, {"name": "Squawkr.io", "url": "https://www.squawkr.io/", "description": ""}, {"name": "What is my movie?", "url": "https://www.whatismymovie.com/", "description": ""}, {"name": "2160p BluRay Remux List", "url": "https://docs.google.com/spreadsheets/d/1qU8E0JT9JQk_BaBCxZS79tn7YmUyY4XBEpHPm3j16jI/edit", "description": ""}, {"name": "Flox", "url": "https://github.com/devfake/flox", "description": "", "stars": "1.2k"}, {"name": "TVmaze", "url": "https://www.tvmaze.com/", "description": ""}, {"name": "JustWatch", "url": "https://www.justwatch.com/", "description": ""}, {"name": "WhereYouWatch", "url": "https://whereyouwatch.com/latest-reports/", "description": ""}, {"name": "Flickmetrix", "url": "https://flickmetrix.com/", "description": ""}, {"name": "dvdsreleasedates.com", "url": "https://www.dvdsreleasedates.com/", "description": ""}, {"name": "Simkl", "url": "https://simkl.com/", "description": ""}], "notes": []}, {"name": "Piracy \u2014 PreDB Sites", "entries": [{"name": "Urban Dictionary: predb", "url": "https://www.urbandictionary.com/define.php?term=predb", "description": ""}, {"name": "PreDB.org", "url": "https://predb.org/", "description": ""}, {"name": "PreDB.me", "url": "https://predb.me/", "description": ""}, {"name": "PREdb", "url": "https://predb.ovh/", "description": ""}, {"name": "WarezBot", "url": "https://github.com/enzobes/WarezBot", "description": "", "stars": "36"}, {"name": "NSW Releases", "url": "http://nswdb.com/", "description": ""}, {"name": "3DS Releases", "url": "http://3dsdb.com/", "description": ""}, {"name": "NSWDBot", "url": "https://github.com/HunterKing/NSWDBot", "description": ""}, {"name": "Muximux", "url": "https://github.com/mescon/Muximux", "description": "", "stars": "1.1k"}, {"name": "Heimdall", "url": "https://github.com/linuxserver/Heimdall", "description": "", "stars": "6.1k"}, {"name": "Organizr", "url": "https://github.com/causefx/Organizr", "description": "", "stars": "4.4k"}, {"name": "weboas.is", "url": "http://weboas.is/", "description": ""}, {"name": "Anonmasky", "url": "https://github.com/Anonmasky/anonmasky.github.io", "description": ""}, {"name": "iDashboard-PHP", "url": "https://github.com/causefx/iDashboard-PHP", "description": "", "stars": "124"}, {"name": "HTPC-Manager", "url": "https://github.com/Hellowlol/HTPC-Manager", "description": "", "stars": "346"}, {"name": "Monitorr", "url": "https://github.com/Monitorr/Monitorr", "description": "", "stars": "592"}, {"name": "Logarr", "url": "https://github.com/Monitorr/logarr", "description": "", "stars": "263"}, {"name": "Unblocked", "url": "https://unblocked-pw.github.io/", "description": ""}, {"name": "ByPassed", "url": "https://bypassed.wtf/", "description": ""}, {"name": "transfer.sh", "url": "https://transfer.sh/", "description": ""}, {"name": "FilePizza", "url": "https://file.pizza/", "description": ""}, {"name": "DBREE", "url": "https://dbr.ee/", "description": ""}, {"name": "WeTransfer", "url": "https://wetransfer.com/", "description": ""}, {"name": "dmca.gripe", "url": "https://dmca.gripe/", "description": ""}, {"name": "FileBin", "url": "https://filebin.net/", "description": ""}, {"name": "/r/Movie\\_Club", "url": "https://www.reddit.com/r/Movie_Club", "description": ""}, {"name": "sync", "url": "https://github.com/calzoneman/sync/", "description": "", "stars": "1.3k"}, {"name": "watch2gether", "url": "https://www.watch2gether.com/", "description": ""}, {"name": "SyncLounge", "url": "https://synclounge.tv/", "description": ""}, {"name": "Netflix Party", "url": "https://chrome.google.com/webstore/detail/netflix-party/oocalimimngaihdkbihfgmpkcpnmlaoa/related", "description": ""}, {"name": "CyTube", "url": "https://cytu.be/", "description": ""}, {"name": "ArconaiTV", "url": "https://www.arconaitv.us/", "description": ""}, {"name": "\\&chill", "url": "https://andchill.tv/", "description": ""}, {"name": "Raymond's Piracy Group", "url": "https://t.me/raymondfreesoftware", "description": ""}, {"name": "Piracy Links Portal", "url": "https://t.me/PiracyLinks", "description": ""}, {"name": "piratebazaar", "url": "https://t.me/piratebazaar", "description": ""}, {"name": "@itorrentsearchbot", "url": "https://t.me/itorrentsearchbot", "description": ""}, {"name": "@vkmusic\\_bot", "url": "https://telegram.me/vkmusic_bot", "description": ""}, {"name": "@RickyChristanto", "url": "https://t.me/RickyChristanto", "description": ""}, {"name": "iMediaShare channel", "url": "https://t.me/iMediaShare", "description": ""}, {"name": "@movies\\_inc", "url": "https://t.me/movies_inc", "description": ""}, {"name": "@Qualitymovies", "url": "https://t.me/Qualitymovies", "description": ""}, {"name": "@MusicHuntersBot", "url": "https://t.me/MusicHuntersBot", "description": ""}, {"name": "@DeezerMusicBot", "url": "https://t.me/DeezerMusicBot", "description": ""}, {"name": "SMLoadrCommuntiy", "url": "https://t.me/SMLoadrCommunity", "description": ""}, {"name": "aria-telegram-mirror-bot", "url": "https://github.com/out386/aria-telegram-mirror-bot", "description": "", "stars": "514"}, {"name": "CrackWatch trackers", "url": "https://www.reddit.com/r/CrackWatch/comments/b2ywcn/crackwatch_telegram_tracker/", "description": ""}, {"name": "UK ISP Court Orders", "url": "http://www.ukispcourtorders.co.uk/", "description": ""}, {"name": "Counterfeit and Piracy Watch List 2018", "url": "https://torrentfreak.com/images/tradoc_157564.pdf", "description": ""}, {"name": "/r/EmbyShares", "url": "https://www.reddit.com/r/EmbyShares", "description": ""}, {"name": "/r/freefolk", "url": "https://www.reddit.com/r/freefolk", "description": ""}, {"name": "/r/ProshotMusicals", "url": "https://www.reddit.com/r/ProShotMusicals", "description": ""}, {"name": "Shodan", "url": "https://www.shodan.io/", "description": ""}, {"name": "Pi-hole", "url": "https://pi-hole.net/", "description": ""}, {"name": "How to use eMule in 2018", "url": "https://archive.is/j1T6o", "description": ""}, {"name": "Anon.to", "url": "https://anon.to/", "description": ""}, {"name": "Movie Release Types", "url": "https://i.imgur.com/kEOrKJT.png", "description": ""}, {"name": "How To Host \"Questionable\" Websites v4.0", "url": "https://weboas.is/media/host.pdf", "description": ""}, {"name": "Privacy.com", "url": "https://privacy.com/", "description": ""}, {"name": "/f/Piracy", "url": "https://raddle.me/f/Piracy", "description": ""}, {"name": "/s/piracy", "url": "https://saidit.net/s/piracy", "description": ""}, {"name": "/v/piracy", "url": "https://voat.co/v/piracy", "description": ""}, {"name": "2019 Oscar DVD Screeners", "url": "https://whereyouwatch.com/articles/here-are-the-2019-oscar-dvd-screeners/", "description": ""}, {"name": "Academy Awards 2019 Screeners Megathread", "url": "https://www.reddit.com/r/Piracy/comments/aaqc0b/academy_awards_2019_screeners_megathread/", "description": ""}, {"name": "iNFekt", "url": "https://infekt.ws/", "description": ""}, {"name": "NFForce", "url": "http://nfforce.temari.fr/", "description": ""}, {"name": "TheTrove", "url": "https://thetrove.net/", "description": ""}, {"name": "serials", "url": "http://www.serials.ws/", "description": ""}, {"name": "scenerules", "url": "https://scenerules.org/", "description": ""}, {"name": "SceneLinkList", "url": "https://www.scenelinklist.com/", "description": ""}, {"name": "castnow", "url": "https://github.com/xat/castnow", "description": "", "stars": "3.8k"}, {"name": "Grabber", "url": "https://grabber.co.in/", "description": ""}, {"name": "The Pirate Society", "url": "https://thepiratesociety.org/forums/", "description": ""}, {"name": "Bandersnatch Interactive Player", "url": "https://mehotkhan.github.io/BandersnatchInteractive/", "description": ""}, {"name": "Multiup", "url": "https://multiup.org/", "description": ""}, {"name": "DirtyWarez", "url": "https://dirtywarez.org/", "description": ""}, {"name": "MacGuffin", "url": "https://github.com/hwkns/macguffin", "description": "", "stars": "87"}, {"name": "PiracyArchive", "url": "https://github.com/nid666/PiracyArchive", "description": "", "stars": "425"}, {"name": "List of warez groups", "url": "https://en.wikipedia.org/wiki/List_of_warez_groups", "description": ""}, {"name": "netflix-proxy", "url": "https://github.com/ab77/netflix-proxy/", "description": "", "stars": "3.5k"}, {"name": "k8s-usenet", "url": "https://github.com/aldoborrero/k8s-usenet", "description": "", "stars": "76"}, {"name": "Outline", "url": "https://outline.com/", "description": ""}], "notes": []}], "total_entries": 1202}, {"name": "Pentest", "subcategories": [{"name": "Pentest", "entries": [{"name": "Android Utilities", "url": "#android-utilities", "description": ""}, {"name": "Anonymity Tools", "url": "#anonymity-tools", "description": ""}, {"name": "Anti-virus Evasion Tools", "url": "#anti-virus-evasion-tools", "description": ""}, {"name": "Books", "url": "#books", "description": ""}, {"name": "CTF Tools", "url": "#ctf-tools", "description": ""}, {"name": "Cloud Platform Attack Tools", "url": "#cloud-platform-attack-tools", "description": ""}, {"name": "Collaboration Tools", "url": "#collaboration-tools", "description": ""}, {"name": "Conferences and Events", "url": "#conferences-and-events", "description": ""}, {"name": "Exfiltration Tools", "url": "#exfiltration-tools", "description": ""}, {"name": "Exploit Development Tools", "url": "#exploit-development-tools", "description": ""}, {"name": "File Format Analysis Tools", "url": "#file-format-analysis-tools", "description": ""}, {"name": "GNU/Linux Utilities", "url": "#gnulinux-utilities", "description": ""}, {"name": "Hash Cracking Tools", "url": "#hash-cracking-tools", "description": ""}, {"name": "Hex Editors", "url": "#hex-editors", "description": ""}, {"name": "Industrial Control and SCADA Systems", "url": "#industrial-control-and-scada-systems", "description": ""}, {"name": "Intentionally Vulnerable Systems", "url": "#intentionally-vulnerable-systems", "description": ""}, {"name": "Lock Picking", "url": "#lock-picking", "description": ""}, {"name": "macOS Utilities", "url": "#macos-utilities", "description": ""}, {"name": "Multi-paradigm Frameworks", "url": "#multi-paradigm-frameworks", "description": ""}, {"name": "Network Tools", "url": "#network-tools", "description": ""}, {"name": "Network Vulnerability Scanners", "url": "#network-vulnerability-scanners", "description": ""}, {"name": "Open Sources Intelligence (OSINT)", "url": "#open-sources-intelligence-osint", "description": ""}, {"name": "Online Resources", "url": "#online-resources", "description": ""}, {"name": "Operating System Distributions", "url": "#operating-system-distributions", "description": ""}, {"name": "Periodicals", "url": "#periodicals", "description": ""}, {"name": "Physical Access Tools", "url": "#physical-access-tools", "description": ""}, {"name": "Privilege Escalation Tools", "url": "#privilege-escalation-tools", "description": ""}, {"name": "Reverse Engineering", "url": "#reverse-engineering", "description": ""}, {"name": "Security Education Courses", "url": "#security-education-courses", "description": ""}, {"name": "Shellcoding Guides and Tutorials", "url": "#exploit-development-online-resources", "description": ""}, {"name": "Side-channel Tools", "url": "#side-channel-tools", "description": ""}, {"name": "Social Engineering", "url": "#social-engineering", "description": ""}, {"name": "Static Analyzers", "url": "#static-analyzers", "description": ""}, {"name": "Steganography Tools", "url": "#steganography-tools", "description": ""}, {"name": "Vulnerability Databases", "url": "#vulnerability-databases", "description": ""}, {"name": "Web Exploitation", "url": "#web-exploitation", "description": ""}, {"name": "Windows Utilities", "url": "#windows-utilities", "description": ""}, {"name": "cSploit", "url": "https://github.com/cSploit/android", "description": "Advanced IT security professional toolkit on Android featuring an integrated Metasploit daemon and MITM capabilities.", "stars": "3.5k"}, {"name": "Fing", "url": "https://www.fing.com/products/fing-app/", "description": "Network scanning and host enumeration app that performs NetBIOS, UPnP, Bonjour, SNMP, and various other advanced device fingerprinting techniques."}, {"name": "MPT", "url": "https://github.com/ByteSnipers/mobile-pentest-toolkit", "description": "MPT (Mobile Pentest Toolkit) is a must-have solutions for your android penetration testing workflow. It allows you to automate tasks.", "stars": "40"}, {"name": "I2P", "url": "https://geti2p.net/", "description": "The Invisible Internet Project."}, {"name": "Metadata Anonymization Toolkit (MAT)", "url": "https://0xacab.org/jvoisin/mat2", "description": "Metadata removal tool, supporting a wide range of commonly used file formats, written in Python3."}, {"name": "What Every Browser Knows About You", "url": "http://webkay.robinlinus.com/", "description": "Comprehensive detection page to test your own Web browser's configuration for privacy and identity leaks."}], "notes": []}, {"name": "Pentest \u2014 Tor Tools", "entries": [{"name": "Nipe", "url": "https://github.com/GouveaHeitor/nipe", "description": "Script to redirect all traffic from the machine to the Tor network.", "stars": "2.1k"}, {"name": "OnionScan", "url": "https://onionscan.org/", "description": "Tool for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators."}, {"name": "Tails", "url": "https://tails.boum.org/", "description": "Live operating system aiming to preserve your privacy and anonymity."}, {"name": "Tor", "url": "https://www.torproject.org/", "description": "Free software and onion routed overlay network that helps you defend against traffic analysis."}, {"name": "dos-over-tor", "url": "https://github.com/skizap/dos-over-tor", "description": "Proof of concept denial of service over Tor stress test tool.", "stars": "42"}, {"name": "kalitorify", "url": "https://github.com/brainfuckSec/kalitorify", "description": "Transparent proxy through Tor for Kali Linux OS.", "stars": "1.2k"}, {"name": "AntiVirus Evasion Tool (AVET)", "url": "https://github.com/govolution/avet", "description": "Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.", "stars": "1.7k"}, {"name": "CarbonCopy", "url": "https://github.com/paranoidninja/CarbonCopy", "description": "Tool that creates a spoofed certificate of any online website and signs an Executable for AV evasion.", "stars": "1.4k"}, {"name": "Hyperion", "url": "http://nullsecurity.net/tools/binary.html", "description": "Runtime encryptor for 32-bit portable executables (\"PE `.exe`s\")."}, {"name": "Shellter", "url": "https://www.shellterproject.com/", "description": "Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created."}, {"name": "UniByAv", "url": "https://github.com/Mr-Un1k0d3r/UniByAv", "description": "Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key."}, {"name": "Veil", "url": "https://www.veil-framework.com/", "description": "Generate metasploit payloads that bypass common anti-virus solutions."}, {"name": "peCloakCapstone", "url": "https://github.com/v-p-b/peCloakCapstone", "description": "Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.", "stars": "108"}, {"name": "Amber", "url": "https://github.com/EgeBalci/amber", "description": "Reflective PE packer for converting native PE files to position-independent shellcode.", "stars": "1.4k"}, {"name": "Advanced Penetration Testing by Wil Allsopp, 2017", "url": "https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689/", "description": ""}, {"name": "Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012", "url": "http://www.packtpub.com/networking-and-servers/advanced-penetration-testing-highly-secured-environments-ultimate-security-gu", "description": ""}, {"name": "Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014", "url": "http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362", "description": ""}, {"name": "Android Hacker's Handbook by Joshua J. Drake et al., 2014", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html", "description": ""}, {"name": "BTFM: Blue Team Field Manual by Alan J White & Ben Clark, 2017", "url": "https://www.amazon.de/Blue-Team-Field-Manual-BTFM/dp/154101636X", "description": ""}, {"name": "Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014", "url": "http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900", "description": ""}, {"name": "Bug Hunter's Diary by Tobias Klein, 2011", "url": "https://nostarch.com/bughunter", "description": ""}, {"name": "Car Hacker's Handbook by Craig Smith, 2016", "url": "https://nostarch.com/carhacking", "description": ""}, {"name": "Effective Software Testing, 2021", "url": "https://www.manning.com/books/effective-software-testing", "description": ""}, {"name": "Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007", "url": "http://www.fuzzing.org/", "description": ""}, {"name": "Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011", "url": "https://nostarch.com/metasploit", "description": ""}, {"name": "Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014", "url": "https://nostarch.com/pentesting", "description": ""}, {"name": "Penetration Testing: Procedures & Methodologies by EC-Council, 2010", "url": "http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677", "description": ""}, {"name": "Professional Penetration Testing by Thomas Wilhelm, 2013", "url": "https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4", "description": ""}, {"name": "RTFM: Red Team Field Manual by Ben Clark, 2014", "url": "http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/", "description": ""}, {"name": "The Art of Exploitation by Jon Erickson, 2008", "url": "https://nostarch.com/hacking2.htm", "description": ""}, {"name": "The Art of Network Penetration Testing, 2020", "url": "https://www.manning.com/books/the-art-of-network-penetration-testing", "description": ""}, {"name": "The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013", "url": "https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1", "description": ""}, {"name": "The Database Hacker's Handbook, David Litchfield et al., 2005", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html", "description": ""}, {"name": "The Hacker Playbook by Peter Kim, 2014", "url": "http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/", "description": ""}, {"name": "The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html", "description": ""}, {"name": "The Mobile Application Hacker's Handbook by Dominic Chell et al., 2015", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html", "description": ""}, {"name": "Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010", "url": "http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE", "description": ""}, {"name": "Violent Python by TJ O'Connor, 2012", "url": "https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6", "description": ""}, {"name": "iOS Hacker's Handbook by Charlie Miller et al., 2012", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html", "description": ""}], "notes": []}, {"name": "Pentest \u2014 Malware Analysis Books", "entries": [{"name": "CTF Field Guide", "url": "https://trailofbits.github.io/ctf/", "description": "Everything you need to win your next CTF competition."}, {"name": "Ciphey", "url": "https://github.com/ciphey/ciphey", "description": "Automated decryption tool using artificial intelligence and natural language processing.", "stars": "20k"}, {"name": "RsaCtfTool", "url": "https://github.com/Ganapati/RsaCtfTool", "description": "Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks.", "stars": "6.6k"}, {"name": "ctf-tools", "url": "https://github.com/zardus/ctf-tools", "description": "Collection of setup scripts to install various security research tools easily and quickly deployable to new machines.", "stars": "9.2k"}, {"name": "shellpop", "url": "https://github.com/0x00-0x00/shellpop", "description": "Easily generate sophisticated reverse or bind shell commands to help you save time during penetration tests.", "stars": "1.5k"}, {"name": "Cloud Container Attack Tool (CCAT)", "url": "https://rhinosecuritylabs.com/aws/cloud-container-attack-tool/", "description": "Tool for testing security of container environments."}, {"name": "CloudHunter", "url": "https://github.com/belane/CloudHunter", "description": "Looks for AWS, Azure and Google cloud storage buckets and lists permissions for vulnerable buckets.", "stars": "167"}, {"name": "Cloudsplaining", "url": "https://cloudsplaining.readthedocs.io/", "description": "Identifies violations of least privilege in AWS IAM policies and generates a pretty HTML report with a triage worksheet."}, {"name": "Endgame", "url": "https://endgame.readthedocs.io/", "description": "AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account."}, {"name": "GCPBucketBrute", "url": "https://github.com/RhinoSecurityLabs/GCPBucketBrute", "description": "Script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.", "stars": "546"}, {"name": "Dradis", "url": "https://dradis.com/", "description": "Open-source reporting and collaboration tool for IT security professionals."}, {"name": "Hexway Hive", "url": "https://hexway.io/hive/", "description": "Commercial collaboration, data aggregation, and reporting framework for red teams with a limited free self-hostable option."}, {"name": "Lair", "url": "https://github.com/lair-framework/lair/wiki", "description": "Reactive attack collaboration framework and web application built with meteor.", "stars": "383"}, {"name": "Pentest Collaboration Framework (PCF)", "url": "https://gitlab.com/invuls/pentest-projects/pcf", "description": "Open source, cross-platform, and portable toolkit for automating routine pentest processes with a team."}, {"name": "Reconmap", "url": "https://reconmap.com/", "description": "Open-source collaboration platform for InfoSec professionals that streamlines the pentest process."}, {"name": "RedELK", "url": "https://github.com/outflanknl/RedELK", "description": "Track and alarm about Blue Team activities while providing better usability in long term offensive operations.", "stars": "2.6k"}, {"name": "BSides", "url": "http://www.securitybsides.com/", "description": "Framework for organising and holding security conferences."}, {"name": "CTFTime.org", "url": "https://ctftime.org/", "description": "Directory of upcoming and archive of past Capture The Flag (CTF) competitions with links to challenge writeups."}], "notes": []}, {"name": "Pentest \u2014 Asia", "entries": [{"name": "HITB", "url": "https://conference.hitb.org/", "description": "Deep-knowledge security conference held in Malaysia and The Netherlands."}, {"name": "HITCON", "url": "https://hitcon.org/", "description": "Hacks In Taiwan Conference held in Taiwan."}, {"name": "Nullcon", "url": "http://nullcon.net/website/", "description": "Annual conference in Delhi and Goa, India."}, {"name": "SECUINSIDE", "url": "http://secuinside.com", "description": "Security Conference in Seoul."}], "notes": []}, {"name": "Pentest \u2014 Europe", "entries": [{"name": "44Con", "url": "https://44con.com/", "description": "Annual Security Conference held in London."}, {"name": "BalCCon", "url": "https://www.balccon.org", "description": "Balkan Computer Congress, annually held in Novi Sad, Serbia."}, {"name": "BruCON", "url": "http://brucon.org", "description": "Annual security conference in Belgium."}, {"name": "CCC", "url": "https://events.ccc.de/congress/", "description": "Annual meeting of the international hacker scene in Germany."}, {"name": "DeepSec", "url": "https://deepsec.net/", "description": "Security Conference in Vienna, Austria."}, {"name": "DefCamp", "url": "http://def.camp/", "description": "Largest Security Conference in Eastern Europe, held annually in Bucharest, Romania."}, {"name": "FSec", "url": "http://fsec.foi.hr", "description": "FSec - Croatian Information Security Gathering in Vara\u017edin, Croatia."}, {"name": "Hack.lu", "url": "https://hack.lu/", "description": "Annual conference held in Luxembourg."}, {"name": "Infosecurity Europe", "url": "http://www.infosecurityeurope.com/", "description": "Europe's number one information security event, held in London, UK."}, {"name": "SteelCon", "url": "https://www.steelcon.info/", "description": "Security conference in Sheffield UK."}, {"name": "Swiss Cyber Storm", "url": "https://www.swisscyberstorm.com/", "description": "Annual security conference in Lucerne, Switzerland."}, {"name": "Troopers", "url": "https://www.troopers.de", "description": "Annual international IT Security event with workshops held in Heidelberg, Germany."}, {"name": "HoneyCON", "url": "https://honeycon.eu/", "description": "Annual Security Conference in Guadalajara, Spain. Organized by the HoneySEC association."}], "notes": []}, {"name": "Pentest \u2014 North America", "entries": [{"name": "AppSecUSA", "url": "https://appsecusa.org/", "description": "Annual conference organized by OWASP."}, {"name": "Black Hat", "url": "http://www.blackhat.com/", "description": "Annual security conference in Las Vegas."}, {"name": "CarolinaCon", "url": "https://carolinacon.org/", "description": "Infosec conference, held annually in North Carolina."}, {"name": "DEF CON", "url": "https://www.defcon.org/", "description": "Annual hacker convention in Las Vegas."}, {"name": "DerbyCon", "url": "https://www.derbycon.com/", "description": "Annual hacker conference based in Louisville."}, {"name": "Hackers Next Door", "url": "https://hnd.techlearningcollective.com/", "description": "Cybersecurity and social technology conference held in New York City."}, {"name": "Hackers On Planet Earth (HOPE)", "url": "https://hope.net/", "description": "Semi-annual conference held in New York City."}, {"name": "Hackfest", "url": "https://hackfest.ca", "description": "Largest hacking conference in Canada."}, {"name": "LayerOne", "url": "http://www.layerone.org/", "description": "Annual US security conference held every spring in Los Angeles."}, {"name": "National Cyber Summit", "url": "https://www.nationalcybersummit.com/", "description": "Annual US security conference and Capture the Flag event, held in Huntsville, Alabama, USA."}, {"name": "PhreakNIC", "url": "http://phreaknic.info/", "description": "Technology conference held annually in middle Tennessee."}, {"name": "RSA Conference USA", "url": "https://www.rsaconference.com/", "description": "Annual security conference in San Francisco, California, USA."}, {"name": "ShmooCon", "url": "http://shmoocon.org/", "description": "Annual US East coast hacker convention."}, {"name": "SkyDogCon", "url": "http://www.skydogcon.com/", "description": "Technology conference in Nashville."}, {"name": "SummerCon", "url": "https://www.summercon.org/", "description": "One of the oldest hacker conventions in America, held during Summer."}, {"name": "ThotCon", "url": "http://thotcon.org/", "description": "Annual US hacker conference held in Chicago."}, {"name": "Virus Bulletin Conference", "url": "https://www.virusbulletin.com/conference/index", "description": "Annual conference going to be held in Denver, USA for 2016."}], "notes": []}, {"name": "Pentest \u2014 South America", "entries": [{"name": "Ekoparty", "url": "http://www.ekoparty.org", "description": "Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina."}, {"name": "Hackers to Hackers Conference (H2HC)", "url": "https://www.h2hc.com.br/", "description": "Oldest security research (hacking) conference in Latin America and one of the oldest ones still active in the world."}], "notes": []}, {"name": "Pentest \u2014 Zealandia", "entries": [{"name": "CHCon", "url": "https://chcon.nz", "description": "Christchurch Hacker Con, Only South Island of New Zealand hacker con."}, {"name": "DET", "url": "https://github.com/sensepost/DET", "description": "Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.", "stars": "830"}, {"name": "Iodine", "url": "https://code.kryo.se/iodine/", "description": "Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed."}, {"name": "TrevorC2", "url": "https://github.com/trustedsec/trevorc2", "description": "Client/server tool for masking command and control and data exfiltration through a normally browsable website, not typical HTTP POST requests.", "stars": "1.3k"}, {"name": "dnscat2", "url": "https://github.com/iagox86/dnscat2", "description": "Tool designed to create an encrypted command and control channel over the DNS protocol, which is an effective tunnel out of almost every network.", "stars": "3.8k"}, {"name": "pwnat", "url": "https://github.com/samyk/pwnat", "description": "Punches holes in firewalls and NATs.", "stars": "3.8k"}, {"name": "tgcd", "url": "http://tgcd.sourceforge.net/", "description": "Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls."}, {"name": "QueenSono", "url": "https://github.com/ariary/QueenSono", "description": "Client/Server Binaries for data exfiltration with ICMP. Useful in a network where ICMP protocol is less monitored than others (which is a common case).", "stars": "166"}, {"name": "H26Forge", "url": "https://github.com/h26forge/h26forge", "description": "Domain-specific infrastructure for analyzing, generating, and manipulating syntactically correct but semantically spec-non-compliant video files.", "stars": "321"}, {"name": "Magic Unicorn", "url": "https://github.com/trustedsec/unicorn", "description": "Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or `certutil` (using fake certificates).", "stars": "3.9k"}, {"name": "Pwntools", "url": "https://github.com/Gallopsled/pwntools", "description": "Rapid exploit development framework built for use in CTFs.", "stars": "13k"}, {"name": "Wordpress Exploit Framework", "url": "https://github.com/rastating/wordpress-exploit-framework", "description": "Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.", "stars": "1k"}, {"name": "peda", "url": "https://github.com/longld/peda", "description": "Python Exploit Development Assistance for GDB.", "stars": "6.1k"}, {"name": "ExifTool", "url": "https://www.sno.phy.queensu.ca/~phil/exiftool/", "description": "Platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files."}, {"name": "Hachoir", "url": "https://hachoir.readthedocs.io/", "description": "Python library to view and edit a binary stream as tree of fields and tools for metadata extraction."}, {"name": "Kaitai Struct", "url": "http://kaitai.io/", "description": "File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby."}, {"name": "peepdf", "url": "https://eternal-todo.com/tools/peepdf-pdf-analysis-tool", "description": "Python tool to explore PDF files in order to find out if the file can be harmful or not."}, {"name": "Veles", "url": "https://codisec.com/veles/", "description": "Binary data visualization and analysis tool."}, {"name": "Hwacha", "url": "https://github.com/n00py/Hwacha", "description": "Post-exploitation tool to quickly execute payloads via SSH on one or more Linux systems simultaneously.", "stars": "109"}, {"name": "Linux Exploit Suggester", "url": "https://github.com/PenturaLabs/Linux_Exploit_Suggester", "description": "Heuristic reporting on potentially viable exploits for a given GNU/Linux system.", "stars": "1.8k"}, {"name": "Lynis", "url": "https://cisofy.com/lynis/", "description": "Auditing tool for UNIX-based systems."}, {"name": "checksec.sh", "url": "https://www.trapkit.de/tools/checksec.html", "description": "Shell script designed to test what standard Linux OS and PaX security features are being used."}, {"name": "BruteForce Wallet", "url": "https://github.com/glv2/bruteforce-wallet", "description": "Find the password of an encrypted wallet file (i.e. `wallet.dat`).", "stars": "428"}, {"name": "CeWL", "url": "https://digi.ninja/projects/cewl.php", "description": "Generates custom wordlists by spidering a target's website and collecting unique words."}, {"name": "duplicut", "url": "https://github.com/nil0x42/duplicut", "description": "Quickly remove duplicates, without changing the order, and without getting OOM on huge wordlists.", "stars": "963"}, {"name": "GoCrack", "url": "https://github.com/fireeye/gocrack", "description": "Management Web frontend for distributed password cracking sessions using hashcat (or other supported tools) written in Go.", "stars": "1.3k"}, {"name": "Hashcat", "url": "http://hashcat.net/hashcat/", "description": "The more fast hash cracker."}, {"name": "hate\\_crack", "url": "https://github.com/trustedsec/hate_crack", "description": "Tool for automating cracking methodologies through Hashcat.", "stars": "1.8k"}, {"name": "JWT Cracker", "url": "https://github.com/lmammino/jwt-cracker", "description": "Simple HS256 JSON Web Token (JWT) token brute force cracker.", "stars": "1.2k"}, {"name": "John the Ripper", "url": "http://www.openwall.com/john/", "description": "Fast password cracker."}, {"name": "Rar Crack", "url": "http://rarcrack.sourceforge.net", "description": "RAR bruteforce cracker."}, {"name": "Bless", "url": "https://github.com/bwrsandman/Bless", "description": "High quality, full featured, cross-platform graphical hex editor written in Gtk#.", "stars": "67"}, {"name": "Frhed", "url": "http://frhed.sourceforge.net/", "description": "Binary file editor for Windows."}, {"name": "Hex Fiend", "url": "http://ridiculousfish.com/hexfiend/", "description": "Fast, open source, hex editor for macOS with support for viewing  binary diffs."}, {"name": "HexEdit.js", "url": "https://hexed.it", "description": "Browser-based hex editing."}, {"name": "Hexinator", "url": "https://hexinator.com/", "description": "World's finest (proprietary, commercial) Hex Editor."}, {"name": "hexedit", "url": "https://github.com/pixel/hexedit", "description": "Simple, fast, console-based hex editor.", "stars": "118"}, {"name": "wxHexEditor", "url": "http://www.wxhexeditor.org/", "description": "Free GUI hex editor for GNU/Linux, macOS, and Windows."}, {"name": "Industrial Exploitation Framework (ISF)", "url": "https://github.com/dark-lbp/isf", "description": "Metasploit-like exploit framework based on routersploit designed to target Industrial Control Systems (ICS), SCADA devices, PLC firmware, and more.", "stars": "1.1k"}, {"name": "s7scan", "url": "https://github.com/klsecservices/s7scan", "description": "Scanner for enumerating Siemens S7 PLCs on a TCP/IP or LLC network.", "stars": "148"}, {"name": "OpalOPC", "url": "https://opalopc.com/", "description": "Commercial OPC UA vulnerability assessment tool, sold by Molemmat."}, {"name": "Pentest-Ground", "url": "https://pentest-ground.com/", "description": ""}], "notes": []}, {"name": "Pentest \u2014 Intentionally Vulnerable Systems as Docker Containers", "entries": [{"name": "Damn Vulnerable Web Application (DVWA)", "url": "https://hub.docker.com/r/citizenstig/dvwa/", "description": "`docker pull citizenstig/dvwa`."}, {"name": "OWASP Juice Shop", "url": "https://github.com/bkimminich/juice-shop#docker-container--", "description": "`docker pull bkimminich/juice-shop`."}, {"name": "OWASP Mutillidae II Web Pen-Test Practice Application", "url": "https://hub.docker.com/r/citizenstig/nowasp/", "description": "`docker pull citizenstig/nowasp`."}, {"name": "OWASP NodeGoat", "url": "https://github.com/owasp/nodegoat", "description": "`docker-compose build && docker-compose up`.", "stars": "2k"}, {"name": "OWASP Security Shepherd", "url": "https://hub.docker.com/r/ismisepaul/securityshepherd/", "description": "`docker pull ismisepaul/securityshepherd`."}, {"name": "OWASP WebGoat Project 7.1 docker image", "url": "https://hub.docker.com/r/webgoat/webgoat-7.1/", "description": "`docker pull webgoat/webgoat-7.1`."}, {"name": "OWASP WebGoat Project 8.0 docker image", "url": "https://hub.docker.com/r/webgoat/webgoat-8.0/", "description": "`docker pull webgoat/webgoat-8.0`."}, {"name": "Vulnerability as a service: Heartbleed", "url": "https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/", "description": "`docker pull hmlio/vaas-cve-2014-0160`."}, {"name": "Vulnerability as a service: SambaCry", "url": "https://hub.docker.com/r/vulnerables/cve-2017-7494/", "description": "`docker pull vulnerables/cve-2017-7494`."}, {"name": "Vulnerability as a service: Shellshock", "url": "https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/", "description": "`docker pull hmlio/vaas-cve-2014-6271`."}, {"name": "Vulnerable WordPress Installation", "url": "https://hub.docker.com/r/wpscanteam/vulnerablewordpress/", "description": "`docker pull wpscanteam/vulnerablewordpress`."}, {"name": "Bella", "url": "https://github.com/kdaoudieh/Bella", "description": "Pure Python post-exploitation data mining and remote administration tool for macOS.", "stars": "201"}, {"name": "EvilOSX", "url": "https://github.com/Marten4n6/EvilOSX", "description": "Modular RAT that uses numerous evasion and exfiltration techniques out-of-the-box.", "stars": "2.4k"}, {"name": "Armitage", "url": "http://fastandeasyhacking.com/", "description": "Java-based GUI front-end for the Metasploit Framework."}, {"name": "AutoSploit", "url": "https://github.com/NullArray/AutoSploit", "description": "Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.", "stars": "5.2k"}, {"name": "Decker", "url": "https://github.com/stevenaldinger/decker", "description": "Penetration testing orchestration and automation framework, which allows writing declarative, reusable configurations capable of ingesting variables and using outputs of tools it has run as inputs to others.", "stars": "293"}, {"name": "Faraday", "url": "https://github.com/infobyte/faraday", "description": "Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.", "stars": "6.1k"}, {"name": "Metasploit", "url": "https://www.metasploit.com/", "description": "Software for offensive security teams to help verify vulnerabilities and manage security assessments."}, {"name": "Pupy", "url": "https://github.com/n1nj4sec/pupy", "description": "Cross-platform (Windows, Linux, macOS, Android) remote administration and post-exploitation tool.", "stars": "8.9k"}, {"name": "Ronin", "url": "https://ronin-rb.dev", "description": "Free and Open Source Ruby Toolkit for Security Research and Development, providing many different libraries and commands for a variety of security tasks, such as recon, vulnerability scanning, exploit development, exploitation, post-exploitation, and more."}, {"name": "CrackMapExec", "url": "https://github.com/byt3bl33d3r/CrackMapExec", "description": "Swiss army knife for pentesting networks.", "stars": "9k"}, {"name": "IKEForce", "url": "https://github.com/SpiderLabs/ikeforce", "description": "Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities.", "stars": "247"}, {"name": "Intercepter-NG", "url": "http://sniff.su/", "description": "Multifunctional network toolkit."}, {"name": "Legion", "url": "https://github.com/GoVanguard/legion", "description": "Graphical semi-automated discovery and reconnaissance framework based on Python 3  and forked from SPARTA.", "stars": "1.1k"}, {"name": "Network-Tools.com", "url": "http://network-tools.com/", "description": "Website offering an interface to numerous basic network utilities like `ping`, `traceroute`, `whois`, and more."}, {"name": "Ncrack", "url": "https://nmap.org/ncrack/", "description": "High-speed network authentication cracking tool built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords."}, {"name": "Praeda", "url": "http://h.foofus.net/?page_id=218", "description": "Automated multi-function printer data harvester for gathering usable data during security assessments."}, {"name": "Printer Exploitation Toolkit (PRET)", "url": "https://github.com/RUB-NDS/PRET", "description": "Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.", "stars": "4.2k"}, {"name": "SPARTA", "url": "https://sparta.secforce.com/", "description": "Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools."}, {"name": "SigPloit", "url": "https://github.com/SigPloiter/SigPloit", "description": "Signaling security testing framework dedicated to telecom security for researching vulnerabilites in the signaling protocols used in mobile (cellular phone) operators.", "stars": "303"}, {"name": "Smart Install Exploitation Tool (SIET)", "url": "https://github.com/Sab0tag3d/SIET", "description": "Scripts for identifying Cisco Smart Install-enabled switches on a network and then manipulating them.", "stars": "589"}, {"name": "THC Hydra", "url": "https://github.com/vanhauser-thc/thc-hydra", "description": "Online password cracking tool with built-in support for many network protocols, including HTTP, SMB, FTP, telnet, ICQ, MySQL, LDAP, IMAP, VNC, and more.", "stars": "11k"}, {"name": "Tsunami", "url": "https://github.com/google/tsunami-security-scanner", "description": "General purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.", "stars": "8.5k"}, {"name": "Zarp", "url": "https://github.com/hatRiot/zarp", "description": "Network attack tool centered around the exploitation of local networks.", "stars": "1.5k"}, {"name": "dnstwist", "url": "https://github.com/elceef/dnstwist", "description": "Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.", "stars": "5.5k"}, {"name": "dsniff", "url": "https://www.monkey.org/~dugsong/dsniff/", "description": "Collection of tools for network auditing and pentesting."}, {"name": "impacket", "url": "https://github.com/CoreSecurity/impacket", "description": "Collection of Python classes for working with network protocols.", "stars": "15k"}, {"name": "pivotsuite", "url": "https://github.com/RedTeamOperations/PivotSuite", "description": "Portable, platform independent and powerful network pivoting toolkit.", "stars": "458"}, {"name": "routersploit", "url": "https://github.com/reverse-shell/routersploit", "description": "Open source exploitation framework similar to Metasploit but dedicated to embedded devices.", "stars": "13k"}, {"name": "rshijack", "url": "https://github.com/kpcyrd/rshijack", "description": "TCP connection hijacker, Rust rewrite of `shijack`.", "stars": "527"}], "notes": []}, {"name": "Pentest \u2014 DDoS Tools", "entries": [{"name": "Anevicon", "url": "https://github.com/rozgo/anevicon", "description": "Powerful UDP-based load generator, written in Rust."}, {"name": "D(HE)ater", "url": "https://github.com/Balasys/dheater", "description": "D(HE)ater sends forged cryptographic handshake messages to enforce the Diffie-Hellman key exchange.", "stars": "209"}, {"name": "HOIC", "url": "https://sourceforge.net/projects/high-orbit-ion-cannon/", "description": "Updated version of Low Orbit Ion Cannon, has 'boosters' to get around common counter measures."}, {"name": "Low Orbit Ion Canon (LOIC)", "url": "https://github.com/NewEraCracker/LOIC", "description": "Open source network stress tool written for Windows.", "stars": "2.9k"}, {"name": "Memcrashed", "url": "https://github.com/649/Memcrashed-DDoS-Exploit", "description": "DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API.", "stars": "1.4k"}, {"name": "SlowLoris", "url": "https://github.com/gkbrk/slowloris", "description": "DoS tool that uses low bandwidth on the attacking side.", "stars": "2.7k"}, {"name": "T50", "url": "https://gitlab.com/fredericopissarra/t50/", "description": "Faster network stress tool."}, {"name": "UFONet", "url": "https://github.com/epsylon/ufonet", "description": "Abuses OSI layer 7 HTTP to create/manage 'zombies' and to conduct different attacks using; `GET`/`POST`, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.", "stars": "2.4k"}], "notes": []}, {"name": "Pentest \u2014 Network Reconnaissance Tools", "entries": [{"name": "ACLight", "url": "https://github.com/cyberark/ACLight", "description": "Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins.", "stars": "821"}, {"name": "AQUATONE", "url": "https://github.com/michenriksen/aquatone", "description": "Subdomain discovery tool utilizing various open sources producing a report that can be used as input to other tools.", "stars": "5.9k"}, {"name": "CloudFail", "url": "https://github.com/m0rtem/CloudFail", "description": "Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.", "stars": "2.5k"}, {"name": "DNSDumpster", "url": "https://dnsdumpster.com/", "description": "Online DNS recon and search service."}, {"name": "Mass Scan", "url": "https://github.com/robertdavidgraham/masscan", "description": "TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.", "stars": "25k"}, {"name": "OWASP Amass", "url": "https://github.com/OWASP/Amass", "description": "Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.", "stars": "14k"}, {"name": "ScanCannon", "url": "https://github.com/johnnyxmas/ScanCannon", "description": "POSIX-compliant BASH script to quickly enumerate large networks by calling `masscan` to quickly identify open ports and then `nmap` to gain details on the systems/services on those ports.", "stars": "468"}, {"name": "XRay", "url": "https://github.com/evilsocket/xray", "description": "Network (sub)domain discovery and reconnaissance automation tool.", "stars": "2.3k"}, {"name": "dnsenum", "url": "https://github.com/fwaeytens/dnsenum/", "description": "Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.", "stars": "671"}, {"name": "dnsmap", "url": "https://github.com/makefu/dnsmap/", "description": "Passive DNS network mapper.", "stars": "115"}, {"name": "dnsrecon", "url": "https://github.com/darkoperator/dnsrecon/", "description": "DNS enumeration script.", "stars": "2.9k"}, {"name": "dnstracer", "url": "http://www.mavetju.org/unix/dnstracer.php", "description": "Determines where a given DNS server gets its information from, and follows the chain of DNS servers."}, {"name": "fierce", "url": "https://github.com/mschwager/fierce", "description": "Python3 port of the original `fierce.pl` DNS reconnaissance tool for locating non-contiguous IP space.", "stars": "1.7k"}, {"name": "netdiscover", "url": "https://github.com/netdiscover-scanner/netdiscover", "description": "Network address discovery scanner, based on ARP sweeps, developed mainly for those wireless networks without a DHCP server.", "stars": "364"}, {"name": "nmap", "url": "https://nmap.org/", "description": "Free security scanner for network exploration & security audits."}, {"name": "passivedns-client", "url": "https://github.com/chrislee35/passivedns-client", "description": "Library and query tool for querying several passive DNS providers.", "stars": "200"}, {"name": "passivedns", "url": "https://github.com/gamelinux/passivedns", "description": "Network sniffer that logs all DNS server replies for use in a passive DNS setup.", "stars": "1.7k"}, {"name": "RustScan", "url": "https://github.com/rustscan/rustscan", "description": "Lightweight and quick open-source port scanner designed to automatically pipe open ports into Nmap.", "stars": "19k"}, {"name": "scanless", "url": "https://github.com/vesche/scanless", "description": "Utility for using websites to perform port scans on your behalf so as not to reveal your own IP.", "stars": "1.1k"}, {"name": "smbmap", "url": "https://github.com/ShawnDEvans/smbmap", "description": "Handy SMB enumeration tool.", "stars": "2k"}, {"name": "subbrute", "url": "https://github.com/TheRook/subbrute", "description": "DNS meta-query spider that enumerates DNS records, and subdomains.", "stars": "3.5k"}, {"name": "zmap", "url": "https://zmap.io/", "description": "Open source network scanner that enables researchers to easily perform Internet-wide network studies."}], "notes": []}, {"name": "Pentest \u2014 Protocol Analyzers and Sniffers", "entries": [{"name": "Debookee", "url": "http://www.iwaxx.com/debookee/", "description": "Simple and powerful network traffic analyzer for macOS."}, {"name": "Dshell", "url": "https://github.com/USArmyResearchLab/Dshell", "description": "Network forensic analysis framework.", "stars": "5.5k"}, {"name": "Netzob", "url": "https://github.com/netzob/netzob", "description": "Reverse engineering, traffic generation and fuzzing of communication protocols.", "stars": "815"}, {"name": "Wireshark", "url": "https://www.wireshark.org/", "description": "Widely-used graphical, cross-platform network protocol analyzer."}, {"name": "netsniff-ng", "url": "https://github.com/netsniff-ng/netsniff-ng", "description": "Swiss army knife for network sniffing.", "stars": "1.4k"}, {"name": "sniffglue", "url": "https://github.com/kpcyrd/sniffglue", "description": "Secure multithreaded packet sniffer.", "stars": "1.2k"}, {"name": "tcpdump/libpcap", "url": "http://www.tcpdump.org/", "description": "Common packet analyzer that runs under the command line."}], "notes": []}, {"name": "Pentest \u2014 Network Traffic Replay and Editing Tools", "entries": [{"name": "snort", "url": "https://github.com/snort3/snort3", "description": "Open Source Intrusion Prevention System", "stars": "3.2k"}, {"name": "TraceWrangler", "url": "https://www.tracewrangler.com/", "description": "Network capture file toolkit that can edit and merge `pcap` or `pcapng` files with batch editing features."}, {"name": "WireEdit", "url": "https://wireedit.com/", "description": "Full stack WYSIWYG pcap editor (requires a free license to edit packets)."}, {"name": "bittwist", "url": "http://bittwist.sourceforge.net/", "description": "Simple yet powerful libpcap-based Ethernet packet generator useful in simulating networking traffic or scenario, testing firewall, IDS, and IPS, and troubleshooting various network problems."}, {"name": "hping3", "url": "https://github.com/antirez/hping", "description": "Network tool able to send custom TCP/IP packets.", "stars": "1.6k"}, {"name": "pig", "url": "https://github.com/rafael-santiago/pig", "description": "GNU/Linux packet crafting tool.", "stars": "472"}, {"name": "scapy", "url": "https://github.com/secdev/scapy", "description": "Python-based interactive packet manipulation program and library.", "stars": "12k"}, {"name": "tcpreplay", "url": "https://tcpreplay.appneta.com/", "description": "Suite of free Open Source utilities for editing and replaying previously captured network traffic."}], "notes": []}, {"name": "Pentest \u2014 Proxies and Machine-in-the-Middle (MITM) Tools", "entries": [{"name": "BetterCAP", "url": "https://www.bettercap.org/", "description": "Modular, portable and easily extensible MITM framework."}, {"name": "Ettercap", "url": "http://www.ettercap-project.org", "description": "Comprehensive, mature suite for machine-in-the-middle attacks."}, {"name": "Habu", "url": "https://github.com/portantier/habu", "description": "Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more.", "stars": "947"}, {"name": "Lambda-Proxy", "url": "https://github.com/puresec/lambda-proxy", "description": "Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions.", "stars": "38"}, {"name": "MITMf", "url": "https://github.com/byt3bl33d3r/MITMf", "description": "Framework for Man-In-The-Middle attacks.", "stars": "3.6k"}, {"name": "Morpheus", "url": "https://github.com/r00t-3xp10it/morpheus", "description": "Automated ettercap TCP/IP Hijacking tool.", "stars": "870"}, {"name": "SSH MITM", "url": "https://github.com/jtesta/ssh-mitm", "description": "Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.", "stars": "1.7k"}, {"name": "dnschef", "url": "https://github.com/iphelix/dnschef", "description": "Highly configurable DNS proxy for pentesters.", "stars": "1k"}, {"name": "evilgrade", "url": "https://github.com/infobyte/evilgrade", "description": "Modular framework to take advantage of poor upgrade implementations by injecting fake updates.", "stars": "1.3k"}, {"name": "mallory", "url": "https://github.com/justmao945/mallory", "description": "HTTP/HTTPS proxy over SSH.", "stars": "326"}, {"name": "oregano", "url": "https://github.com/nametoolong/oregano", "description": "Python module that runs as a machine-in-the-middle (MITM) accepting Tor client requests.", "stars": "28"}, {"name": "sylkie", "url": "https://dlrobertson.github.io/sylkie/", "description": "Command line tool and library for testing networks for common address spoofing security vulnerabilities in IPv6 networks using the Neighbor Discovery Protocol."}, {"name": "PETEP", "url": "https://github.com/Warxim/petep", "description": "Extensible TCP/UDP proxy with GUI for traffic analysis & modification with SSL/TLS support.", "stars": "222"}, {"name": "friTap", "url": "https://github.com/fkie-cad/friTap", "description": "Intercept SSL/TLS connections with frida; Allows TLS key extraction and decryption of TLS payload as PCAP in real time.", "stars": "445"}], "notes": []}, {"name": "Pentest \u2014 Transport Layer Security Tools", "entries": [{"name": "CryptoLyzer", "url": "https://gitlab.com/coroner/cryptolyzer", "description": "Fast and flexible server cryptographic (TLS/SSL/SSH/HTTP) settings analyzer library for Python with CLI."}, {"name": "SSLyze", "url": "https://github.com/nabla-c0d3/sslyze", "description": "Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations.", "stars": "3.7k"}, {"name": "crackpkcs12", "url": "https://github.com/crackpkcs12/crackpkcs12", "description": "Multithreaded program to crack PKCS#12 files (`.p12` and `.pfx` extensions), such as TLS/SSL certificates.", "stars": "160"}, {"name": "testssl.sh", "url": "https://github.com/drwetter/testssl.sh", "description": "Command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.", "stars": "8.8k"}, {"name": "tls\\_prober", "url": "https://github.com/WestpointLtd/tls_prober", "description": "Fingerprint a server's SSL/TLS implementation.", "stars": "265"}, {"name": "tlsmate", "url": "https://gitlab.com/guballa/tlsmate", "description": "Framework to create arbitrary TLS test cases. Comes with a TLS server scanner plugin."}], "notes": []}, {"name": "Pentest \u2014 Secure Shell Tools", "entries": [{"name": "ssh-audit", "url": "https://github.com/jtesta/ssh-audit", "description": "SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc).", "stars": "4k"}], "notes": []}, {"name": "Pentest \u2014 Wireless Network Tools", "entries": [{"name": "Aircrack-ng", "url": "http://www.aircrack-ng.org/", "description": "Set of tools for auditing wireless networks."}, {"name": "Airgeddon", "url": "https://github.com/v1s1t0r1sh3r3/airgeddon", "description": "Multi-use bash script for Linux systems to audit wireless networks.", "stars": "7.4k"}, {"name": "BoopSuite", "url": "https://github.com/MisterBianco/BoopSuite", "description": "Suite of tools written in Python for wireless auditing."}, {"name": "Bully", "url": "http://git.kali.org/gitweb/?p=packages/bully.git;a=summary", "description": "Implementation of the WPS brute force attack, written in C."}, {"name": "Cowpatty", "url": "https://github.com/joswr1ght/cowpatty", "description": "Brute-force dictionary attack against WPA-PSK.", "stars": "227"}, {"name": "Fluxion", "url": "https://github.com/FluxionNetwork/fluxion", "description": "Suite of automated social engineering based WPA attacks.", "stars": "5.5k"}, {"name": "KRACK Detector", "url": "https://github.com/securingsam/krackdetector", "description": "Detect and prevent KRACK attacks in your network.", "stars": "183"}, {"name": "Kismet", "url": "https://kismetwireless.net/", "description": "Wireless network detector, sniffer, and IDS."}, {"name": "PSKracker", "url": "https://github.com/soxrok2212/PSKracker", "description": "Collection of WPA/WPA2/WPS default algorithms, password generators, and PIN generators written in C.", "stars": "425"}, {"name": "Reaver", "url": "https://code.google.com/archive/p/reaver-wps", "description": "Brute force attack against WiFi Protected Setup."}, {"name": "WiFi Pineapple", "url": "https://www.wifipineapple.com/", "description": "Wireless auditing and penetration testing platform."}, {"name": "WiFi-Pumpkin", "url": "https://github.com/P0cL4bs/WiFi-Pumpkin", "description": "Framework for rogue Wi-Fi access point attack.", "stars": "3.1k"}, {"name": "Wifite", "url": "https://github.com/derv82/wifite", "description": "Automated wireless attack tool.", "stars": "3.6k"}, {"name": "infernal-twin", "url": "https://github.com/entropy1337/infernal-twin", "description": "Automated wireless hacking tool.", "stars": "1.3k"}, {"name": "krackattacks-scripts", "url": "https://github.com/vanhoefm/krackattacks-scripts", "description": "WPA2 Krack attack scripts.", "stars": "3.5k"}, {"name": "pwnagotchi", "url": "https://github.com/evilsocket/pwnagotchi", "description": "Deep reinforcement learning based AI that learns from the Wi-Fi environment and instruments BetterCAP in order to maximize the WPA key material captured.", "stars": "8.8k"}, {"name": "wifi-arsenal", "url": "https://github.com/0x90/wifi-arsenal", "description": "Resources for Wi-Fi Pentesting.", "stars": "2.1k"}, {"name": "celerystalk", "url": "https://github.com/sethsec/celerystalk", "description": "Asynchronous enumeration and vulnerability scanner that \"runs all the tools on all the hosts\" in a configurable manner.", "stars": "401"}, {"name": "kube-hunter", "url": "https://kube-hunter.aquasec.com/", "description": "Open-source tool that runs a set of tests (\"hunters\") for security issues in Kubernetes clusters from either outside (\"attacker's view\") or inside a cluster."}, {"name": "Nessus", "url": "https://www.tenable.com/products/nessus-vulnerability-scanner", "description": "Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable."}, {"name": "Netsparker Application Security Scanner", "url": "https://www.netsparker.com/pricing/", "description": "Application security scanner to automatically find security flaws."}, {"name": "Nexpose", "url": "https://www.rapid7.com/products/nexpose/", "description": "Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7."}, {"name": "OpenVAS", "url": "http://www.openvas.org/", "description": "Free software implementation of the popular Nessus vulnerability assessment system."}, {"name": "Vuls", "url": "https://github.com/future-architect/vuls", "description": "Agentless vulnerability scanner for GNU/Linux and FreeBSD, written in Go.", "stars": "12k"}], "notes": []}, {"name": "Pentest \u2014 Web Vulnerability Scanners", "entries": [{"name": "ACSTIS", "url": "https://github.com/tijme/angularjs-csti-scanner", "description": "Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.", "stars": "326"}, {"name": "Arachni", "url": "http://www.arachni-scanner.com/", "description": "Scriptable framework for evaluating the security of web applications."}, {"name": "JCS", "url": "https://github.com/TheM4hd1/JCS", "description": "Joomla Vulnerability Component Scanner with automatic database updater from exploitdb and packetstorm.", "stars": "62"}, {"name": "Nikto", "url": "https://github.com/sullo/nikto", "description": "Noisy but fast black box web server and web application vulnerability scanner.", "stars": "9.9k"}, {"name": "SQLmate", "url": "https://github.com/UltimateHackers/sqlmate", "description": "Friend of `sqlmap` that identifies SQLi vulnerabilities based on a given dork and (optional) website.", "stars": "447"}, {"name": "SecApps", "url": "https://secapps.com/", "description": "In-browser web application security testing suite."}, {"name": "WPScan", "url": "https://wpscan.org/", "description": "Black box WordPress vulnerability scanner."}, {"name": "Wapiti", "url": "http://wapiti.sourceforge.net/", "description": "Black box web application vulnerability scanner with built-in fuzzer."}, {"name": "WebReaver", "url": "https://www.webreaver.com/", "description": "Commercial, graphical web application vulnerability scanner designed for macOS."}, {"name": "cms-explorer", "url": "https://code.google.com/archive/p/cms-explorer/", "description": "Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running."}, {"name": "joomscan", "url": "https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project", "description": "Joomla vulnerability scanner."}, {"name": "skipfish", "url": "https://www.kali.org/tools/skipfish/", "description": "Performant and adaptable active web application security reconnaissance tool."}, {"name": "w3af", "url": "https://github.com/andresriancho/w3af", "description": "Web application attack and audit framework.", "stars": "4.8k"}, {"name": "nuclei", "url": "https://github.com/projectdiscovery/nuclei", "description": "Fast and customizable vulnerability scanner based on simple YAML based DSL.", "stars": "26k"}], "notes": []}, {"name": "Pentest \u2014 Online Operating Systems Resources", "entries": [{"name": "DistroWatch.com's Security Category", "url": "https://distrowatch.com/search.php?category=Security", "description": "Website dedicated to talking about, reviewing, and keeping up to date with open source operating systems."}], "notes": []}, {"name": "Pentest \u2014 Online Penetration Testing Resources", "entries": [{"name": "MITRE's Adversarial Tactics, Techniques & Common Knowledge (ATT\\&CK)", "url": "https://attack.mitre.org/", "description": "Curated knowledge base and model for cyber adversary behavior."}, {"name": "Metasploit Unleashed", "url": "https://www.offensive-security.com/metasploit-unleashed/", "description": "Free Offensive Security Metasploit course."}, {"name": "Open Web Application Security Project (OWASP)", "url": "https://www.owasp.org/index.php/Main_Page", "description": "Worldwide not-for-profit charitable organization focused on improving the security of especially Web-based and Application-layer software."}, {"name": "PENTEST-WIKI", "url": "https://github.com/nixawk/pentest-wiki", "description": "Free online security knowledge library for pentesters and researchers.", "stars": "3.7k"}, {"name": "Penetration Testing Execution Standard (PTES)", "url": "http://www.pentest-standard.org/", "description": "Documentation designed to provide a common language and scope for performing and reporting the results of a penetration test."}, {"name": "Penetration Testing Framework (PTF)", "url": "http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html", "description": "Outline for performing penetration tests compiled as a general framework usable by vulnerability analysts and penetration testers alike."}, {"name": "Client XSS Introduction", "url": "https://domgo.at/cxss/intro", "description": "Comprehensive introduction to client-side cross-site scripting (XSS) attacks."}], "notes": []}, {"name": "Pentest \u2014 Other Lists Online", "entries": [{"name": ".NET Programming", "url": "https://github.com/quozd/awesome-dotnet", "description": "Software framework for Microsoft Windows platform development.", "stars": "21k"}, {"name": "Infosec/hacking videos recorded by cooper", "url": "https://administraitor.video", "description": "Collection of security conferences recorded by Cooper."}, {"name": "Android Exploits", "url": "https://github.com/sundaysec/Android-Exploits", "description": "Guide on Android Exploitation and Hacks.", "stars": "946"}, {"name": "Android Security", "url": "https://github.com/ashishb/android-security-awesome", "description": "Collection of Android security related resources.", "stars": "9k"}, {"name": "AppSec", "url": "https://github.com/paragonie/awesome-appsec", "description": "Resources for learning about application security.", "stars": "6.8k"}, {"name": "Awesome Awesomeness", "url": "https://github.com/bayandin/awesome-awesomeness", "description": "The List of the Lists.", "stars": "33k"}, {"name": "Awesome Malware", "url": "https://github.com/fabacab/awesome-malware", "description": "Curated collection of awesome malware, botnets, and other post-exploitation tools.", "stars": "264"}, {"name": "Awesome Shodan Queries", "url": "https://github.com/jakejarvis/awesome-shodan-queries", "description": "Awesome list of useful, funny, and depressing search queries for Shodan.", "stars": "7k"}, {"name": "Awesome Censys Queries", "url": "https://github.com/thehappydinoa/awesome-censys-queries", "description": "A collection of fascinating and bizarre Censys Search Queries.", "stars": "1.2k"}, {"name": "AWS Tool Arsenal", "url": "https://github.com/toniblyx/my-arsenal-of-aws-security-tools", "description": "List of tools for testing and securing AWS environments.", "stars": "9.4k"}, {"name": "Blue Team", "url": "https://github.com/fabacab/awesome-cybersecurity-blueteam", "description": "Awesome resources, tools, and other shiny things for cybersecurity blue teams.", "stars": "5k"}, {"name": "C/C++ Programming", "url": "https://github.com/fffaraz/awesome-cpp", "description": "One of the main language for open source security tools.", "stars": "68k"}, {"name": "CTFs", "url": "https://github.com/apsdehal/awesome-ctf", "description": "Capture The Flag frameworks, libraries, etc.", "stars": "11k"}, {"name": "Forensics", "url": "https://github.com/Cugu/awesome-forensics", "description": "Free (mostly open source) forensic analysis tools and resources.", "stars": "4.7k"}, {"name": "Hacking", "url": "https://github.com/carpedm20/awesome-hacking", "description": "Tutorials, tools, and resources.", "stars": "15k"}, {"name": "Honeypots", "url": "https://github.com/paralax/awesome-honeypots", "description": "Honeypots, tools, components, and more.", "stars": "10k"}, {"name": "InfoSec \u00a7 Hacking challenges", "url": "https://github.com/AnarchoTechNYC/meta/wiki/InfoSec#hacking-challenges", "description": "Comprehensive directory of CTFs, wargames, hacking challenge websites, pentest practice lab exercises, and more.", "stars": "506"}, {"name": "Infosec", "url": "https://github.com/onlurking/awesome-infosec", "description": "Information security resources for pentesting, forensics, and more.", "stars": "5.5k"}, {"name": "JavaScript Programming", "url": "https://github.com/sorrycc/awesome-javascript", "description": "In-browser development and scripting.", "stars": "35k"}, {"name": "Kali Linux Tools", "url": "http://tools.kali.org/tools-listing", "description": "List of tools present in Kali Linux."}, {"name": "Node.js Programming by @sindresorhus", "url": "https://github.com/sindresorhus/awesome-nodejs", "description": "Curated list of delightful Node.js packages and resources.", "stars": "64k"}, {"name": "Pentest Cheat Sheets", "url": "https://github.com/ByteSnipers/awesome-pentest-cheat-sheets", "description": "Awesome Pentest Cheat Sheets.", "stars": "531"}, {"name": "Python Programming by @svaksha", "url": "https://github.com/svaksha/pythonidae", "description": "General Python programming.", "stars": "1k"}, {"name": "Python Programming by @vinta", "url": "https://github.com/vinta/awesome-python", "description": "General Python programming.", "stars": "274k"}, {"name": "Python tools for penetration testers", "url": "https://github.com/dloss/python-pentest-tools", "description": "Lots of pentesting tools are written in Python.", "stars": "2.8k"}, {"name": "Rawsec's CyberSecurity Inventory", "url": "https://inventory.raw.pm/", "description": "An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. ([Source](https://gitlab.com/rawsec/rawsec-cybersecurity-list))"}, {"name": "Red Teaming", "url": "https://github.com/yeyintminthuhtut/Awesome-Red-Teaming", "description": "List of Awesome Red Teaming Resources.", "stars": "7.6k"}, {"name": "Ruby Programming by @Sdogruyol", "url": "https://github.com/Sdogruyol/awesome-ruby", "description": "The de-facto language for writing exploits.", "stars": "1.3k"}, {"name": "Ruby Programming by @dreikanter", "url": "https://github.com/dreikanter/ruby-bookmarks", "description": "The de-facto language for writing exploits.", "stars": "2.3k"}, {"name": "Ruby Programming by @markets", "url": "https://github.com/markets/awesome-ruby", "description": "The de-facto language for writing exploits.", "stars": "14k"}, {"name": "SecLists", "url": "https://github.com/danielmiessler/SecLists", "description": "Collection of multiple types of lists used during security assessments.", "stars": "67k"}, {"name": "SecTools", "url": "http://sectools.org/", "description": "Top 125 Network Security Tools."}, {"name": "Security Talks", "url": "https://github.com/PaulSec/awesome-sec-talks", "description": "Curated list of security conferences.", "stars": "4.2k"}, {"name": "Security", "url": "https://github.com/sbilly/awesome-security", "description": "Software, libraries, documents, and other resources.", "stars": "14k"}, {"name": "Serverless Security", "url": "https://github.com/puresec/awesome-serverless-security/", "description": "Curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.", "stars": "625"}, {"name": "Shell Scripting", "url": "https://github.com/alebcay/awesome-shell", "description": "Command line frameworks, toolkits, guides and gizmos.", "stars": "36k"}, {"name": "YARA", "url": "https://github.com/InQuest/awesome-yara", "description": "YARA rules, tools, and people.", "stars": "4.1k"}, {"name": "Awesome ElectronJS Hacking", "url": "https://github.com/doyensec/awesome-electronjs-hacking", "description": "A curated list of awesome resources about Electron.js (in)security", "stars": "653"}], "notes": []}, {"name": "Pentest \u2014 Penetration Testing Report Templates", "entries": [{"name": "Public Pentesting Reports", "url": "https://github.com/juliocesarfort/public-pentesting-reports", "description": "Curated list of public penetration test reports released by several consulting firms and academic security groups.", "stars": "9.3k"}, {"name": "Pentest reports", "url": "https://pentestreports.com", "description": "Information hub with list of public penetration test reports, companies, tools and vulnerabilities all in one place."}, {"name": "T\\&VS Pentesting Report Template", "url": "https://www.testandverification.com/wp-content/uploads/template-penetration-testing-report-v03.pdf", "description": "Pentest report template provided by Test and Verification Services, Ltd."}, {"name": "Web Application Security Assessment Report Template", "url": "http://lucideus.com/pdf/stw.pdf", "description": "Sample Web application security assessment reporting template provided by Lucideus."}, {"name": "DataSploit", "url": "https://github.com/upgoingstar/datasploit", "description": "OSINT visualizer utilizing Shodan, Censys, Clearbit, EmailHunter, FullContact, and Zoomeye behind the scenes.", "stars": "3.2k"}, {"name": "Depix", "url": "https://github.com/beurtschipper/Depix", "description": "Tool for recovering passwords from pixelized screenshots (by de-pixelating text).", "stars": "3.7k"}, {"name": "GyoiThon", "url": "https://github.com/gyoisamurai/GyoiThon", "description": "GyoiThon is an Intelligence Gathering tool using Machine Learning.", "stars": "800"}, {"name": "Intrigue", "url": "http://intrigue.io", "description": "Automated OSINT & Attack Surface discovery framework with powerful API, UI and CLI."}, {"name": "Maltego", "url": "http://www.maltego.com/", "description": "Proprietary software for open sources intelligence and forensics."}, {"name": "PacketTotal", "url": "https://packettotal.com/", "description": "Simple, free, high-quality packet capture file analysis facilitating the quick detection of network-borne malware (using Zeek and Suricata IDS signatures under the hood)."}, {"name": "Skiptracer", "url": "https://github.com/xillwillx/skiptracer", "description": "OSINT scraping framework that utilizes basic Python webscraping (BeautifulSoup) of PII paywall sites to compile passive information on a target on a ramen noodle budget.", "stars": "1.1k"}, {"name": "Sn1per", "url": "https://github.com/1N3/Sn1per", "description": "Automated Pentest Recon Scanner.", "stars": "9.3k"}, {"name": "Spiderfoot", "url": "http://www.spiderfoot.net/", "description": "Multi-source OSINT automation tool with a Web UI and report visualizations."}, {"name": "creepy", "url": "https://github.com/ilektrojohn/creepy", "description": "Geolocation OSINT tool.", "stars": "1.4k"}, {"name": "gOSINT", "url": "https://github.com/Nhoya/gOSINT", "description": "OSINT tool with multiple modules and a telegram scraper.", "stars": "654"}, {"name": "image-match", "url": "https://github.com/ascribe/image-match", "description": "Quickly search over billions of images.", "stars": "3k"}, {"name": "recon-ng", "url": "https://github.com/lanmaster53/recon-ng", "description": "Full-featured Web Reconnaissance framework written in Python.", "stars": "5.2k"}, {"name": "sn0int", "url": "https://github.com/kpcyrd/sn0int", "description": "Semi-automatic OSINT framework and package manager.", "stars": "2.3k"}, {"name": "Keyscope", "url": "https://github.com/SpectralOps/keyscope", "description": "An extensible key and secret validation for auditing active secrets against multiple SaaS vendors.", "stars": "410"}, {"name": "Facebook Friend List Scraper", "url": "https://github.com/narkopolo/fb_friend_list_scraper", "description": "Tool to scrape names and usernames from large friend lists on Facebook, without being rate limited.", "stars": "303"}], "notes": []}, {"name": "Pentest \u2014 Data Broker and Search Engine Services", "entries": [{"name": "Hunter.io", "url": "https://hunter.io/", "description": "Data broker providing a Web search interface for discovering the email addresses and other organizational details of a company."}, {"name": "Threat Crowd", "url": "https://www.threatcrowd.org/", "description": "Search engine for threats."}, {"name": "Virus Total", "url": "https://www.virustotal.com/", "description": "Free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware."}, {"name": "surfraw", "url": "https://github.com/kisom/surfraw", "description": "Fast UNIX command line interface to a variety of popular WWW search engines.", "stars": "73"}], "notes": []}, {"name": "Pentest \u2014 Dorking tools", "entries": [{"name": "BinGoo", "url": "https://github.com/Hood3dRob1n/BinGoo", "description": "GNU/Linux bash based Bing and Google Dorking Tool.", "stars": "233"}, {"name": "dorkbot", "url": "https://github.com/utiso/dorkbot", "description": "Command-line tool to scan Google (or other) search results for vulnerabilities.", "stars": "535"}, {"name": "github-dorks", "url": "https://github.com/techgaun/github-dorks", "description": "CLI tool to scan GitHub repos/organizations for potential sensitive information leaks.", "stars": "3.1k"}, {"name": "GooDork", "url": "https://github.com/k3170makan/GooDork", "description": "Command line Google dorking tool.", "stars": "139"}, {"name": "Google Hacking Database", "url": "https://www.exploit-db.com/google-hacking-database/", "description": "Database of Google dorks; can be used for recon."}, {"name": "dork-cli", "url": "https://github.com/jgor/dork-cli", "description": "Command line Google dork tool.", "stars": "150"}, {"name": "dorks", "url": "https://github.com/USSCltd/dorks", "description": "Google hack database automation tool.", "stars": "203"}, {"name": "fast-recon", "url": "https://github.com/DanMcInerney/fast-recon", "description": "Perform Google dorks against a domain.", "stars": "165"}, {"name": "pagodo", "url": "https://github.com/opsdisk/pagodo", "description": "Automate Google Hacking Database scraping.", "stars": "3.2k"}, {"name": "snitch", "url": "https://github.com/Smaash/snitch", "description": "Information gathering via dorks.", "stars": "397"}], "notes": []}, {"name": "Pentest \u2014 Email search and analysis tools", "entries": [{"name": "SimplyEmail", "url": "https://github.com/SimplySecurity/SimplyEmail", "description": "Email recon made fast and easy.", "stars": "953"}, {"name": "WhatBreach", "url": "https://github.com/Ekultek/WhatBreach", "description": "Search email addresses and discover all known breaches that this email has been seen in, and download the breached database if it is publicly available.", "stars": "1.5k"}], "notes": []}, {"name": "Pentest \u2014 Metadata harvesting and analysis", "entries": [{"name": "FOCA (Fingerprinting Organizations with Collected Archives)", "url": "https://www.elevenpaths.com/labstools/foca/", "description": "Automated document harvester that searches Google, Bing, and DuckDuckGo to find and extrapolate internal company organizational structures."}, {"name": "metagoofil", "url": "https://github.com/laramies/metagoofil", "description": "Metadata harvester.", "stars": "1.2k"}, {"name": "theHarvester", "url": "https://github.com/laramies/theHarvester", "description": "E-mail, subdomain and people names harvester.", "stars": "15k"}], "notes": []}, {"name": "Pentest \u2014 Network device discovery tools", "entries": [{"name": "Censys", "url": "https://www.censys.io/", "description": "Collects data on hosts and websites through daily ZMap and ZGrab scans."}, {"name": "Shodan", "url": "https://www.shodan.io/", "description": "World's first search engine for Internet-connected devices."}, {"name": "ZoomEye", "url": "https://www.zoomeye.org/", "description": "Search engine for cyberspace that lets the user find specific network components."}], "notes": []}, {"name": "Pentest \u2014 OSINT Online Resources", "entries": [{"name": "CertGraph", "url": "https://github.com/lanrat/certgraph", "description": "Crawls a domain's SSL/TLS certificates for its certificate alternative names.", "stars": "361"}, {"name": "GhostProject", "url": "https://ghostproject.fr/", "description": "Searchable database of billions of cleartext passwords, partially visible for free."}, {"name": "NetBootcamp OSINT Tools", "url": "http://netbootcamp.org/osinttools/", "description": "Collection of OSINT links and custom Web interfaces to other services."}, {"name": "OSINT Framework", "url": "http://osintframework.com/", "description": "Collection of various OSINT tools broken out by category."}, {"name": "WiGLE.net", "url": "https://wigle.net/", "description": "Information about wireless networks world-wide, with user-friendly desktop and web applications."}], "notes": []}, {"name": "Pentest \u2014 Source code repository searching tools", "entries": [{"name": "vcsmap", "url": "https://github.com/melvinsh/vcsmap", "description": "Plugin-based tool to scan public version control systems for sensitive information.", "stars": "143"}, {"name": "Yar", "url": "https://github.com/Furduhlutur/yar", "description": "Clone git repositories to search through the whole commit history in order of commit time for secrets, tokens, or passwords.", "stars": "239"}], "notes": []}, {"name": "Pentest \u2014 Web application and resource analysis tools", "entries": [{"name": "BlindElephant", "url": "http://blindelephant.sourceforge.net/", "description": "Web application fingerprinter."}, {"name": "EyeWitness", "url": "https://github.com/ChrisTruncer/EyeWitness", "description": "Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.", "stars": "51"}, {"name": "GraphQL Voyager", "url": "https://graphql-kit.com/graphql-voyager/", "description": "Represent any GraphQL API as an interactive graph, letting you explore data models from any Web site with a GraphQL query endpoint."}, {"name": "VHostScan", "url": "https://github.com/codingo/VHostScan", "description": "Virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.", "stars": "1.3k"}, {"name": "Wappalyzer", "url": "https://www.wappalyzer.com/", "description": "Wappalyzer uncovers the technologies used on websites."}, {"name": "WhatWaf", "url": "https://github.com/Ekultek/WhatWaf", "description": "Detect and bypass web application firewalls and protection systems.", "stars": "2.9k"}, {"name": "WhatWeb", "url": "https://github.com/urbanadventurer/WhatWeb", "description": "Website fingerprinter.", "stars": "6.3k"}, {"name": "wafw00f", "url": "https://github.com/EnableSecurity/wafw00f", "description": "Identifies and fingerprints Web Application Firewall (WAF) products.", "stars": "6.1k"}, {"name": "webscreenshot", "url": "https://github.com/maaaaz/webscreenshot", "description": "Simple script to take screenshots of websites from a list of sites.", "stars": "678"}, {"name": "Android Tamer", "url": "https://androidtamer.com/", "description": "Distribution built for Android security professionals that includes tools required for Android security testing."}, {"name": "ArchStrike", "url": "https://archstrike.org/", "description": "Arch GNU/Linux repository for security professionals and enthusiasts."}, {"name": "AttifyOS", "url": "https://github.com/adi0x90/attifyos", "description": "GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.", "stars": "1k"}, {"name": "BlackArch", "url": "https://www.blackarch.org/", "description": "Arch GNU/Linux-based distribution for penetration testers and security researchers."}, {"name": "Buscador", "url": "https://inteltechniques.com/buscador/", "description": "GNU/Linux virtual machine that is pre-configured for online investigators."}, {"name": "Kali", "url": "https://www.kali.org/", "description": "Rolling Debian-based GNU/Linux distribution designed for penetration testing and digital forensics."}, {"name": "Network Security Toolkit (NST)", "url": "http://networksecuritytoolkit.org/", "description": "Fedora-based GNU/Linux bootable live Operating System designed to provide easy access to best-of-breed open source network security applications."}, {"name": "Parrot", "url": "https://parrotlinux.org/", "description": "Distribution similar to Kali, with support for multiple hardware architectures."}, {"name": "PentestBox", "url": "https://pentestbox.org/", "description": "Open source pre-configured portable penetration testing environment for the Windows Operating System."}, {"name": "The Pentesters Framework", "url": "https://github.com/trustedsec/ptf", "description": "Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that omits less frequently used utilities.", "stars": "5.4k"}, {"name": "2600: The Hacker Quarterly", "url": "https://www.2600.com/Magazine/DigitalEditions", "description": "American publication about technology and computer \"underground\" culture."}, {"name": "Phrack Magazine", "url": "http://www.phrack.org/", "description": "By far the longest running hacker zine."}, {"name": "AT Commands", "url": "https://atcommands.org/", "description": "Use AT commands over an Android device's USB port to rewrite device firmware, bypass security mechanisms, exfiltrate sensitive information, perform screen unlocks, and inject touch events."}, {"name": "Bash Bunny", "url": "https://www.hak5.org/gear/bash-bunny", "description": "Local exploit delivery tool in the form of a USB thumbdrive in which you write payloads in a DSL called BunnyScript."}, {"name": "LAN Turtle", "url": "https://lanturtle.com/", "description": "Covert \"USB Ethernet Adapter\" that provides remote access, network intelligence gathering, and MITM capabilities when installed in a local network."}, {"name": "PCILeech", "url": "https://github.com/ufrisk/pcileech", "description": "Uses PCIe hardware devices to read and write from the target system memory via Direct Memory Access (DMA) over PCIe.", "stars": "7.3k"}, {"name": "Packet Squirrel", "url": "https://www.hak5.org/gear/packet-squirrel", "description": "Ethernet multi-tool designed to enable covert remote access, painless packet captures, and secure VPN connections with the flip of a switch."}, {"name": "Poisontap", "url": "https://samy.pl/poisontap/", "description": "Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers."}, {"name": "Proxmark3", "url": "https://proxmark3.com/", "description": "RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more."}, {"name": "Thunderclap", "url": "https://thunderclap.io/", "description": "Open source I/O security research platform for auditing physical DMA-enabled hardware peripheral ports."}, {"name": "USB Rubber Ducky", "url": "http://usbrubberducky.com/", "description": "Customizable keystroke injection attack platform masquerading as a USB thumbdrive."}, {"name": "Active Directory and Privilege Escalation (ADAPE)", "url": "https://github.com/hausec/ADAPE-Script", "description": "Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.", "stars": "1.1k"}, {"name": "GTFOBins", "url": "https://gtfobins.github.io/", "description": "Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems."}, {"name": "LOLBAS (Living Off The Land Binaries and Scripts)", "url": "https://lolbas-project.github.io/", "description": "Documents binaries, scripts, and libraries that can be used for \"Living Off The Land\" techniques, i.e., binaries that can be used by an attacker to perform actions beyond their original purpose."}, {"name": "LinEnum", "url": "https://github.com/rebootuser/LinEnum", "description": "Scripted local Linux enumeration and privilege escalation checker useful for auditing a host and during CTF gaming.", "stars": "7.8k"}, {"name": "Postenum", "url": "https://github.com/mbahadou/postenum", "description": "Shell script used for enumerating possible privilege escalation opportunities on a local GNU/Linux system.", "stars": "289"}, {"name": "unix-privesc-check", "url": "https://github.com/pentestmonkey/unix-privesc-check", "description": "Shell script to check for simple privilege escalation vectors on UNIX systems.", "stars": "1.1k"}, {"name": "mcafee-xpass", "url": "https://github.com/SujalMeghwal/mcafee-xpass", "description": "Decrypts encrypted administrator passwords from McAfee `Sitelist.xml` files using known XOR + 3DES logic. Useful for Red Team privilege escalation and forensic recovery.", "stars": "1"}], "notes": []}, {"name": "Pentest \u2014 Password Spraying Tools", "entries": [{"name": "DomainPasswordSpray", "url": "https://github.com/dafthack/DomainPasswordSpray", "description": "Tool written in PowerShell to perform a password spray attack against users of a domain.", "stars": "2k"}, {"name": "SprayingToolkit", "url": "https://github.com/byt3bl33d3r/SprayingToolkit", "description": "Scripts to make password spraying attacks against Lync/S4B, Outlook Web Access (OWA) and Office 365 (O365) a lot quicker, less painful and more efficient.", "stars": "1.5k"}], "notes": []}, {"name": "Pentest \u2014 Reverse Engineering Books", "entries": [{"name": "Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015", "url": "http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386", "description": ""}, {"name": "Hacking the Xbox by Andrew Huang, 2003", "url": "https://nostarch.com/xbox.htm", "description": ""}, {"name": "Practical Reverse Engineering by Bruce Dang et al., 2014", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html", "description": ""}, {"name": "Reverse Engineering for Beginners by Dennis Yurichev", "url": "http://beginners.re/", "description": ""}, {"name": "The IDA Pro Book by Chris Eagle, 2011", "url": "https://nostarch.com/idapro2.htm", "description": ""}], "notes": []}, {"name": "Pentest \u2014 Reverse Engineering Tools", "entries": [{"name": "angr", "url": "https://angr.io/", "description": "Platform-agnostic binary analysis framework."}, {"name": "Capstone", "url": "http://www.capstone-engine.org/", "description": "Lightweight multi-platform, multi-architecture disassembly framework."}, {"name": "Detect It Easy(DiE)", "url": "https://github.com/horsicq/Detect-It-Easy", "description": "Program for determining types of files for Windows, Linux and MacOS.", "stars": "9.8k"}, {"name": "Evan's Debugger", "url": "http://www.codef00.com/projects#debugger", "description": "OllyDbg-like debugger for GNU/Linux."}, {"name": "Frida", "url": "https://www.frida.re/", "description": "Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers."}, {"name": "Fridax", "url": "https://github.com/NorthwaveNL/fridax", "description": "Read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.", "stars": "175"}, {"name": "Ghidra", "url": "https://www.ghidra-sre.org/", "description": "Suite of free software reverse engineering tools developed by NSA's Research Directorate originally exposed in WikiLeaks's \"Vault 7\" publication and now maintained as open source software."}, {"name": "Immunity Debugger", "url": "https://immunityinc.com/products/debugger/", "description": "Powerful way to write exploits and analyze malware."}, {"name": "Interactive Disassembler (IDA Pro)", "url": "https://www.hex-rays.com/products/ida/", "description": "Proprietary multi-processor disassembler and debugger for Windows, GNU/Linux, or macOS; also has a free version, [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware.shtml)."}, {"name": "Medusa", "url": "https://github.com/wisk/medusa", "description": "Open source, cross-platform interactive disassembler.", "stars": "1.1k"}, {"name": "OllyDbg", "url": "http://www.ollydbg.de/", "description": "x86 debugger for Windows binaries that emphasizes binary code analysis."}, {"name": "PyREBox", "url": "https://github.com/Cisco-Talos/pyrebox", "description": "Python scriptable Reverse Engineering sandbox by Cisco-Talos.", "stars": "1.7k"}, {"name": "Radare2", "url": "http://rada.re/r/index.html", "description": "Open source, crossplatform reverse engineering framework."}, {"name": "UEFITool", "url": "https://github.com/LongSoft/UEFITool", "description": "UEFI firmware image viewer and editor.", "stars": "5.2k"}, {"name": "Voltron", "url": "https://github.com/snare/voltron", "description": "Extensible debugger UI toolkit written in Python.", "stars": "6.3k"}, {"name": "WDK/WinDbg", "url": "https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools", "description": "Windows Driver Kit and WinDbg."}, {"name": "binwalk", "url": "https://github.com/devttys0/binwalk", "description": "Fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.", "stars": "13k"}, {"name": "boxxy", "url": "https://github.com/kpcyrd/boxxy-rs", "description": "Linkable sandbox explorer.", "stars": "83"}, {"name": "dnSpy", "url": "https://github.com/0xd4d/dnSpy", "description": "Tool to reverse engineer .NET assemblies.", "stars": "29k"}, {"name": "plasma", "url": "https://github.com/joelpx/plasma", "description": "Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.", "stars": "3.1k"}, {"name": "pwndbg", "url": "https://github.com/pwndbg/pwndbg", "description": "GDB plug-in that eases debugging with GDB, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers, and exploit developers.", "stars": "9.8k"}, {"name": "rVMI", "url": "https://github.com/fireeye/rVMI", "description": "Debugger on steroids; inspect userspace processes, kernel drivers, and preboot environments in a single tool.", "stars": "359"}, {"name": "x64dbg", "url": "http://x64dbg.com/", "description": "Open source x64/x32 debugger for windows."}, {"name": "Brida", "url": "https://github.com/federicodotta/Brida", "description": "Burp Suite extension that, working as a bridge between Burp and Frida, lets you use and manipulate applications' own methods while tampering the traffic exchanged between the applications and their back-end services.", "stars": "1.8k"}, {"name": "ARIZONA CYBER WARFARE RANGE", "url": "http://azcwr.org/", "description": "24x7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare."}, {"name": "Cybrary", "url": "http://cybrary.it", "description": "Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book 'Penetration Testing for Highly Secured Environments'."}, {"name": "European Union Agency for Network and Information Security", "url": "https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material", "description": "ENISA Cyber Security Training material."}, {"name": "Offensive Security Training", "url": "https://www.offensive-security.com/information-security-training/", "description": "Training from BackTrack/Kali developers."}, {"name": "Open Security Training", "url": "http://opensecuritytraining.info/", "description": "Training material for computer security classes."}, {"name": "Roppers Academy Training", "url": "https://www.hoppersroppers.org/training.html", "description": "Free courses on computing and security fundamentals designed to train a beginner to crush their first CTF."}, {"name": "SANS Security Training", "url": "http://www.sans.org/", "description": "Computer Security Training & Certification."}, {"name": "Exploit Writing Tutorials", "url": "https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/", "description": "Tutorials on how to develop exploits."}, {"name": "Shellcode Examples", "url": "http://shell-storm.org/shellcode/", "description": "Shellcodes database."}, {"name": "Shellcode Tutorial", "url": "http://www.vividmachines.com/shellcode/shellcode.html", "description": "Tutorial on how to write shellcode."}, {"name": "The Shellcoder's Handbook by Chris Anley et al., 2007", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html", "description": ""}, {"name": "ChipWhisperer", "url": "http://chipwhisperer.com", "description": "Complete open-source toolchain for side-channel power analysis and glitching attacks."}, {"name": "SGX-Step", "url": "https://github.com/jovanbulck/sgx-step", "description": "Open-source framework to facilitate side-channel attack research on Intel x86 processors in general and Intel SGX (Software Guard Extensions) platforms in particular.", "stars": "466"}, {"name": "TRRespass", "url": "https://github.com/vusec/trrespass", "description": "Many-sided rowhammer tool suite able to reverse engineer the contents of DDR3 and DDR4 memory chips protected by Target Row Refresh mitigations.", "stars": "125"}], "notes": []}, {"name": "Pentest \u2014 Social Engineering Books", "entries": [{"name": "Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011", "url": "http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/", "description": ""}, {"name": "No Tech Hacking by Johnny Long & Jack Wiles, 2008", "url": "https://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7", "description": ""}, {"name": "Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014", "url": "https://www.mhprofessional.com/9780071818469-usa-social-engineering-in-it-security-tools-tactics-and-techniques-group", "description": ""}, {"name": "The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html", "description": ""}, {"name": "The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html", "description": ""}, {"name": "Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html", "description": ""}], "notes": []}, {"name": "Pentest \u2014 Social Engineering Online Resources", "entries": [{"name": "Social Engineering Framework", "url": "http://www.social-engineer.org/framework/general-discussion/", "description": "Information resource for social engineers."}], "notes": []}, {"name": "Pentest \u2014 Social Engineering Tools", "entries": [{"name": "Beelogger", "url": "https://github.com/4w4k3/BeeLogger", "description": "Tool for generating keylooger.", "stars": "1.1k"}, {"name": "Catphish", "url": "https://github.com/ring0lab/catphish", "description": "Tool for phishing and corporate espionage written in Ruby.", "stars": "627"}, {"name": "Evilginx2", "url": "https://github.com/kgretzky/evilginx2", "description": "Standalone Machine-in-the-Middle (MitM) reverse proxy attack framework for setting up phishing pages capable of defeating most forms of 2FA security schemes.", "stars": "14k"}, {"name": "FiercePhish", "url": "https://github.com/Raikia/FiercePhish", "description": "Full-fledged phishing framework to manage all phishing engagements.", "stars": "1.4k"}, {"name": "GitPhish", "url": "https://github.com/praetorian-inc/GitPhish", "description": "GitHub Device Code phishing security assessment tool with dynamic device-code generation and automated landing page deployment.", "stars": "185"}, {"name": "Gophish", "url": "https://getgophish.com", "description": "Open-source phishing framework."}, {"name": "King Phisher", "url": "https://github.com/securestate/king-phisher", "description": "Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.", "stars": "2.5k"}, {"name": "Modlishka", "url": "https://github.com/drk1wi/Modlishka", "description": "Flexible and powerful reverse proxy with real-time two-factor authentication.", "stars": "5.2k"}, {"name": "ReelPhish", "url": "https://github.com/fireeye/ReelPhish", "description": "Real-time two-factor phishing tool.", "stars": "524"}, {"name": "Social Engineer Toolkit (SET)", "url": "https://github.com/trustedsec/social-engineer-toolkit", "description": "Open source pentesting framework designed for social engineering featuring a number of custom attack vectors to make believable attacks quickly.", "stars": "14k"}, {"name": "SocialFish", "url": "https://github.com/UndeadSec/SocialFish", "description": "Social media phishing framework that can run on an Android phone or in a Docker container.", "stars": "4.6k"}, {"name": "phishery", "url": "https://github.com/ryhanson/phishery", "description": "TLS/SSL enabled Basic Auth credential harvester.", "stars": "1k"}, {"name": "wifiphisher", "url": "https://github.com/sophron/wifiphisher", "description": "Automated phishing attacks against WiFi networks.", "stars": "14k"}, {"name": "Brakeman", "url": "https://github.com/presidentbeef/brakeman", "description": "Static analysis security vulnerability scanner for Ruby on Rails applications.", "stars": "7.2k"}, {"name": "FindBugs", "url": "http://findbugs.sourceforge.net/", "description": "Free software static analyzer to look for bugs in Java code."}, {"name": "Progpilot", "url": "https://github.com/designsecurity/progpilot", "description": "Static security analysis tool for PHP code.", "stars": "355"}, {"name": "RegEx-DoS", "url": "https://github.com/jagracey/RegEx-DoS", "description": "Analyzes source code for Regular Expressions susceptible to Denial of Service attacks.", "stars": "180"}, {"name": "bandit", "url": "https://pypi.python.org/pypi/bandit/", "description": "Security oriented static analyser for Python code."}, {"name": "cppcheck", "url": "http://cppcheck.sourceforge.net/", "description": "Extensible C/C++ static analyzer focused on finding bugs."}, {"name": "sobelow", "url": "https://github.com/nccgroup/sobelow", "description": "Security-focused static analysis for the Phoenix Framework.", "stars": "1.8k"}, {"name": "cwe\\_checker", "url": "https://github.com/fkie-cad/cwe_checker", "description": "Suite of tools built atop the Binary Analysis Platform (BAP) to heuristically detect CWEs in compiled binaries and firmware.", "stars": "1.3k"}, {"name": "Agentic Radar", "url": "https://github.com/splx-ai/agentic-radar", "description": "Open-source CLI security scanner for agentic AI workflows.", "stars": "831"}, {"name": "Cloakify", "url": "https://github.com/TryCatchHCF/Cloakify", "description": "Textual steganography toolkit that converts any filetype into lists of everyday strings.", "stars": "1.6k"}, {"name": "StegOnline", "url": "https://stegonline.georgeom.net/", "description": "Web-based, enhanced, and open-source port of StegSolve."}, {"name": "StegCracker", "url": "https://github.com/Paradoxis/StegCracker", "description": "Steganography brute-force utility to uncover hidden data inside files.", "stars": "581"}, {"name": "Bugtraq (BID)", "url": "http://www.securityfocus.com/bid/", "description": "Software security bug identification database compiled from submissions to the SecurityFocus mailing list and other sources, operated by Symantec, Inc."}, {"name": "CISA Known Vulnerabilities Database (KEV)", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "description": "Vulnerabilities in various systems already known to America's cyber defense agency, the Cybersecurity and Infrastructure Security Agency, to be actively exploited."}, {"name": "CXSecurity", "url": "https://cxsecurity.com/", "description": "Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability."}, {"name": "China National Vulnerability Database (CNNVD)", "url": "http://www.cnnvd.org.cn/", "description": "Chinese government-run vulnerability database analoguous to the United States's CVE database hosted by Mitre Corporation."}, {"name": "Common Vulnerabilities and Exposures (CVE)", "url": "https://cve.mitre.org/", "description": "Dictionary of common names (i.e., CVE Identifiers) for publicly known security vulnerabilities."}, {"name": "Exploit-DB", "url": "https://www.exploit-db.com/", "description": "Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security."}, {"name": "Full-Disclosure", "url": "http://seclists.org/fulldisclosure/", "description": "Public, vendor-neutral forum for detailed discussion of vulnerabilities, often publishes details before many other sources."}, {"name": "GitHub Advisories", "url": "https://github.com/advisories/", "description": "Public vulnerability advisories published by or affecting codebases hosted by GitHub, including open source projects."}, {"name": "HPI-VDB", "url": "https://hpi-vdb.de/", "description": "Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam."}, {"name": "Inj3ct0r", "url": "https://www.0day.today/", "description": "Exploit marketplace and vulnerability information aggregator. ([Onion service](http://mvfjfugdwgc5uwho.onion/).)"}, {"name": "Microsoft Security Advisories and Bulletins", "url": "https://docs.microsoft.com/en-us/security-updates/", "description": "Archive and announcements of security advisories impacting Microsoft software, published by the Microsoft Security Response Center (MSRC)."}, {"name": "Mozilla Foundation Security Advisories", "url": "https://www.mozilla.org/security/advisories/", "description": "Archive of security advisories impacting Mozilla software, including the Firefox Web Browser."}, {"name": "National Vulnerability Database (NVD)", "url": "https://nvd.nist.gov/", "description": "United States government's National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine."}, {"name": "Open Source Vulnerabilities (OSV)", "url": "https://osv.dev/", "description": "Database of vulnerabilities affecting open source software, queryable by project, Git commit, or version."}, {"name": "Packet Storm", "url": "https://packetstormsecurity.com/files/", "description": "Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry."}, {"name": "SecuriTeam", "url": "http://www.securiteam.com/", "description": "Independent source of software vulnerability information."}, {"name": "Snyk Vulnerability DB", "url": "https://snyk.io/vuln/", "description": "Detailed information and remediation guidance for vulnerabilities known by Snyk."}, {"name": "US-CERT Vulnerability Notes Database", "url": "https://www.kb.cert.org/vuls/", "description": "Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT)."}, {"name": "VulDB", "url": "https://vuldb.com", "description": "Independent vulnerability database with user community, exploit details, and additional meta data (e.g. CPE, CVSS, CWE)"}, {"name": "Vulnerability Lab", "url": "https://www.vulnerability-lab.com/", "description": "Open forum for security advisories organized by category of exploit target."}, {"name": "Vulners", "url": "https://vulners.com/", "description": "Security database of software vulnerabilities."}, {"name": "Vulmon", "url": "https://vulmon.com/", "description": "Vulnerability search engine with vulnerability intelligence features that conducts full text searches in its database."}, {"name": "Zero Day Initiative", "url": "http://zerodayinitiative.com/advisories/published/", "description": "Bug bounty program with publicly accessible archive of published security advisories, operated by TippingPoint."}, {"name": "FuzzDB", "url": "https://github.com/fuzzdb-project/fuzzdb", "description": "Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.", "stars": "8.8k"}, {"name": "Offensive Web Testing Framework (OWTF)", "url": "https://www.owasp.org/index.php/OWASP_OWTF", "description": "Python-based framework for pentesting Web applications based on the OWASP Testing Guide."}, {"name": "Raccoon", "url": "https://github.com/evyatarmeged/Raccoon", "description": "High performance offensive security tool for reconnaissance and vulnerability scanning.", "stars": "3.3k"}, {"name": "WPSploit", "url": "https://github.com/espreto/wpsploit", "description": "Exploit WordPress-powered websites with Metasploit.", "stars": "231"}, {"name": "autochrome", "url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/", "description": "Chrome browser profile preconfigured with appropriate settings needed for web application testing."}, {"name": "authoscope", "url": "https://github.com/kpcyrd/authoscope", "description": "Scriptable network authentication cracker.", "stars": "412"}, {"name": "gobuster", "url": "https://github.com/OJ/gobuster", "description": "Lean multipurpose brute force search/fuzzing tool for Web (and DNS) reconnaissance.", "stars": "13k"}, {"name": "sslstrip2", "url": "https://github.com/LeonardoNve/sslstrip2", "description": "SSLStrip version to defeat HSTS.", "stars": "322"}, {"name": "sslstrip", "url": "https://www.thoughtcrime.org/software/sslstrip/", "description": "Demonstration of the HTTPS stripping attacks."}], "notes": []}, {"name": "Pentest \u2014 Intercepting Web proxies", "entries": [{"name": "Burp Suite", "url": "https://portswigger.net/burp/", "description": "Integrated platform for performing security testing of web applications."}, {"name": "Fiddler", "url": "https://www.telerik.com/fiddler", "description": "Free cross-platform web debugging proxy with user-friendly companion tools."}, {"name": "OWASP Zed Attack Proxy (ZAP)", "url": "https://www.zaproxy.org/", "description": "Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications."}, {"name": "mitmproxy", "url": "https://mitmproxy.org/", "description": "Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers."}], "notes": []}, {"name": "Pentest \u2014 Web file inclusion tools", "entries": [{"name": "Kadimus", "url": "https://github.com/P0cL4bs/Kadimus", "description": "LFI scan and exploit tool.", "stars": "554"}, {"name": "LFISuite", "url": "https://github.com/D35m0nd142/LFISuite", "description": "Automatic LFI scanner and exploiter.", "stars": "1.9k"}, {"name": "fimap", "url": "https://github.com/kurobeats/fimap", "description": "Find, prepare, audit, exploit and even Google automatically for LFI/RFI bugs.", "stars": "573"}, {"name": "liffy", "url": "https://github.com/hvqzao/liffy", "description": "LFI exploitation tool.", "stars": "128"}], "notes": []}, {"name": "Pentest \u2014 Web injection tools", "entries": [{"name": "Commix", "url": "https://github.com/commixproject/commix", "description": "Automated all-in-one operating system command injection and exploitation tool.", "stars": "5.6k"}, {"name": "NoSQLmap", "url": "https://github.com/codingo/NoSQLMap", "description": "Automatic NoSQL injection and database takeover tool.", "stars": "3.2k"}, {"name": "SQLmap", "url": "http://sqlmap.org/", "description": "Automatic SQL injection and database takeover tool."}, {"name": "tplmap", "url": "https://github.com/epinna/tplmap", "description": "Automatic server-side template injection and Web server takeover tool.", "stars": "4.1k"}], "notes": []}, {"name": "Pentest \u2014 Web path discovery and bruteforcing tools", "entries": [{"name": "DotDotPwn", "url": "https://dotdotpwn.blogspot.com/", "description": "Directory traversal fuzzer."}, {"name": "dirsearch", "url": "https://github.com/maurosoria/dirsearch", "description": "Web path scanner.", "stars": "14k"}, {"name": "recursebuster", "url": "https://github.com/c-sto/recursebuster", "description": "Content discovery tool to perform directory and file bruteforcing.", "stars": "249"}], "notes": []}, {"name": "Pentest \u2014 Web shells and C2 frameworks", "entries": [{"name": "Browser Exploitation Framework (BeEF)", "url": "https://github.com/beefproject/beef", "description": "Command and control server for delivering exploits to commandeered Web browsers.", "stars": "11k"}, {"name": "DAws", "url": "https://github.com/dotcppfile/DAws", "description": "Advanced Web shell.", "stars": "579"}, {"name": "Merlin", "url": "https://github.com/Ne0nd0g/merlin", "description": "Cross-platform post-exploitation HTTP/2 Command and Control server and agent written in Golang.", "stars": "5.5k"}, {"name": "PhpSploit", "url": "https://github.com/nil0x42/phpsploit", "description": "Full-featured C2 framework which silently persists on webserver via evil PHP oneliner.", "stars": "2.4k"}, {"name": "SharPyShell", "url": "https://github.com/antonioCoco/SharPyShell", "description": "Tiny and obfuscated ASP.NET webshell for C# web applications.", "stars": "1k"}, {"name": "weevely3", "url": "https://github.com/epinna/weevely3", "description": "Weaponized PHP-based web shell.", "stars": "3.5k"}], "notes": []}, {"name": "Pentest \u2014 Web-accessible source code ripping tools", "entries": [{"name": "DVCS Ripper", "url": "https://github.com/kost/dvcs-ripper", "description": "Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR.", "stars": "1.8k"}, {"name": "GitTools", "url": "https://github.com/internetwache/GitTools", "description": "Automatically find and download Web-accessible `.git` repositories.", "stars": "4.1k"}, {"name": "git-dumper", "url": "https://github.com/arthaud/git-dumper", "description": "Tool to dump a git repository from a website.", "stars": "2.4k"}, {"name": "git-scanner", "url": "https://github.com/HightechSec/git-scanner", "description": "Tool for bug hunting or pentesting websites that have open `.git` repositories available in public.", "stars": "366"}], "notes": []}, {"name": "Pentest \u2014 Web Exploitation Books", "entries": [{"name": "The Browser Hacker's Handbook by Wade Alcorn et al., 2014", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html", "description": ""}, {"name": "The Web Application Hacker's Handbook by D. Stuttard, M. Pinto, 2011", "url": "http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html", "description": ""}, {"name": "Bloodhound", "url": "https://github.com/adaptivethreat/Bloodhound/wiki", "description": "Graphical Active Directory trust relationship explorer.", "stars": "10k"}, {"name": "Commando VM", "url": "https://github.com/fireeye/commando-vm", "description": "Automated installation of over 140 Windows software packages for penetration testing and red teaming.", "stars": "7.4k"}, {"name": "Covenant", "url": "https://github.com/cobbr/Covenant", "description": "ASP.NET Core application that serves as a collaborative command and control platform for red teamers.", "stars": "4.6k"}, {"name": "ctftool", "url": "https://github.com/taviso/ctftool", "description": "Interactive Collaborative Translation Framework (CTF) exploration tool capable of launching cross-session edit session attacks.", "stars": "1.7k"}, {"name": "DeathStar", "url": "https://github.com/byt3bl33d3r/DeathStar", "description": "Python script that uses Empire's RESTful API to automate gaining Domain Admin rights in Active Directory environments.", "stars": "1.6k"}, {"name": "Empire", "url": "https://www.powershellempire.com/", "description": "Pure PowerShell post-exploitation agent."}, {"name": "Fibratus", "url": "https://github.com/rabbitstack/fibratus", "description": "Tool for exploration and tracing of the Windows kernel.", "stars": "2.4k"}, {"name": "Inveigh", "url": "https://github.com/Kevin-Robertson/Inveigh", "description": "Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/machine-in-the-middle tool.", "stars": "2.9k"}, {"name": "LaZagne", "url": "https://github.com/AlessandroZ/LaZagne", "description": "Credentials recovery project.", "stars": "11k"}, {"name": "MailSniper", "url": "https://github.com/dafthack/MailSniper", "description": "Modular tool for searching through email in a Microsoft Exchange environment, gathering the Global Address List from Outlook Web Access (OWA) and Exchange Web Services (EWS), and more.", "stars": "3.2k"}, {"name": "PowerSploit", "url": "https://github.com/PowerShellMafia/PowerSploit", "description": "PowerShell Post-Exploitation Framework.", "stars": "13k"}, {"name": "RID\\_ENUM", "url": "https://github.com/trustedsec/ridenum", "description": "Python script that can enumerate all users from a Windows Domain Controller and crack those user's passwords using brute-force.", "stars": "299"}, {"name": "Responder", "url": "https://github.com/SpiderLabs/Responder", "description": "Link-Local Multicast Name Resolution (LLMNR), NBT-NS, and mDNS poisoner.", "stars": "4.8k"}, {"name": "Rubeus", "url": "https://github.com/GhostPack/Rubeus", "description": "Toolset for raw Kerberos interaction and abuses.", "stars": "4.8k"}, {"name": "Ruler", "url": "https://github.com/sensepost/ruler", "description": "Abuses client-side Outlook features to gain a remote shell on a Microsoft Exchange server.", "stars": "2.3k"}, {"name": "SCOMDecrypt", "url": "https://github.com/nccgroup/SCOMDecrypt", "description": "Retrieve and decrypt RunAs credentials stored within Microsoft System Center Operations Manager (SCOM) databases.", "stars": "125"}, {"name": "Sysinternals Suite", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite", "description": "The Sysinternals Troubleshooting Utilities."}, {"name": "Windows Credentials Editor", "url": "https://www.ampliasecurity.com/research/windows-credentials-editor/", "description": "Inspect logon sessions and add, change, list, and delete associated credentials, including Kerberos tickets."}, {"name": "Windows Exploit Suggester", "url": "https://github.com/GDSSecurity/Windows-Exploit-Suggester", "description": "Detects potential missing patches on the target.", "stars": "4.2k"}, {"name": "mimikatz", "url": "http://blog.gentilkiwi.com/mimikatz", "description": "Credentials extraction tool for Windows operating system."}, {"name": "redsnarf", "url": "https://github.com/nccgroup/redsnarf", "description": "Post-exploitation tool for retrieving password hashes and credentials from Windows workstations, servers, and domain controllers.", "stars": "1.2k"}, {"name": "wePWNise", "url": "https://labs.mwrinfosecurity.com/tools/wepwnise/", "description": "Generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software."}, {"name": "WinPwn", "url": "https://github.com/SecureThisShit/WinPwn", "description": "Internal penetration test script to perform local and domain reconnaissance, privilege escalation and exploitation.", "stars": "3.6k"}], "notes": []}], "total_entries": 613}, {"name": "Privacy", "subcategories": [{"name": "Privacy", "entries": [{"name": "2FA", "url": "#2fa", "description": ""}, {"name": "Analytics", "url": "#analytics", "description": ""}, {"name": "Android", "url": "#android", "description": ""}, {"name": "Artificial Intelligence", "url": "#artificial-intelligence", "description": ""}, {"name": "Bookmarking", "url": "#bookmarking", "description": ""}, {"name": "Captchas", "url": "#captchas", "description": ""}, {"name": "Calendar", "url": "#calendar", "description": ""}, {"name": "Commenting Engines (disqus)", "url": "#commenting-engines", "description": ""}, {"name": "Cloaking", "url": "#cloaking", "description": ""}, {"name": "Cloud Storage", "url": "#cloud-storage", "description": ""}, {"name": "Creator Tools", "url": "#creator-tools", "description": ""}, {"name": "Databases", "url": "#databases", "description": ""}, {"name": "Dating Apps", "url": "#dating-apps", "description": ""}, {"name": "Design Tools", "url": "#design-tools", "description": ""}, {"name": "Developer Tools", "url": "#developer-tools", "description": ""}, {"name": "Dictation / ASR", "url": "https://github.com/pluja/awesome-privacy/blob/main/README.md/", "description": ""}, {"name": "Domain Registrar", "url": "#domain-registrar", "description": ""}, {"name": "Download Manager", "url": "#download-manager", "description": ""}, {"name": "Encryption", "url": "#encryption", "description": ""}, {"name": "File Management and Sharing", "url": "#file-management-and-sharing", "description": ""}, {"name": "Fitness and Health", "url": "#fitness-and-health", "description": ""}, {"name": "Fonts", "url": "#fonts", "description": ""}, {"name": "Forms", "url": "#forms", "description": ""}, {"name": "Games", "url": "#games", "description": ""}, {"name": "Home Assistants", "url": "#home-assistants", "description": ""}, {"name": "Instant Messaging", "url": "#instant-messaging", "description": ""}, {"name": "Link in Bio Tools", "url": "#link-in-bio-tools", "description": ""}, {"name": "Link Shorteners", "url": "#link-shorteners", "description": ""}, {"name": "Location tracking", "url": "#location-tracking", "description": ""}, {"name": "Mail Services", "url": "#mail-services", "description": ""}, {"name": "Maps and Navigation", "url": "#maps-and-navigation", "description": ""}, {"name": "Media Streaming Platforms", "url": "#media-streaming-platforms", "description": ""}, {"name": "Music Recognition (Shazam-like)", "url": "#music-recognition", "description": ""}, {"name": "Notes and Tasks", "url": "#notes-and-tasks", "description": ""}, {"name": "Office", "url": "#office", "description": ""}, {"name": "Online Phone Providers (SMS)", "url": "#online-phone-providers", "description": ""}, {"name": "Operating Systems", "url": "#operating-systems", "description": ""}, {"name": "Password Managers", "url": "#password-managers", "description": ""}, {"name": "Pastebin and Secret Sharing", "url": "#pastebin-and-secret-sharing", "description": ""}, {"name": "Payments", "url": "#payments", "description": ""}, {"name": "Personal Finances", "url": "#personal-finances", "description": ""}, {"name": "Photo Editing and Management", "url": "#photo-editing-and-management", "description": ""}, {"name": "Photo Storage", "url": "#photo-storage", "description": ""}, {"name": "Privacy Tools", "url": "#privacy-tools", "description": ""}, {"name": "Remote Access and Control", "url": "#remote-access-and-control", "description": ""}, {"name": "Search Engines", "url": "#search-engines", "description": ""}, {"name": "Social Networks and Platforms", "url": "#social-networks-and-platforms", "description": ""}, {"name": "Screen Recording", "url": "#screen-recording", "description": ""}, {"name": "Teamworking Tools", "url": "#teamworking-tools", "description": ""}, {"name": "Translation", "url": "#translation", "description": ""}, {"name": "Uncategorized", "url": "#uncategorized", "description": ""}, {"name": "Utilities", "url": "#utilities", "description": ""}, {"name": "Version Control", "url": "#version-control", "description": ""}, {"name": "Video and Audio Conferencing", "url": "#video-and-audio-conferencing", "description": ""}, {"name": "Video Editing", "url": "#video-editing", "description": ""}, {"name": "Virtual Private Networks (VPNs)", "url": "#VPNS", "description": ""}, {"name": "Web Browser", "url": "#web-browser", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "ente Auth", "url": "https://ente.io/auth", "description": "A free, cross platform, end-to-end encrypted and open source app for managing your 2-step verification tokens. From the makers of [ente Photos](https://ente.io), and uses the same battle tested infrastructure. Needs an ente.io account."}, {"name": "Owky", "url": "https://github.com/charlietango/owky", "description": "Free and Open Source Two-Factor Authenticator for IOS users.", "stars": "59"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Ackee", "url": "https://ackee.electerious.com/", "description": "Self-hosted website analytics."}, {"name": "Aptabase", "url": "https://aptabase.com", "description": "Open-source, privacy-first and simple analytics for mobile and desktop apps."}, {"name": "Cabin", "url": "https://withcabin.com", "description": "Privacy-first, carbon conscious web analytics."}, {"name": "GoatCounter", "url": "https://www.goatcounter.com/", "description": "Privacy aware, lightweight and open-source analytics platform."}, {"name": "Matomo", "url": "https://matomo.org/", "description": "Google Analytics alternative that protects your data and your customers' privacy."}, {"name": "Nullitics", "url": "https://nullitics.com/", "description": "Zero-effort open-source cheap analytics."}, {"name": "Pirsch", "url": "https://pirsch.io/", "description": "Pirsch is a simple, privacy-friendly, open-source alternative to Google Analytics \u2014 lightweight, cookie-free and easily integrated into any website or backend."}, {"name": "Plausible", "url": "https://plausible.io/", "description": "Simple and privacy-friendly alternative to Google Analytics."}, {"name": "Shynet", "url": "https://github.com/milesmcc/shynet", "description": "Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.", "stars": "3.1k"}, {"name": "Swetrix", "url": "https://swetrix.com", "description": "Privacy-focused, fully cookieless and opensource (and selfhostable) web-analytics service."}, {"name": "Umami", "url": "https://umami.is/", "description": "A simple, fast, website analytics alternative to Google Analytics."}, {"name": "Unidentified Analytics", "url": "https://unidentifiedanalytics.web.app/", "description": "Naive ip-based tracking that works everywhere (web, command-line, email, etc). No account required. Developer friendly."}, {"name": "Rybbit", "url": "https://rybbit.io", "description": "Open-source and privacy-friendly alternative to Google Analytics that is 10x more intuitive."}], "notes": []}, {"name": "Privacy \u2014 Android App Store", "entries": [{"name": "F-Droid", "url": "https://f-droid.org/", "description": "F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform."}, {"name": "FossDroid", "url": "https://fossdroid.com/", "description": "Fossdroid's aim is to promote free and open source apps on the Android platform: newest, trendiest and the most popular ones."}, {"name": "SkyDroid", "url": "https://skydroid.app/", "description": "Decentralized App Store for Android"}, {"name": "Obtainium", "url": "https://github.com/ImranR98/Obtainium", "description": "Get app updates directly from the source.", "stars": "16k"}, {"name": "Accrescent", "url": "https://github.com/accrescent/accrescent", "description": "A novel Android app store focused on security, privacy, and usability.", "stars": "1.9k"}], "notes": []}, {"name": "Privacy \u2014 Alternative Google Play Store clients", "entries": [{"name": "Aurora Store", "url": "https://auroraoss.com/download/#aurora-store", "description": "Aurora Store is an open-source alternative Google Play Store frontend client with privacy and modern design in mind."}], "notes": []}, {"name": "Privacy \u2014 Android Debloat Tools", "entries": [{"name": "Universal Android Debloater Next Generation", "url": "https://github.com/Universal-Debloater-Alliance/universal-android-debloater-next-generation/", "description": "Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.", "stars": "6.2k"}], "notes": []}, {"name": "Privacy \u2014 Android Dialer", "entries": [{"name": "Koler", "url": "https://github.com/Chooloo/koler", "description": "Uniquely stylized phone app with customizable features.", "stars": "1k"}, {"name": "Fossify Phone", "url": "https://github.com/FossifyOrg/Phone", "description": "A handy phone call manager with phonebook, number blocking and multi-SIM support.", "stars": "1.1k"}], "notes": []}, {"name": "Privacy \u2014 Android File Manager", "entries": [{"name": "Amaze File Manager", "url": "https://github.com/TeamAmaze/AmazeFileManager", "description": "Simple and attractive Material Design file manager for Android.", "stars": "6.1k"}, {"name": "Material Files", "url": "https://github.com/zhanghai/MaterialFiles", "description": "An open source Material Design file manager, for Android 5.0+.", "stars": "8.1k"}, {"name": "Ghost Commander", "url": "https://f-droid.org/packages/com.ghostsq.commander/", "description": "Dual-panel file manager."}], "notes": []}, {"name": "Privacy \u2014 Android Keyboard", "entries": [{"name": "AnySoftKeyboard", "url": "https://anysoftkeyboard.github.io/", "description": "The only Android keyboard you'll ever need. Free as in speech and Free as in beer."}, {"name": "FlorisBoard", "url": "https://github.com/florisboard/florisboard", "description": "FlorisBoard is a free and open-source keyboard for Android 6.0+ devices. It aims at being modern, user-friendly and customizable while fully respecting your privacy. Currently in early-beta state.", "stars": "8.1k"}, {"name": "Futo Keyboard", "url": "https://keyboard.futo.org/", "description": "A modern keyboard that respects your privacy and security, with features such as offline voice input, swipe typing and smart autocorrect."}, {"name": "Heliboard", "url": "https://github.com/Helium314/HeliBoard", "description": "A privacy-conscious and customizable open-source keyboard, based on AOSP / OpenBoard with many additional features and improvements, including support for custom dictionaries, themes, and glide typing.", "stars": "4.8k"}, {"name": "Indic Keyboard", "url": "https://gitlab.com/indicproject/indic-keyboard", "description": "Indic Keyboard is a versatile keyboard for Android users who wish to use Indic and Indian languages to type messages, compose emails and generally prefer to use them in addition to English on their phone."}, {"name": "OpenBoard", "url": "https://github.com/openboard-team/openboard", "description": "OpenBoard is a 100% foss keyboard based on AOSP, with no dependency on Google binaries, that respects your privacy. It is no longer updated, but still works.", "stars": "2.7k"}, {"name": "Simple Keyboard", "url": "https://github.com/rkkr/simple-keyboard", "description": "Simply keyboard and nothing more.", "stars": "1.5k"}], "notes": []}, {"name": "Privacy \u2014 Android Gallery", "entries": [{"name": "Aves", "url": "https://github.com/deckerst/aves", "description": "Beautiful gallery and metadata explorer app, built for Android with Flutter.", "stars": "4.5k"}, {"name": "Fossify Gallery", "url": "https://github.com/FossifyOrg/Gallery", "description": "Fork of Simple Gallery. Browse your memories without any interruptions with this photo and video gallery.", "stars": "3.2k"}], "notes": []}, {"name": "Privacy \u2014 Android Launcher", "entries": [{"name": "Lawnchair", "url": "https://lawnchair.app/", "description": "No clever tagline needed."}, {"name": "OpenLauncher", "url": "https://github.com/OpenLauncherTeam/openlauncher", "description": "Customizable and Open Source Launcher for Android.", "stars": "1.5k"}, {"name": "KISS", "url": "https://kisslauncher.com/", "description": "Lightning fast, open-source, < 200kb Android launcher."}, {"name": "Olauncher", "url": "https://github.com/tanujnotes/Olauncher", "description": "Minimal AF (ad-free) launcher app for Android.", "stars": "3.4k"}, {"name": "Pie Launcher", "url": "https://github.com/markusfisch/PieLauncher", "description": "Android home screen launcher that uses a dynamic pie menu instead of fixed positioned icons.", "stars": "520"}, {"name": "Rootless Pixel Launcher", "url": "https://github.com/amirzaidi/Launcher3", "description": "The Launcher3 fork known as \"Rootless Pixel Launcher\".", "stars": "3.9k"}, {"name": "Bliss Launcher", "url": "https://f-droid.org/en/packages/foundation.e.blisslauncher/", "description": "The default launcher of the /e/ Android-based OS."}, {"name": "Jan", "url": "https://github.com/janhq/jan", "description": "Jan is an open source alternative to ChatGPT that runs 100% offline on your computer.", "stars": "41k"}, {"name": "llama.cpp", "url": "https://github.com/ggml-org/llama.cpp", "description": "Inference of Facebook's LLaMA model in pure C/C++ so it can run locally on a CPU.", "stars": "98k"}, {"name": "LocalAI", "url": "https://github.com/go-skynet/LocalAI", "description": "Self-hosted, community-driven simple local OpenAI-compatible API written in go. Can be used as a drop-in replacement for OpenAI, running on CPU with consumer-grade hardware.", "stars": "44k"}, {"name": "ollama", "url": "https://github.com/jmorganca/ollama", "description": "Get up and running with Llama 2 and other large language models locally.", "stars": "165k"}, {"name": "PasteGuard", "url": "https://github.com/sgasser/pasteguard", "description": "Privacy proxy for LLM APIs that masks PII and secrets before they reach cloud providers. Self-hosted, OpenAI-compatible, and restores original data in responses.", "stars": "555"}, {"name": "Shimmy", "url": "https://github.com/Michael-A-Kuykendall/shimmy", "description": "Privacy-focused AI inference server with OpenAI API compatibility, zero cloud dependencies, and local model processing.", "stars": "3.8k"}, {"name": "Tinfoil", "url": "https://tinfoil.sh/", "description": "Verifiably private AI Chat and OpenAI-compatible inference in the cloud. Uses NVIDIA confidential computing and open source code pinned to a transparency log for end-to-end verifiability."}, {"name": "Continue", "url": "https://github.com/continuedev/continue", "description": "Open-source autopilot for VS Code and JetBrains\u2014the easiest way to code with any LLM", "stars": "32k"}, {"name": "Cline", "url": "https://cline.bot/", "description": "Open source AI coding for VSCode. See every decision and use your own models."}, {"name": "OpenCode", "url": "https://github.com/anomalyco/opencode/", "description": "The open source coding agent. Connect local models or any providers of your choice.", "stars": "127k"}, {"name": "Kokoro FastAPI", "url": "https://github.com/remsky/Kokoro-FastAPI", "description": "Dockerized FastAPI wrapper for [Kokoro-82M](https://huggingface.co/hexgrad/Kokoro-82M) text-to-speech model w/CPU, ONNX and NVIDIA GPU support, handling, and auto-stitching.", "stars": "4.6k"}, {"name": "MeloTTS", "url": "https://github.com/myshell-ai/MeloTTS", "description": "a high-quality multi-lingual text-to-speech library by MIT and MyShell.ai.", "stars": "7.3k"}, {"name": "Piper", "url": "https://github.com/rhasspy/piper", "description": "A fast, local neural text to speech system that sounds great and is optimized for the Raspberry Pi 4.", "stars": "11k"}, {"name": "Espeak", "url": "https://github.com/espeak-ng/espeak-ng", "description": "eSpeak NG is an open source speech synthesizer that supports more than hundred languages and accents. Voices will sound rather robotic.", "stars": "6.2k"}, {"name": "ComfyUI", "url": "https://github.com/comfyanonymous/ComfyUI", "description": "ComfyUI lets you execute advanced image generation pipelines using an advanced interface. Available on Windows, Linux, and macOS.", "stars": "107k"}, {"name": "Stable Diffusion Web UI", "url": "https://github.com/AUTOMATIC1111/stable-diffusion-webui", "description": "A browser interface for Stable Diffusion and other models.", "stars": "162k"}, {"name": "InvokeAI", "url": "https://github.com/invoke-ai/InvokeAI", "description": "Generate and create stunning visual media using the latest AI-driven technologies locally.", "stars": "27k"}, {"name": "42links", "url": "https://42links.tuxproject.de", "description": "Open-source, self-hosted, minimalist bookmark storage service."}, {"name": "Floccus", "url": "https://floccus.org/", "description": "Sync your bookmarks privately across browsers and devices."}, {"name": "Grimoire", "url": "https://github.com/goniszewski/grimoire", "description": "Modern, open source, self-hosted bookmark manager.", "stars": "2.8k"}, {"name": "Karakeep", "url": "https://karakeep.app/", "description": "(previously Hoarder) Open source \"Bookmark Everything\" app that uses AI for automatically tagging the content you throw at it."}, {"name": "LinkAce", "url": "https://github.com/Kovah/LinkAce", "description": "", "stars": "3.3k"}, {"name": "LinkDing", "url": "https://github.com/sissbruecker/linkding", "description": "", "stars": "10k"}, {"name": "Shiori", "url": "https://github.com/go-shiori/shiori", "description": "", "stars": "11k"}, {"name": "Wallabag", "url": "https://wallabag.org/", "description": "Open-source, optionally self-hosted, read it later server. Provides paid hosted service with privacy in mind."}], "notes": []}, {"name": "Privacy \u2014 Book and web annotations/highlights management", "entries": [{"name": "Blasta", "url": "https://git.xmpp-it.net/sch/Blasta", "description": "A collaborative bookmarks manager for organizing online content."}, {"name": "Hypothesis", "url": "https://github.com/hypothesis/h/", "description": "Annotate the web, with anyone, anywhere.", "stars": "3.1k"}, {"name": "Kobuddy", "url": "https://github.com/karlicoss/kobuddy", "description": "Get your Kobo e-reader device bookmarks and annotations in a .txt file.", "stars": "176"}, {"name": "Altcha.org", "url": "https://altcha.org", "description": "Free, open-source and self-hosted CAPTCHA alternative using proof-of-work mechanism."}, {"name": "mCaptcha", "url": "http://mcaptcha.org/", "description": ""}, {"name": "Private Captcha", "url": "https://github.com/PrivateCaptcha/PrivateCaptcha", "description": "Privacy-first and self-hosted Proof-of-Work CAPTCHA alternative, made in EU.", "stars": "157"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Nextcloud Calendar", "url": "https://apps.nextcloud.com/apps/calendar", "description": "Calendar app for Nextcloud with CalDAV support. Self-hostable."}, {"name": "Proton Calendar", "url": "https://proton.me/calendar", "description": "End-to-end encrypted calendar from Proton. Part of the Proton privacy ecosystem."}, {"name": "Commento", "url": "https://commento.io/", "description": "[\ud83d\udc80](#icons) Commento is a fast, privacy-focused commenting platform. Can be selfhosted or use their SaaS."}, {"name": "Comentario", "url": "https://comentario.app", "description": "Tiny, Privacy-focused, Open-source web comment engine, which adds discussion functionality to plain, boring web pages."}, {"name": "Cusdis", "url": "https://github.com/djyde/cusdis", "description": "Lightweight, privacy-friendly alternative to Disqus.", "stars": "2.8k"}, {"name": "Disgus", "url": "https://github.com/carlitoplatanito/disgus", "description": "Embeddable comments for your website, backed by Nostr. Like Disqus but Nostr.", "stars": "52"}, {"name": "Isso", "url": "https://github.com/posativ/isso", "description": "A lightweight, self hosted, commenting server written in Python and JavaScript. It aims to be a drop-in replacement for Disqus.", "stars": "5.3k"}, {"name": "Remark42", "url": "https://remark42.com", "description": "Self-hosted, lightweight, and simple (yet functional) comment engine, which doesn't spy on users."}], "notes": []}, {"name": "Privacy \u2014 Images", "entries": [{"name": "Fawkes", "url": "https://github.com/Shawn-Shan/fawkes", "description": "privacy preserving tool against facial recognition systems.", "stars": "5.5k"}, {"name": "ImageScrubber", "url": "https://github.com/everestpipkin/image-scrubber", "description": "A friendly browser-based tool for anonymizing photographs taken at protests ([hosted version provided by everestpipkin](https://everestpipkin.github.io/image-scrubber/)).", "stars": "993"}], "notes": []}, {"name": "Privacy \u2014 Text", "entries": [{"name": "Stegcloak", "url": "https://stegcloak.surge.sh/", "description": "Hide secrets with invisible characters in plain text securely using passwords ([repo (\u2b503.8k)](https://github.com/kurolabs/stegcloak))."}, {"name": "Nextcloud", "url": "https://nextcloud.com/", "description": "The open source self-hosted productivity platform that keeps you in control."}, {"name": "Seafile", "url": "https://www.seafile.com/en/home/", "description": "High performance file syncing and sharing. It includes a Wiki, WYSIWYG editing and other knowledge management features."}, {"name": "Peergos", "url": "https://peergos.org/", "description": "Secure and private space online where you can store, share and view your photos, videos, music and documents. Also includes a calendar, news feed, task lists, chat and email client. Open source and self-hostable."}, {"name": "Proton Drive", "url": "https://proton.me/drive", "description": "End-to-end encrypted Swiss vault for your files that protects your data. [Read this article over Climate activist arrest](https://protonmail.com/blog/climate-activist-arrest/)."}, {"name": "PrivateStorage", "url": "https://private.storage/", "description": "Accountless, privacy-focused cloud storage and folder synchronization with client-side encryption."}, {"name": "Cryptomator", "url": "https://cryptomator.org", "description": "Cryptomator encrypts your data quickly and easily. Afterwards you upload them protected to your favorite cloud service"}, {"name": "Syncthing", "url": "https://syncthing.net/", "description": "Continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes."}, {"name": "Rclone", "url": "https://rclone.org/", "description": "Rclone is a command line program to manage files on cloud storage. It is a feature rich alternative to cloud vendors' web storage interfaces and like the tools listed above enables encryption for encrypting files in the cloud."}, {"name": "Restic", "url": "https://restic.net/", "description": "Restic is also command line program to manage files on various cloud storage providers. Restic uses encryption by default. Few noteworthy features of restic include browsing through storage as git like snapshots at no extra storage cost, deduplication and significant savings through compression."}, {"name": "vdo.ninja", "url": "https://vdo.ninja/", "description": "Powerful tool that lets you bring remote video feeds into OBS or other studio software via WebRTC."}, {"name": "OBS Studio", "url": "https://obsproject.com/", "description": "Free and open source software for video recording and live streaming."}, {"name": "Screenity", "url": "https://screenity.io/en/", "description": "A screen recorder that's free, private, and friendly."}, {"name": "Appwrite", "url": "https://appwrite.io/", "description": "Secure open-source backend server for web, mobile & Flutter developers."}, {"name": "Supabase", "url": "https://supabase.io/", "description": "Open source Firebase alternative ([Limited (\u2b5099k)](https://github.com/supabase/supabase/issues/4934) [self-hosting (\u2b5099k)](https://github.com/supabase/supabase/issues/4440#issuecomment-992108832))"}, {"name": "Pocketbase", "url": "https://pocketbase.io/", "description": "Open Source backend in 1 file written in Go."}, {"name": "CondensationDB", "url": "https://github.com/CondensationDB/Condensation", "description": "", "stars": "443"}, {"name": "Beekeeper Studio", "url": "https://www.beekeeperstudio.io", "description": "Open Source SQL Editor and Database Manager with a privacy commitment in their mission statement."}], "notes": []}, {"name": "Privacy \u2014 IDEs", "entries": [{"name": "Neovim", "url": "https://neovim.io/", "description": "Hyperextensible Vim-based text editor."}, {"name": "VSCodium", "url": "https://vscodium.com/", "description": "Free/Libre Open Source Software Binaries of VSCode. Vscode source code is open source (MIT-licensed), but the product available for download (Visual Studio Code) is licensed under [this not-FLOSS license](https://code.visualstudio.com/license) and contains telemetry/tracking."}, {"name": "![", "url": "https://shields.tosdr.org/en_462.svg", "description": ""}, {"name": "Alovoa", "url": "https://alovoa.com/", "description": "Free and open-source dating platform that respects your privacy."}], "notes": []}, {"name": "Privacy \u2014 InDesign", "entries": [{"name": "Scribus", "url": "https://www.scribus.net/", "description": "a free and open-source desktop publishing (DTP) software available for most desktop operating systems. It is designed for layout, typesetting, and preparation of files for professional-quality image-setting equipment. Scribus can also create animated and interactive PDF presentations and forms."}], "notes": []}, {"name": "Privacy \u2014 Photoshop / Illustrator", "entries": [{"name": "GIMP", "url": "https://www.gimp.org/", "description": "A free and open-source raster graphics editor used for image manipulation (retouching) and image editing, free-form drawing, transcoding between different image file formats, and more specialized tasks. It is not designed to be used for drawing, though some artists and creators have used it in this way."}, {"name": "Inkscape", "url": "https://inkscape.org/", "description": "A free and open-source vector graphics editor for GNU/Linux, Windows and macOS. It offers a rich set of features and is widely used for both artistic and technical illustrations such as cartoons, clip art, logos, typography, diagramming and flowcharting."}, {"name": "Krita", "url": "https://krita.org/", "description": "A free and open-source raster graphics editor designed primarily for digital art and 2D animation."}, {"name": "Excalidraw", "url": "https://github.com/excalidraw/excalidraw", "description": "Virtual whiteboard for sketching hand-drawn like diagrams.", "stars": "119k"}], "notes": []}, {"name": "Privacy \u2014 Figma", "entries": [{"name": "Penpot", "url": "https://penpot.app/", "description": "Penpot is an Open Source design and prototyping platform for product teams."}, {"name": "OrangeWebsite", "url": "https://www.orangewebsite.com/", "description": ""}, {"name": "1984 Hosting", "url": "https://www.1984hosting.com/", "description": ""}, {"name": "Persepolis Download Manager", "url": "https://github.com/persepolisdm/persepolis", "description": "Persepolis is a download manager & a GUI for Aria2. It's written in Python. Persepolis is a sample of free and open source software. It's developed for GNU/Linux distributions, BSDs, MacOS, and Microsoft Windows.", "stars": "7.3k"}, {"name": "uGet Download Manager", "url": "https://ugetdm.com/", "description": "uGet is a lightweight yet powerful Open Source download manager for GNU/Linux developed with GTK+, which also comes packaged as a portable Windows app. It is also available for Android."}, {"name": "Motrix", "url": "https://github.com/agalwood/Motrix", "description": "A full-featured download manager.", "stars": "51k"}, {"name": "Xtreme Download Manager", "url": "https://github.com/subhra74/xdm", "description": "Xtreme Download Manager (XDM) is a powerful tool to increase download speeds up to 500%, save streaming videos from YouTube, DailyMotion, Facebook, Vimeo, Google Video and 1000+ other websites, resume broken/dead downloads, schedule and convert downloads.", "stars": "7.6k"}, {"name": "axel", "url": "https://github.com/axel-download-accelerator/axel", "description": "Lightweight CLI download accelerator. It supports HTTP, HTTPS, FTP and FTPS protocols.", "stars": "3.3k"}, {"name": "Veracrypt", "url": "https://www.veracrypt.fr/en/Home.html", "description": "VeraCrypt is a free open source disk encryption software for Windows, macOS and Linux."}, {"name": "Shufflecake", "url": "https://shufflecake.net/index.html", "description": "Free open source, plausible deniability for multiple hidden filesystems on Linux"}, {"name": "Hat.sh", "url": "https://hat.sh/", "description": "A Free, Fast, Secure and Serverless File Encryption."}, {"name": "Cryptomator", "url": "https://cryptomator.org/", "description": "Cryptomator encrypts your data quickly and easily. Afterwards you upload them protected to your favorite cloud service."}, {"name": "Stegcloak", "url": "https://stegcloak.surge.sh/", "description": "Hide secrets with invisible characters in plain text securely using passwords."}, {"name": "Picocrypt", "url": "https://github.com/HACKERALERT/Picocrypt/", "description": "A very small (hence \"Pico\"), very simple, yet very secure file encryption tool.", "stars": "2.5k"}, {"name": "Photok", "url": "https://github.com/leonlatsch/Photok", "description": "Photok is a free Photo-Safe. It stores your photos encrypted on your device and hides them from others.", "stars": "855"}], "notes": []}, {"name": "Privacy \u2014 OS Encryption", "entries": [{"name": "Cryptsetup", "url": "https://gitlab.com/cryptsetup/cryptsetup", "description": "Full disk encryption for Linux. Cryptsetup is a utility used to conveniently set up disk encryption based"}, {"name": "Blaze", "url": "https://blaze.now.sh/", "description": "A fast, p2p and radically different way to transfer files."}, {"name": "Blindsend", "url": "https://github.com/blindnet-io/blindsend", "description": "Open source tool for private, end-to-end encrypted file exchange.", "stars": "185"}, {"name": "Croc", "url": "https://github.com/schollz/croc", "description": "Easily and securely send things from one computer to another.", "stars": "34k"}, {"name": "Dat-cp", "url": "https://github.com/tom-james-watson/dat-cp", "description": "Copy files between hosts on a network using the peer-to-peer Dat network.", "stars": "319"}, {"name": "Destiny", "url": "https://leastauthority.com/community-matters/destiny/", "description": "Send files directly to the receiver in real-time. Developed for and with HROs as a free Privacy Enhancing Technology alternative."}, {"name": "Gokapi", "url": "https://github.com/Forceu/Gokapi", "description": "Lightweight selfhosted Firefox Send alternative without public upload. AWS S3 supported.", "stars": "2.6k"}, {"name": "Lufi", "url": "https://framagit.org/fiat-tux/hat-softwares/lufi", "description": "Let's Upload that FIle \u2014 File sharing software."}, {"name": "Localsend", "url": "https://localsend.org/", "description": "Share files to nearby devices. Free, open source, cross-platform."}, {"name": "Magic Wormhole", "url": "https://github.com/magic-wormhole/magic-wormhole", "description": "Get things from one computer to another, safely.", "stars": "22k"}, {"name": "OnionShare", "url": "https://github.com/micahflee/onionshare", "description": "An open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network.", "stars": "6.9k"}, {"name": "Paperless", "url": "https://github.com/the-paperless-project/paperless", "description": "\\[Now archived] Scan, index, and archive all of your paper documents.", "stars": "7.9k"}, {"name": "Paperless-ngx", "url": "https://github.com/paperless-ngx/paperless-ngx", "description": "A community-supported supercharged version of paperless based on paperless-ng", "stars": "37k"}, {"name": "PairDrop", "url": "https://github.com/schlagmichdoch/PairDrop", "description": "An improved version of Snapdrop that also allows you to pair devices and share files outside your network.", "stars": "10k"}, {"name": "Portal", "url": "https://github.com/SpatiumPortae/portal", "description": "A command-line file transfer utility for sending encrypted files from any computer to another.", "stars": "1.8k"}, {"name": "QRcp", "url": "https://github.com/claudiodangelis/qrcp", "description": "Transfer files over wifi from your computer to your mobile device by scanning a QR code without leaving the terminal.", "stars": "10k"}, {"name": "Send", "url": "https://gitlab.com/timvisee/send", "description": "Simple, private file sharing. (Mozilla Send Fork)"}, {"name": "Sharik", "url": "https://github.com/marchellodev/sharik", "description": "Sharik works with Wi-Fi connection or Tethering (Wi-Fi Hotspot). No internet connection needed. Available for Android, iOS, Linux, MacOS & Windows.", "stars": "1.3k"}, {"name": "Snapdrop", "url": "https://github.com/RobinLinus/snapdrop", "description": "A Progressive Web App for local file sharing inspired by Apple's Airdrop.", "stars": "20k"}, {"name": "Winden", "url": "https://winden.app/", "description": "A convenient version of Magic Wormhole you can use from within your browser. No need to install an app."}, {"name": "Yopass", "url": "https://github.com/jhaals/yopass", "description": "Secure sharing of secrets, passwords and files.", "stars": "2.7k"}, {"name": "scrt.link", "url": "https://scrt.link/file", "description": "End-to-end encrypted file transfer. Up to 100GB and 30 days retention. Stored in Switzerland."}], "notes": []}, {"name": "Privacy \u2014 Fitness trackers", "entries": [{"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}], "notes": []}, {"name": "Privacy \u2014 Workout planners", "entries": [{"name": "wger", "url": "https://wger.de/en/software/features", "description": "A free, open source, self-hosted web application that manages your exercises, workouts and nutrition."}, {"name": "workout.lol", "url": "https://github.com/Vincenius/workout-lol", "description": "A small web application to create workouts based on your available equipment and the muscles you want to train that you can selfhost.", "stars": "1.5k"}], "notes": []}, {"name": "Privacy \u2014 Food", "entries": [{"name": "OpenFoodFacts", "url": "https://world.openfoodfacts.org/", "description": "Open Food Facts is a food products database made by everyone, for everyone. You can use it to make better food choices."}], "notes": []}, {"name": "Privacy \u2014 Menstrual cycle trackers", "entries": [{"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Euki", "url": "https://eukiapp.org/", "description": "The period tracker that doesn\u2019t track you."}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}], "notes": []}, {"name": "Privacy \u2014 Medical health", "entries": [{"name": "Fasten", "url": "https://github.com/fastenhealth/fasten-onprem", "description": "Fasten is an open-source, self-hosted, personal/family electronic medical record aggregator, designed to integrate with 1000's of insurances/hospitals/clinics.", "stars": "2.7k"}], "notes": []}, {"name": "Privacy \u2014 Google Fonts Replacements", "entries": [{"name": "coolLabs Fonts", "url": "https://fonts.coollabs.io/", "description": "A privacy-friendly drop-in replacement for Google Fonts."}, {"name": "Bunny Fonts", "url": "https://fonts.bunny.net/", "description": "Bunny Fonts is an open-source, privacy-first web font platform designed to put privacy back into the internet."}], "notes": []}, {"name": "Privacy \u2014 Foundries", "entries": [{"name": "Velvetyne", "url": "https://www.velvetyne.fr/", "description": ""}, {"name": "OpenFoundry", "url": "https://open-foundry.com/", "description": ""}, {"name": "TypeBot", "url": "https://typebot.io", "description": "Open-source conversational forms."}, {"name": "CryptPad Forms", "url": "https://cryptpad.fr/form/", "description": "Part of the Cryptpad end-to-end encrypted and open-source collaboration suite."}, {"name": "FramaForms", "url": "https://framaforms.org/", "description": "Design your online surveys easily while respecting your audience."}], "notes": []}, {"name": "Privacy \u2014 Mario Kart", "entries": [{"name": "SuperTuxKart", "url": "https://supertuxkart.net/Main_Page", "description": "A 3D open-source arcade racer with a variety characters, tracks, and modes to play."}, {"name": "Sonic Robo Blast 2 Kart", "url": "https://mb.srb2.org/addons/srb2kart.2435/", "description": "SRB2Kart is a classic styled kart racer, complete with beautiful courses, and wacky items."}], "notes": []}, {"name": "Privacy \u2014 Minecraft", "entries": [{"name": "Luanti", "url": "https://www.luanti.org/", "description": "An open source voxel game engine with many features."}, {"name": "No-Chat-Reports", "url": "https://github.com/Aizistral-Studios/No-Chat-Reports", "description": "A spigot plugin strips cryptographic signatures from player messages, but it breaks any chat plugin by design.", "stars": "994"}, {"name": "FreedomChat", "url": "https://github.com/e-im/FreedomChat", "description": "A great alternative to No-Chat-Reports, since it does not break any chat plugin by design.", "stars": "228"}, {"name": "No-Telemetry", "url": "https://github.com/kb-1000/no-telemetry", "description": "Mod that disables the usage data collection, aka telemetry, introduced in Minecraft 1.18 (snapshot 21w38a).", "stars": "250"}], "notes": []}, {"name": "Privacy \u2014 Pokemon", "entries": [{"name": "Pokete", "url": "https://github.com/lxgr-linux/pokete", "description": "A small terminal based game in the style of a very popular and old game by Gamefreak.", "stars": "3.1k"}], "notes": []}, {"name": "Privacy \u2014 Sonic the Hedgehog", "entries": [{"name": "Sonic Robo Blast 2", "url": "https://www.srb2.org/", "description": "Sonic Robo Blast 2 is a 3D open-source Sonic the Hedgehog fangame built using a modified version of the Doom Legacy port of Doom."}, {"name": "Mycroft", "url": "https://mycroft.ai/", "description": "The Private and Open Voice Assistant."}, {"name": "Home Assistant", "url": "https://www.home-assistant.io/", "description": "Open source home automation that puts local control and privacy first."}], "notes": []}, {"name": "Privacy \u2014 Decentralized", "entries": [{"name": "Matrix (Protocol)", "url": "https://matrix.org/", "description": "An open network for secure, decentralized communication."}, {"name": "Jabber / XMPP (Protocol)", "url": "https://xmpp.org/", "description": "The universal and open messaging standard. Tried and tested. Independent. Privacy-focused. E2E encrypted."}, {"name": "DeltaChat", "url": "https://delta.chat/", "description": "Chat over encrypted e-mail."}, {"name": "Session", "url": "https://getsession.org/", "description": "Extreme focus on privacy and anonymity. Blockchain technology."}, {"name": "SimpleX Chat", "url": "https://simplex.chat/", "description": "The first chat platform that is 100% private by design - it has no access to your connection graph"}, {"name": "Status", "url": "https://status.im/", "description": "Status is a secure messaging app, crypto wallet, and Web3 browser built with state of the art technology."}], "notes": []}, {"name": "Privacy \u2014 Centralized", "entries": [{"name": "Threema", "url": "https://threema.ch/en", "description": "The messenger that puts security and privacy first. Pay once, chat forever. No collection of user data. Open Source client."}, {"name": "Signal", "url": "https://signal.org/", "description": "Extreme focus on privacy, combined with all of the features you expect. Strong encryption by design. 100% Open Source."}], "notes": []}, {"name": "Privacy \u2014 P2P", "entries": [{"name": "Tox", "url": "https://tox.chat/", "description": "Tox is easy-to-use software that connects you with friends and family without anyone else listening in."}, {"name": "Briar", "url": "https://briarproject.org/", "description": "Peer-to-peer encrypted messaging and forums."}, {"name": "Tinfoil Chat", "url": "https://github.com/maqp/tfc", "description": "Onion-routed, endpoint secure messaging system.", "stars": "1.3k"}, {"name": "Berty", "url": "https://berty.tech/", "description": "The privacy-first messaging app that works with or without internet access, cellular data or trust in the network."}, {"name": "Keyoxide", "url": "https://keyoxide.org/", "description": "A modern, secure and privacy-friendly platform to establish your decentralized online identity."}, {"name": "BioDrop", "url": "https://github.com/EddieHubCommunity/BioDrop", "description": "Connect to your audience with a single link. Showcase the content you create and your projects in one place. Make it easier for people to find, follow and subscribe.", "stars": "5.7k"}, {"name": "LinkStack", "url": "https://linkstack.org/", "description": "Self-hosted open-source Linktree alternative."}, {"name": "MagLit", "url": "https://maglit.me", "description": "An encrypted and privacy respecting Link Shortener service that also supports Magnet Links."}, {"name": "Dub", "url": "https://github.com/dubinc/dub", "description": "You can self-host Dub.co for greater control over your data and design.", "stars": "23k"}, {"name": "Yourls", "url": "https://yourls.org/", "description": "Self hosted URL shortener in PHP."}, {"name": "tnyr.me", "url": "https://tnyr.me", "description": "A zero-trust URL shortener with paswordless end-to-end encryption."}], "notes": []}, {"name": "Privacy \u2014 Tracking", "entries": [{"name": "Nextcloud Phonetrack", "url": "https://apps.nextcloud.com/apps/phonetrack", "description": "Nextcloud app to track location history with an [Android app](https://gitlab.com/eneiluj/phonetrack-android) ([other apps also supported](https://gitlab.com/eneiluj/phonetrack-oc/-/wikis/userdoc#logging-methods)). Supports caching positions offline and sending them to the server in batches. The first-party app has good battery saving options."}, {"name": "OwnTracks", "url": "https://owntracks.org/", "description": "Location tracking for displaying the current location only (limited location history functionality)."}, {"name": "Traccar", "url": "https://www.traccar.org/", "description": "Location tracking software made for dedicated GPS logging devices."}, {"name": "Dawarich", "url": "https://github.com/Freika/dawarich", "description": "Self-hosted alternative to Google Location History.", "stars": "8.3k"}], "notes": []}, {"name": "Privacy \u2014 Find My Device", "entries": [{"name": "Find My Device", "url": "https://gitlab.com/Nulide/findmydevice", "description": "Find your Android Device via SMS."}, {"name": "GPSlogger", "url": "https://github.com/mendhak/gpslogger", "description": "Lightweight GPS Logging Application For Android. No servers, no internet. Saved to a simple file to local storage.", "stars": "2.4k"}], "notes": []}, {"name": "Privacy \u2014 Third-Party owned", "entries": [{"name": "Forward Email", "url": "https://forwardemail.net", "description": "the 100% open-source and privacy-focused email service."}, {"name": "ProtonMail", "url": "https://protonmail.com/", "description": "Secure Email. Based in Switzerland. [Read this article over Climate activist arrest](https://protonmail.com/blog/climate-activist-arrest/)."}, {"name": "Tuta", "url": "https://tuta.com/", "description": "Secure email for everybody. Open Source."}, {"name": "Riseup", "url": "https://riseup.net/en/about-us", "description": "Online communication tools for people and groups working on liberatory social change."}, {"name": "Mailfence", "url": "https://mailfence.com", "description": "Secure and private email."}], "notes": []}, {"name": "Privacy \u2014 Self-Hosted", "entries": [{"name": "Docker mail server", "url": "https://github.com/docker-mailserver/docker-mailserver", "description": "A fullstack but simple mail server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) using Docker.", "stars": "18k"}, {"name": "Mailcow: dockerized", "url": "https://github.com/mailcow/mailcow-dockerized", "description": "The mailserver suite with the 'moo'.", "stars": "12k"}, {"name": "Mail-in-a-box", "url": "https://github.com/mail-in-a-box/mailinabox", "description": "Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.", "stars": "15k"}, {"name": "Mox", "url": "https://github.com/mjl-/mox", "description": "Modern full-featured open source secure mail server for low-maintenance self-hosted email.", "stars": "5.6k"}], "notes": []}, {"name": "Privacy \u2014 Clients", "entries": [{"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Thunderbird", "url": "https://www.thunderbird.net", "description": "A free customizable open source email client."}], "notes": []}, {"name": "Privacy \u2014 Email Alias Services (Anonymous Forwarding)", "entries": [{"name": "SimpleLogin", "url": "https://github.com/simple-login/app", "description": "", "stars": "6.5k"}, {"name": "AnonAddy", "url": "https://github.com/anonaddy/anonaddy", "description": "", "stars": "4.5k"}, {"name": "Open Street Map (OSM)", "url": "https://www.openstreetmap.org/", "description": "OpenStreetMap is built by a community of mappers that contribute and maintain data about roads, trails, caf\u00e9s, railway stations, and much more, all over the world."}, {"name": "Organic Maps", "url": "https://organicmaps.app/", "description": "Great offline maps for hikers and cyclists."}, {"name": "CoMaps", "url": "https://www.comaps.app/", "description": "A community-led free & open source maps app based on OSM"}, {"name": "Jellyfin", "url": "https://jellyfin.org/", "description": "Jellyfin is the volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached."}, {"name": "Dim", "url": "https://github.com/Dusk-Labs/dim", "description": "Dim is a self-hosted media manager. With minimal setup, Dim will organize and beautify your media collections, letting you access and play them anytime from anywhere.", "stars": "4.1k"}, {"name": "Stremio", "url": "https://www.stremio.com/", "description": "Stremio is a modern media center that's a one-stop solution for your video entertainment."}, {"name": "Funkwhale", "url": "https://funkwhale.audio/", "description": "A social platform to enjoy and share music (SoundCloud alternative)."}, {"name": "Subsonic", "url": "https://www.subsonic.org/pages/index.jsp", "description": "Your complete, personal music streamer."}, {"name": "Ampache", "url": "https://ampache.org/", "description": "A web based audio/video streaming application and file manager."}, {"name": "Koel", "url": "https://koel.dev/", "description": "a personal music streaming server that works."}, {"name": "Nuclear", "url": "https://nuclearplayer.com/", "description": "Modern music player focused on streaming from free sources."}, {"name": "Navidrome", "url": "https://navidrome.org/", "description": "Lightweight, fast and self-contained personal music streamer."}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Spotube", "url": "https://github.com/KRTirtho/spotube", "description": "A lightweight free Spotify crossplatform-client.", "stars": "45k"}, {"name": "Spot\\*", "url": "https://github.com/xou816/spot", "description": "Native Spotify client built in GTK and Rust.", "stars": "2.4k"}, {"name": "psst\\*", "url": "https://github.com/jpochyla/psst", "description": "Fast and multi-platform Spotify client with native GUI.", "stars": "9.4k"}, {"name": "ncspot\\*", "url": "https://github.com/hrkfdn/ncspot", "description": "Cross-platform ncurses Spotify client written in Rust, inspired by ncmpc and the likes.\u00e7", "stars": "6.5k"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Beatbump", "url": "https://github.com/snuffyDev/Beatbump", "description": "Alternative frontend for YouTube Music; no ads and custom API wrapper.", "stars": "1.1k"}, {"name": "ViMusic", "url": "https://github.com/vfsfitvnm/ViMusic", "description": "\\[Unmantained] A Jetpack Compose Android application for streaming music from YouTube Music.", "stars": "9.4k"}, {"name": "dzr", "url": "https://github.com/yne/dzr", "description": "Command line Deezer player for Linux, BSD, Android+Termux", "stars": "249"}, {"name": "Antennapod", "url": "https://antennapod.org", "description": "A podcast player that is completely open. Subscribe to any RSS feed."}, {"name": "Castopod", "url": "https://castopod.org", "description": "Self-host your podcasts with ease, keep control over what you create and talk to your audience without any middleman. Your podcast and your audience belong to you and you only."}, {"name": "Funkwhale", "url": "https://funkwhale.audio/", "description": "A social platform to enjoy and share audio."}, {"name": "Anytype", "url": "https://www.anytype.io/", "description": "An open-source Notion alternative. E2EE, cloud and local network sync, can be self-hosted."}, {"name": "AppFlowy", "url": "https://www.appflowy.io/", "description": "Open Source Notion Alternative. You are in charge of your data and customizations."}, {"name": "HedgeDoc", "url": "https://hedgedoc.org/", "description": "Formerly CodiMD (community). An awesome platform to write and share markdown."}, {"name": "Joplin", "url": "https://github.com/laurent22/joplin", "description": "Note taking and to-do application with synchronisation and encryption capabilities.", "stars": "54k"}, {"name": "Logseq", "url": "https://logseq.com/", "description": "A privacy-first alternative to WorkFlowy."}, {"name": "Memos", "url": "https://github.com/usememos/memos", "description": "An open-source, self-hosted memo hub with knowledge management and socialization.", "stars": "58k"}, {"name": "Nextcloud Notes", "url": "https://github.com/nextcloud/notes/", "description": "The Notes app is a distraction free notes taking app for Nextcloud.", "stars": "707"}, {"name": "Notally", "url": "https://github.com/OmGodse/Notally", "description": "A beautiful notes app (local only, no sync).", "stars": "2.1k"}, {"name": "Notesnook", "url": "https://notesnook.com/", "description": "Open source zero knowledge private note taking."}, {"name": "Obsidian", "url": "https://obsidian.md", "description": "Obsidian is the private and flexible note\u2011taking app. Closed source but has no trackers (website / apps) and E2EE sync."}, {"name": "Quillpad", "url": "https://quillpad.github.io/", "description": "Take beautiful markdown notes and stay organized with task lists. Fork of Quillnote."}, {"name": "SiYuan", "url": "https://github.com/siyuan-note/siyuan", "description": "A local-first personal knowledge management system.", "stars": "42k"}, {"name": "Standard Notes", "url": "https://standardnotes.org/", "description": "A free, open-source, and completely encrypted notes app."}, {"name": "TinyList", "url": "https://tinylist.app/", "description": "Create and share notes and checklists, without sacrificing your privacy."}, {"name": "Trilium Notes", "url": "https://github.com/zadam/trilium", "description": "Build your personal knowledge base with Trilium Notes", "stars": "35k"}, {"name": "Vikunja", "url": "https://vikunja.io", "description": "The open-source to-do app to organize your life."}, {"name": "YankNote", "url": "https://github.com/purocean/yn", "description": "A Hackable Markdown Note Application for Programmers.", "stars": "6.6k"}, {"name": "SongRec", "url": "https://github.com/marin-m/SongRec", "description": "An open-source Shazam client for Linux, written in Rust.", "stars": "1.7k"}, {"name": "SongID Telegram Bot", "url": "https://github.com/smcclennon/SongID", "description": "A Telegram bot that can identify music in audio/video files you send it.", "stars": "101"}, {"name": "LibreOffice", "url": "https://www.libreoffice.org/", "description": "Free and open source offline office."}, {"name": "OnlyOffice", "url": "https://www.onlyoffice.com/", "description": "Free and open source online office for collaboration."}, {"name": "Cryptpad", "url": "https://cryptpad.fr/", "description": "Collaboration suite, encrypted and open-source."}, {"name": "Etherpad", "url": "https://etherpad.org/", "description": "Highly customizable open source online editor providing collaborative editing in really real-time."}, {"name": "Fileverse", "url": "https://fileverse.io", "description": "Fileverse is building healthier alternatives with self-sovereignty, privacy by design, and standards compliance at its core."}], "notes": []}, {"name": "Privacy \u2014 No email verification, accepting monero", "entries": [{"name": "Crypton", "url": "https://crypton.sh/", "description": "Secure SMS Sim Card in the cloud. (Based in Iceland)"}, {"name": "Virtualsim", "url": "https://virtualsim.net/", "description": "Virtualsim provides physical SIM cards leasing for SMS verifications. (Based in Ukraine)"}, {"name": "MoneroSMS", "url": "https://monerosms.com/", "description": "Virtual numbers for SMS/MMS messaging and verifications. CLI and web app. (Based in United States)"}], "notes": []}, {"name": "Privacy \u2014 Email verification required, accepting monero", "entries": [{"name": "Onlinesim", "url": "https://onlinesim.ru/", "description": "Receive SMS online to virtual phone number. (Based in Russia)"}], "notes": []}, {"name": "Privacy \u2014 Email verification required, accepting crypto", "entries": [{"name": "SmsPVA", "url": "https://smspva.com/", "description": "SmsPVA is a service providing a phone number you can send any SMS on and get a text of it. (Based in France)"}], "notes": []}, {"name": "Privacy \u2014 Android", "entries": [{"name": "GrapheneOS", "url": "https://grapheneos.org/", "description": "GrapheneOS is an open source privacy and security focused mobile OS with Android app compatibility. Only **Google Pixel** phones are supported."}, {"name": "CalyxOS", "url": "https://calyxos.org/", "description": "Privacy by Design ROM. Offers better security than LineageOS or Replicant."}, {"name": "LineageOS", "url": "https://lineageos.org/", "description": "A free and open-source operating system for various devices, based on the Android mobile platform."}, {"name": "Replicant", "url": "https://www.replicant.us/", "description": "Replicant is a fully free Android distribution running on several devices."}, {"name": "UBPorts", "url": "https://www.ubports.com/", "description": "Ubuntu Touch is the touch-friendly mobile version of Ubuntu."}, {"name": "postmarketOS", "url": "https://postmarketos.org/", "description": "Touch optimised and pre-configured version of Alpine Linux."}, {"name": "PureOS", "url": "https://www.pureos.net/", "description": "Operating system developed by purism for the Librem 5."}, {"name": "Plasma Mobile", "url": "https://www.plasma-mobile.org/", "description": "Plasma, in your pocket. Privacy-respecting, open source and secure phone ecosystem."}, {"name": "mobian", "url": "https://mobian-project.org/", "description": "Debian for mobile."}], "notes": []}, {"name": "Privacy \u2014 Smart TV", "entries": [{"name": "Kodi", "url": "https://kodi.tv/", "description": "It is an entertainment hub that brings all your digital media together into a beautiful and user friendly package. It is 100% free and open source, very customisable and runs on a wide variety of devices."}, {"name": "OSMC", "url": "https://osmc.tv/", "description": "OSMC is a free and open source media center built for the people, by the people."}], "notes": []}, {"name": "Privacy \u2014 PC / MacOS", "entries": [{"name": "Fedora", "url": "https://getfedora.org/", "description": ""}, {"name": "Mint (Cinnamon)", "url": "https://linuxmint.com/edition.php?id=305", "description": ""}, {"name": "Qubes OS", "url": "https://qubes-os.org/", "description": ""}, {"name": "Tails", "url": "https://tails.net/", "description": ""}, {"name": "AtlasOS", "url": "https://atlasos.net/", "description": "An open-source modification of Windows 10, designed to optimize performance, and latency. Atlas removes all types of tracking embedded within Windows and implements numerous group policies to minimize data collection."}, {"name": "ReactOS", "url": "https://reactos.org/", "description": "ReactOS is an operating system able to run Windows software, Windows drivers that looks-like Windows and is free and open source."}, {"name": "RedoxOS", "url": "https://www.redox-os.org/", "description": "A WIP project aiming to provide a Unix-like Operating System written in Rust."}, {"name": "AliasVault", "url": "https://www.aliasvault.net", "description": "An open source E2EE password & alias manager with a built-in email alias server"}, {"name": "Bitwarden", "url": "https://bitwarden.com", "description": "An open source cloud based password manager."}, {"name": "CarryPass", "url": "https://carrypass.net", "description": "Zero-knowledge PWA password manager with deterministic generation, encrypted vaults, and team collaboration. ([Source (\u2b5011)](https://github.com/racz-zoltan/racz-zoltan.github.io)) `MIT`"}, {"name": "KeepassXC", "url": "https://keepassxc.org/", "description": "Securely store passwords using industry standard encryption, no sync just storage."}, {"name": "LessPass", "url": "https://www.lesspass.com", "description": "Stateless password manager. Remember one master password to access your passwords. No sync needed."}, {"name": "Padloc", "url": "https://padloc.app/", "description": "The last password manager you'll ever want to use."}, {"name": "Passbolt", "url": "https://www.passbolt.com", "description": "An open source password manager designed for team collaboration."}, {"name": "Passky", "url": "https://passky.org", "description": "Simple, modern, lightweight, open-source and secure password manager."}, {"name": "Proton Pass", "url": "https://proton.me/pass", "description": "Open-source and encrypted password manager by Proton."}, {"name": "crypt.fyi", "url": "https://crypt.fyi", "description": "Ephemeral zero-knowledge sensitive data sharing platform with web, cli, and chrome-extension clients"}, {"name": "NoPaste", "url": "https://github.com/bokub/nopaste", "description": "Open Source pastebin alternative that works with no database, and no back-end code. Instead, the data is compressed and stored entirely in the link that you share, nowhere else.", "stars": "434"}, {"name": "PrivateBin", "url": "https://github.com/PrivateBin/PrivateBin", "description": "A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.", "stars": "8.1k"}, {"name": "Yopass", "url": "https://github.com/jhaals/yopass", "description": "Secure sharing of secrets, passwords and files.", "stars": "2.7k"}, {"name": "scrt.link", "url": "https://scrt.link", "description": "Share a secret. End-to-end encrypted. Ephemeral. Open-source."}, {"name": "dele-to", "url": "https://dele.to", "description": "Open Source. Modern app to share sensitive credentials and secrets securely with client-side AES-256 encryption, zero-knowledge architecture, and automatic self-destruction."}, {"name": "![", "url": "https://shields.tosdr.org/en_230.svg", "description": ""}, {"name": "Monero", "url": "https://www.getmonero.org/", "description": "Monero is cash for a connected world. It's fast, private, untraceable and secure."}, {"name": "Sparrow Wallet", "url": "https://www.sparrowwallet.com/", "description": "An open source, cross-platform desktop wallet that gives you many privacy-preserving spending tools."}, {"name": "Wasabi Wallet", "url": "https://www.wasabiwallet.io/", "description": "An open source, non-custodial, privacy-focused Bitcoin wallet available on Desktop."}], "notes": []}, {"name": "Privacy \u2014 Full Featured Financial Management", "entries": [{"name": "Actual", "url": "https://actualbudget.org", "description": "Super fast and privacy-focused app for managing your finances."}, {"name": "Firefly III", "url": "https://www.firefly-iii.org/", "description": "A free and open source personal finance manager."}, {"name": "GnuCash", "url": "https://gnucash.org/", "description": "GnuCash is personal and small-business financial-accounting software, freely licensed under the GNU GPL and available for GNU/Linux, BSD, Solaris, Mac OS X and Microsoft Windows."}, {"name": "Sure", "url": "https://github.com/we-promise/sure", "description": "Open Source and secure OS for your personal finances. Community maintained fork of the archived [Maybe (\u2b5054k)](https://github.com/maybe-finance/maybe) project.", "stars": "7.3k"}, {"name": "ezBookkeeping", "url": "https://ezbookkeeping.mayswind.net/", "description": "A lightweight, self-hosted personal finance app with a user-friendly interface and powerful bookkeeping features."}], "notes": []}, {"name": "Privacy \u2014 Budget Management", "entries": [{"name": "Budget Zen", "url": "https://budgetzen.net", "description": "Simple and Encrypted Budget Management."}, {"name": "ProExpense", "url": "https://github.com/arduia/ProExpense/", "description": "A simple free finance note to safely record daily expenses.", "stars": "104"}, {"name": "My Expenses", "url": "https://github.com/mtotschnig/MyExpenses", "description": "Featureful GPL licenced Android Expense Tracking App.", "stars": "1.1k"}], "notes": []}, {"name": "Privacy \u2014 Shared Expenses", "entries": [{"name": "Spliit", "url": "https://github.com/spliit-app/spliit#readme", "description": "Share Expenses with Friends & Family. No ads. No account. Open Source. Forever Free.", "stars": "2.6k"}, {"name": "PeerSplit", "url": "https://github.com/tanayvk/peersplit#readme", "description": "[Website](https://github.com/pluja/awesome-privacy/blob/main/README.md/peersplit.app) - Track and split group expenses. 100% free, 100% private.", "stars": "29"}, {"name": "SplitPro", "url": "https://github.com/oss-apps/split-pro#readme", "description": "[Website](https://splitpro.app) - Split Expenses with your friends for free. An open source alternative to SplitWise.", "stars": "1.1k"}, {"name": "IHateMoney", "url": "https://ihatemoney.org/", "description": "Manage your shared expenses, easily. Lacks unequal splitting."}, {"name": "Nextcloud Cospend", "url": "https://apps.nextcloud.com/apps/cospend", "description": "A group/shared budget manager inspired by the great IHateMoney."}], "notes": []}, {"name": "Privacy \u2014 Others", "entries": [{"name": "Debitum", "url": "https://github.com/Marmo/debitum", "description": "With Debitum you can track all kinds of IOUs, be it money or lent items.", "stars": "101"}], "notes": []}, {"name": "Privacy \u2014 Portfolio trackers", "entries": [{"name": "Ghostfolio", "url": "https://github.com/ghostfolio/ghostfolio#readme", "description": "open source wealth management software built with web technology.", "stars": "7.9k"}, {"name": "PortfolioPerformance", "url": "https://www.portfolio-performance.info/en/", "description": "An open source tool to calculate the overall performance of an investment portfolio-"}, {"name": "Rotki", "url": "https://github.com/rotki/rotki", "description": "An awesome portfolio tracking, analytics, accounting and tax reporting application that protects your privacy.", "stars": "3.7k"}, {"name": "![", "url": "https://shields.tosdr.org/en_417.svg", "description": ""}, {"name": "miniPaint", "url": "https://github.com/viliusle/miniPaint", "description": "Open Source alternative to Photopea. miniPaint operates directly in the browser. Nothing will be sent to any server. Everything stays in your browser.", "stars": "3.3k"}, {"name": "GIMP", "url": "https://www.gimp.org/", "description": "The Free & Open Source Image Editor."}, {"name": "Krita", "url": "https://github.com/KDE/krita", "description": "Krita is a free and open source digital painting application", "stars": "9.4k"}, {"name": "Czkawka", "url": "https://github.com/qarmin/czkawka", "description": "Multi functional app to find duplicates and similar images etc.", "stars": "30k"}, {"name": "DigiKam", "url": "https://www.digikam.org/", "description": "Awesome Professional Photo Management with the Power of Open Source."}, {"name": "Inkscape", "url": "https://inkscape.org/", "description": "Inkscape is a free and open-source vector graphics editor used to create vector images."}, {"name": "ImageGlass", "url": "https://imageglass.org/", "description": "ImageGlass is a lightweight software application whose purpose is to help you view images in a clean and intuitive working environment."}, {"name": "darktable", "url": "https://www.darktable.org/", "description": "darktable is an open source photography workflow application and raw developer"}, {"name": "Pocket Paint", "url": "https://github.com/Catrobat/Paintroid", "description": "The standard image manipulation app for Catroid.", "stars": "468"}, {"name": "Scrambled Exif", "url": "https://gitlab.com/juanitobananas/scrambled-exif", "description": "Remove Exif data from pictures before sharing them."}, {"name": "ImagePipe", "url": "https://codeberg.org/Starfish/Imagepipe", "description": "Reduces image size and removes exif-tags when sharing images on android devices."}], "notes": []}, {"name": "Privacy \u2014 Self-hosted", "entries": [{"name": "Immich", "url": "https://github.com/immich-app/immich", "description": "Self-hosted photo and video backup solution directly from your mobile phone.", "stars": "95k"}, {"name": "LibrePhotos", "url": "https://github.com/LibrePhotos/librephotos", "description": "Active [OwnPhotos (\u2b502.8k)](https://github.com/hooram/ownphotos) fork. Self hosted alternative to Google Photos.", "stars": "8k"}, {"name": "Nextcloud", "url": "https://nextcloud.com/", "description": "The open source self-hosted productivity platform that keeps you in control. It has a [*Photos*](https://github.com/nextcloud/photos) plugin to help you organize and visualize your photos."}, {"name": "Photoprism", "url": "https://photoprism.app", "description": "Feature rich server-based application for browsing, organizing and sharing your personal photo collection. The most similar to Google Photos."}, {"name": "Pigallery2", "url": "http://bpatrik.github.io/pigallery2/", "description": "A self-hosted directory-first photo gallery website."}, {"name": "Photoview", "url": "https://photoview.github.io/", "description": "Photo gallery for self-hosted personal servers with Facial Recognition."}, {"name": "Photostructure", "url": "https://photostructure.com/", "description": "Self-hosted photo library that makes browsing and sharing a lifetime of memories delightful."}, {"name": "Stingle Photos", "url": "https://stingle.org/", "description": "Open source solution that provides strong security, privacy and encryption to backup your photos."}, {"name": "Ente", "url": "https://ente.io/", "description": "End-to-end encrypted storage for photos and videos. Open source, [audited](https://ente.io/blog/cryptography-audit/) independently."}], "notes": []}, {"name": "Privacy \u2014 Third-party", "entries": [{"name": "Crypt.ee", "url": "https://crypt.ee/", "description": "A private and encrypted place for all your photos, documents, notes and more."}, {"name": "Ente", "url": "https://ente.io/", "description": "End-to-end encrypted storage for photos and videos. Open source, [audited](https://ente.io/blog/cryptography-audit/) independently."}, {"name": "Stingle Photos", "url": "https://stingle.org/", "description": "Open source solution that provides strong security, privacy and encryption to backup your photos."}], "notes": []}, {"name": "Privacy \u2014 Local", "entries": [{"name": "DigiKam", "url": "https://www.digikam.org/", "description": "Awesome Professional Photo Management with the Power of Open Source."}, {"name": "Photok", "url": "https://github.com/leonlatsch/Photok", "description": "Photok is a free Photo-Safe. It stores your photos encrypted on your device and hides them from others.", "stars": "855"}, {"name": "ImageGlass", "url": "https://imageglass.org/", "description": "ImageGlass is a lightweight software application whose purpose is to help you view images in a clean and intuitive working environment."}], "notes": []}, {"name": "Privacy \u2014 Desktop", "entries": [{"name": "Whoami Project", "url": "https://github.com/owerdogan/whoami-project", "description": "Whoami provides enhanced privacy, anonymity for Debian and Arch based linux distributions.", "stars": "2.3k"}, {"name": "BusKill", "url": "https://www.buskill.in/", "description": "BusKill is a Dead Man Switch triggered when a magnetic breakaway is tripped, severing a USB connection."}], "notes": []}, {"name": "Privacy \u2014 Android", "entries": [{"name": "\u03b5xodus", "url": "https://reports.exodus-privacy.eu.org/en/", "description": "The privacy audit platform for Android applications. Find how many trackers your apps have."}, {"name": "Plexus", "url": "https://plexus.techlore.tech/", "description": "Remove the fear of Android app compatibility on de-Googled devices. Find if an app will work on a De-Googled device."}, {"name": "Netguard", "url": "https://netguard.me/", "description": "A simple way to block access to the internet per application."}, {"name": "RethinkDNS + Firewall", "url": "https://github.com/celzero/rethink-app", "description": "An open-source, no-root firewall and DNS changer, with anti-censorship capabilities for Android 6+.", "stars": "4.7k"}, {"name": "RustDesk", "url": "https://rustdesk.com/", "description": "Open-source remote desktop client software, written in Rust. Works out of the box, full control of your data, with no concerns about security."}, {"name": "screego", "url": "https://screego.net/", "description": "Screen sharing for developers."}, {"name": "Remmina", "url": "https://remmina.org/", "description": "Remote access screen and file sharing to your desktop (RDP)."}, {"name": "UltraVNC", "url": "https://www.uvnc.com/", "description": "UltraVNC is a powerful, easy to use and free - remote pc access softwares - that can display the screen of another computer (via internet or network) on your own screen."}, {"name": "MeshCentral", "url": "https://meshcentral.com/", "description": "The open source, multi-platform, self-hosted, feature packed web site for remote device management."}, {"name": "![", "url": "https://shields.tosdr.org/en_217.svg", "description": ""}, {"name": "![", "url": "https://shields.tosdr.org/en_309.svg", "description": ""}, {"name": "![", "url": "https://shields.tosdr.org/en_860.svg", "description": ""}, {"name": "![", "url": "https://shields.tosdr.org/en_591.svg", "description": ""}, {"name": "Whoogle Search", "url": "https://github.com/benbusby/whoogle-search", "description": "A self-hosted, ad-free, privacy-respecting Google metasearch engine.", "stars": "11k"}, {"name": "librengine", "url": "https://github.com/liameno/librengine", "description": "Privacy Web Search Engine", "stars": "76"}, {"name": "SearX", "url": "https://searx.me/", "description": "Privacy-respecting metasearch engine."}, {"name": "DuckDuckGo", "url": "https://duckduckgo.com", "description": "A privacy respecting search engine."}, {"name": "Brave Search", "url": "https://search.brave.com", "description": "A privacy respecting search engine with [its own independent index](https://brave.com/search-independence/)."}, {"name": "Qwant", "url": "https://www.qwant.com/", "description": "A zero tracking search engine made and hosted in France, EU."}], "notes": []}, {"name": "Privacy \u2014 Blogging platforms (Medium)", "entries": [{"name": "Plume", "url": "https://github.com/Plume-org/Plume", "description": "", "stars": "2.2k"}, {"name": "WriteFreely", "url": "https://writefreely.org/", "description": ""}, {"name": "Scribe", "url": "https://git.sr.ht/~edwardloveall/scribe/", "description": "Medium alternative forntend inspired by Invidious."}], "notes": []}, {"name": "Privacy \u2014 Instagram", "entries": [{"name": "Pixelfed", "url": "https://pixelfed.org/", "description": ""}], "notes": []}, {"name": "Privacy \u2014 LBRY and Odysee", "entries": [{"name": "Librarian", "url": "https://codeberg.org/librarian/librarian", "description": "An alternative frontend for LBRY/Odysee. Inspired by Invidious and Libreddit."}], "notes": []}, {"name": "Privacy \u2014 Quora", "entries": [{"name": "Quetre", "url": "https://github.com/zyachel/quetre", "description": "Quetre is an alternative front-end to Quora. It enables you to see answers without ads, trackers, and other such bloat.", "stars": "496"}], "notes": []}, {"name": "Privacy \u2014 YouTube", "entries": [{"name": "Peertube", "url": "https://joinpeertube.org/en/", "description": ""}, {"name": "Odysee", "url": "https://odysee.com/", "description": "Odysee is a video platform backed by the creators of lbry and uses the lbry blockchain protocol."}, {"name": "DTube", "url": "https://github.com/dtube/dtube", "description": "A full-featured video sharing website, decentralized.", "stars": "828"}, {"name": "Invidious", "url": "https://github.com/iv-org/invidious", "description": "Alternative and privacy respecting YouTube frontend.", "stars": "19k"}, {"name": "Piped", "url": "https://github.com/TeamPiped/Piped", "description": "An alternative privacy-friendly YouTube frontend which is efficient by design.", "stars": "9.8k"}, {"name": "ViewTube", "url": "https://github.com/viewtube/viewtube-vue", "description": "ViewTube is an alternative privacy-friendly YouTube frontend written in Vue.js", "stars": "1.5k"}, {"name": "Youtube-Local", "url": "https://github.com/user234683/youtube-local", "description": "browser-based client for watching Youtube anonymously and with greater page performance.", "stars": "749"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "FreeTube", "url": "https://github.com/FreeTubeApp/FreeTube", "description": "FreeTube is an open source desktop YouTube player built with privacy in mind. (Uses Local RSS API or Invidious for backend).", "stars": "20k"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Yattee", "url": "https://github.com/yattee/yattee", "description": "Alternative YouTube frontend for iOS, tvOS and macOS built with Invidious and Piped.", "stars": "3.4k"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}], "notes": []}, {"name": "Privacy \u2014 TikTok", "entries": [{"name": "ProxiTok", "url": "https://github.com/pablouser1/ProxiTok", "description": "Open source alternative frontend for TikTok", "stars": "2.1k"}], "notes": []}, {"name": "Privacy \u2014 Twitter", "entries": [{"name": "Memos", "url": "https://github.com/usememos/memos", "description": "An open-source, self-hosted memo hub with knowledge management and socialization.", "stars": "58k"}, {"name": "Nostr", "url": "https://github.com/nostr-protocol/nostr", "description": "Open protocol that is able to create a censorship-resistant global \"social\" network. It doesn't rely on any trusted central server, hence it is resilient; it is based on cryptographic keys and signatures, so it is tamperproof; it does not rely on P2P techniques, therefore it works. **Note**: Nostr is a protocol, so it is capable of offering much more than a Twitter alternative.", "stars": "11k"}, {"name": "Mastodon", "url": "https://joinmastodon.org/", "description": ""}, {"name": "Pleroma", "url": "https://pleroma.social/", "description": ""}, {"name": "Nitter", "url": "https://github.com/zedeus/nitter/wiki/Instances", "description": "Nitter is a free and open source alternative Twitter front-end focused on privacy.", "stars": "13k"}, {"name": "Feetter", "url": "https://codeberg.org/pluja/Feetter", "description": "Create, sync and manage Nitter feeds without registration from any device."}], "notes": []}, {"name": "Privacy \u2014 Reddit", "entries": [{"name": "Aether", "url": "https://getaether.net/", "description": "Peer-to-peer ephemeral public communities."}, {"name": "Kbin", "url": "https://github.com/ernestwisniewski/kbin", "description": "", "stars": "803"}, {"name": "Lemmy", "url": "https://join.lemmy.ml/", "description": ""}, {"name": "SaidIt", "url": "https://saidit.net/", "description": "Open source Reddit clone."}, {"name": "Libreddit", "url": "https://github.com/libreddit/libreddit", "description": "~~Private Reddit front-end written in Rust~~ [No longer working - Read here (\u2b505.2k)](https://github.com/libreddit/libreddit/issues/840)", "stars": "5.2k"}, {"name": "Redlib", "url": "https://github.com/redlib-org/redlib", "description": "An alternative private front-end to Reddit, with its origins in Libreddit.", "stars": "3.2k"}], "notes": []}, {"name": "Privacy \u2014 Streaming Platforms (Twitch)", "entries": [{"name": "Owncast", "url": "https://github.com/owncast/owncast", "description": "Take control over your live stream video by running it yourself. Streaming + chat out of the box.", "stars": "11k"}, {"name": "livego", "url": "https://github.com/gwuhaolin/livego", "description": "Live video streaming server in golang.", "stars": "10k"}], "notes": []}, {"name": "Privacy \u2014 Wikipedia", "entries": [{"name": "Wikiless", "url": "https://wikiless.whateveritworks.org/", "description": "A maintained fork of the free open source alternative Wikipedia front-end focused on privacy [Source Code (\u2b50266)](https://github.com/Metastem/wikiless). (Original instance: [wikiless.org](https://wikiless.org/), Wikiless repository has been removed by Codeberg, [follow news here](https://orenom.fi/))"}], "notes": []}, {"name": "Privacy \u2014 Imgur", "entries": [{"name": "Imgin", "url": "https://git.voidnet.tech/kev/imgin", "description": "A minimalist, tor-friendly, read-only Imgur proxy insipired by software like Invidious, Nitter, and Bibliogram."}, {"name": "rimgo", "url": "https://codeberg.org/video-prize-ranch/rimgo#instances", "description": "An alternative frontend for Imgur. Read-only, no-js, Based on rimgu and rewritten in Go."}, {"name": "![", "url": "https://shields.tosdr.org/en_206.svg", "description": ""}, {"name": "![", "url": "https://shields.tosdr.org/en_536.svg", "description": ""}, {"name": "Zulip", "url": "https://zulip.com/", "description": "Chat for distributed teams."}, {"name": "Revolt", "url": "https://revolt.chat/", "description": "User-first chat platform built with modern web technologies."}, {"name": "Twake", "url": "https://twake.app/", "description": "Work in a team faster. Twake covers all of your organizational needs through a single platform."}, {"name": "RocketChat", "url": "https://rocket.chat/", "description": "Control your communication, manage your data, and have your own collaboration platform to improve team productivity."}, {"name": "Nextcloud Talk", "url": "https://nextcloud.com/talk/", "description": "Keep conversations private with Nextcloud Talk."}, {"name": "Mattermost", "url": "https://mattermost.com/", "description": "Open-source Slack alternative."}, {"name": "See this section for Discord mods and alternative clients", "url": "https://github.com/pluja/awesome-privacy/blob/main/README.md#alternative-clientsmodifications-of-discord", "description": "", "stars": "18k"}, {"name": "Screenity", "url": "https://screenity.io/en/", "description": "A powerful privacy-friendly screen recorder and annotation tool to make better videos for work, education, and more."}, {"name": "OBS", "url": "https://obsproject.com/", "description": "Free and open source software for video recording and live streaming."}, {"name": "Mozilla Translate", "url": "https://mozilla.github.io/translate/", "description": "Open Source, runs model locally in your browser."}, {"name": "Libretranslate", "url": "https://libretranslate.com/", "description": "Open Source Machine Translation - 100% Self-Hosted. No Limits. No Ties to Proprietary Services."}, {"name": "Apertium", "url": "https://apertium.org/", "description": "A free/open-source machine translation platform, runs offline on your computer"}, {"name": "Softcatala", "url": "https://www.softcatala.org/traductor/", "description": "Open Source Translation tool - Only Catalan/Spanish/English/French (uses apertium)"}, {"name": "TranslateLocally", "url": "https://translatelocally.com/", "description": "Free/open-source neural MT, runs offline on your computer"}, {"name": "Linguist", "url": "https://linguister.io", "description": "A free and Open Source full-featured translation solution in-browser with embedded offline translator and [custom translators](https://linguister.io/docs/CustomTranslator). Full-page translation, TTS, dictionary, translation for user input and selected text on page."}, {"name": "Lingva", "url": "https://github.com/TheDavidDelta/lingva-translate", "description": "Alternative front-end for Google Translate. [Demo](https://lingva.ml/).", "stars": "1.8k"}, {"name": "Simplytranslate", "url": "https://codeberg.org/ManeraKai/simplytranslate", "description": "Alternative front-end for Google Translate and LibreTranslate. [Demo](https://simplytranslate.org/)"}, {"name": "Skymap", "url": "https://skymaponline.net/", "description": "Open online planetarium program."}, {"name": "CrowdSec", "url": "https://github.com/crowdsecurity/crowdsec", "description": "An open-source, modernized and collaborative fail2ban.", "stars": "13k"}, {"name": "Hetty", "url": "https://github.com/dstotijn/hetty", "description": "Hetty is an HTTP toolkit for security research. It aims to be an open-source alternative to Burp Suite Pro.", "stars": "9.4k"}, {"name": "Visited", "url": "https://github.com/yuis-ice/visited", "description": "Locally collect browsing history over browsers.", "stars": "97"}, {"name": "Deskreen", "url": "https://github.com/pavlobu/deskreen", "description": "Turn any device into a secondary screen for your computer.", "stars": "20k"}, {"name": "Loggit", "url": "https://loggit.net", "description": "Simple and Encrypted Life Tracking & Logging."}, {"name": "Codeberg", "url": "https://codeberg.org/", "description": "Codeberg is a collaboration platform providing Git hosting and services for free and open source software, content and projects."}, {"name": "Forgejo", "url": "https://forgejo.org/", "description": "Forgejo is a self-hosted lightweight software forge."}, {"name": "GitLab", "url": "https://about.gitlab.com/", "description": "GitLab a DevOps software package that can develop, secure, and operate software."}, {"name": "Radicle", "url": "https://radicle.xyz/", "description": "An open source, peer-to-peer code collaboration stack built on Git. Unlike centralized code hosting platforms, there is no single entity controlling the network. Repositories are replicated across peers in a decentralized manner, and users are in full control of their data and workflow."}, {"name": "BigBlueButton", "url": "https://bigbluebutton.org/", "description": "BigBlueButton is a web conferencing system designed for online learning."}, {"name": "Briefing", "url": "https://github.com/holtwick/briefing/", "description": "Secure direct video group chat. Only open technologies (such as WebRTC) are used, which work with all modern browsers.", "stars": "1.6k"}, {"name": "Chitchatter", "url": "https://chitchatter.im/", "description": "Secure P2P chat that is serverless, decentralized, and ephemeral. Supports text, audio, video, screen, and file sharing."}, {"name": "Jam", "url": "https://github.com/jam-systems/jam", "description": "Jam is your own open source Clubhouse for mini conferences, friends, communities.", "stars": "1.3k"}, {"name": "Jami", "url": "https://jami.net/", "description": "P2P audio and video conferences."}, {"name": "Jitsi Meet", "url": "https://github.com/jitsi/jitsi-meet", "description": "More secure, more flexible, and completely free video conferencing. If you use the official instance, you will need to login. Self-hosting is recommended.", "stars": "29k"}, {"name": "Mirotalk P2P", "url": "https://p2p.mirotalk.com/", "description": "Free WebRTC - P2P - Simple, Secure, Fast Real-Time Video Conferences Up to 4k and 60fps, compatible with all browsers and platforms."}, {"name": "Mumble", "url": "https://www.mumble.info/", "description": "Mumble is an open source voice communication application with advanced features."}, {"name": "PeerCalls", "url": "https://peercalls.com/", "description": "Group peer to peer video calls for everyone written in Go and TypeScript."}, {"name": "OpenAsar", "url": "https://openasar.dev/", "description": "An open-source alternative of Discord desktop's app.asar that comes with a [No Track (\u2b502.9k)](https://github.com/GooseMod/OpenAsar/blob/main/src/noTrack.js) function."}, {"name": "Vencord", "url": "https://github.com/Vendicated/Vencord", "description": "A Discord client mod that does things differently.", "stars": "13k"}, {"name": "BetterDiscord", "url": "https://betterdiscord.app/", "description": "A client modification for Discord, also you need to install a [DoNotTrack](https://betterdiscord.app/plugin/DoNotTrack) plugin to block trackers."}, {"name": "Kernel", "url": "https://github.com/kernel-mod/electron", "description": "A super small and fast Electron client mod with the most capability, also you need to install a [Discord Utilities (\u2b505)](https://github.com/slow/discord-utilities) package to block trackers.", "stars": "99"}, {"name": "Replugged", "url": "https://replugged.dev/", "description": "A continuation of the deprecated client mod [Powercord](https://powercord.dev)."}, {"name": "WebCord", "url": "https://github.com/SpacingBat3/WebCord", "description": "A Discord and Fosscord API-less client made with the Electron.", "stars": "2.4k"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "![", "url": "https://shields.tosdr.org/en_417.svg", "description": ""}, {"name": "kdenlive", "url": "https://kdenlive.org/", "description": "Open source video editor. Free and easy to use for any purpose, forever."}, {"name": "LosslessCut", "url": "https://github.com/mifi/lossless-cut", "description": "LosslessCut aims to be the ultimate cross platform FFmpeg GUI for extremely fast and lossless operations on video, audio, subtitle and other related media files.", "stars": "39k"}, {"name": "Olive Video Editor", "url": "https://olivevideoeditor.org/", "description": "Free open-source advanced non-linear video editor currently in Alpha state."}, {"name": "OpenCut", "url": "https://github.com/OpenCut-app/OpenCut", "description": "\\[beta] A free, open-source video editor for web, desktop, and mobile.", "stars": "47k"}, {"name": "Shotcut", "url": "https://www.shotcut.org/", "description": "Shotcut is a free, open source and simple cross-platform video editor."}, {"name": "Free VPNs", "url": "https://techcrunch.com/2020/09/24/free-vpn-bad-for-privacy/", "description": ""}, {"name": "IVPN", "url": "https://ivpn.net", "description": ""}, {"name": "LNVPN", "url": "https://lnvpn.net", "description": ""}, {"name": "Mullvad VPN", "url": "https://mullvad.net", "description": ""}, {"name": "Proton VPN", "url": "https://protonvpn.com", "description": ""}, {"name": "SPN", "url": "https://safing.io/", "description": ""}, {"name": "Brave", "url": "https://brave.com/", "description": "Android/iOS. Brave offers a pretty good out-of-the-box set of privacy and tracker protections."}, {"name": "Firefox", "url": "https://www.mozilla.org/en-US/firefox/mobile/", "description": "Android/iOS"}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "\ud83e\udd16", "url": "#icons", "description": ""}, {"name": "Tor Browser", "url": "https://www.torproject.org/", "description": "iOS/Android. Defend yourself against tracking and surveillance and circumvent censorship."}, {"name": "Cromite", "url": "https://www.cromite.org/", "description": "Cromite is a Chromium fork based on Bromite with built-in support for ad blocking and an eye for privacy."}, {"name": "Ungoogled Chromium", "url": "https://github.com/ungoogled-software/ungoogled-chromium", "description": "A lightweight approach to removing Google web service dependency. Ungoogled-chromium is Google Chromium, sans dependency on Google web services.", "stars": "26k"}, {"name": "Brave", "url": "https://brave.com/", "description": "Brave offers a pretty good out-of-the-box set of privacy and tracker protections."}, {"name": "Firefox", "url": "https://www.mozilla.org/en-US/firefox/new/", "description": "Open Source, independent browser. It needs some [hardening and tweaking](https://anonymousplanet.org/guide.html#firefox-1) to achieve great privacy."}, {"name": "Tor Browser", "url": "https://www.torproject.org/", "description": ""}, {"name": "Mullvad Browser", "url": "https://mullvad.net/en/browser/", "description": "Browser with the privacy and security implications of the Tor Browser, without the use of the Tor network."}], "notes": []}, {"name": "Privacy \u2014 Browser Addons", "entries": [{"name": "uBlock Origin", "url": "https://ublockorigin.com/", "description": "Free, open-source ad content blocker. Easy on CPU and memory."}, {"name": "LibRedirect", "url": "https://github.com/libredirect/libredirect", "description": "A simple web extension that redirects Twitter, YouTube, Google Maps and many more requests to privacy friendly alternatives. Former Privacy Redirect is no longer maintained, LibRedirect is a maintained fork.", "stars": "3.9k"}, {"name": "Single File", "url": "https://github.com/gildas-lormeau/SingleFile", "description": "Save a faithful copy of an entire web page in a single HTML file so you can use it offline.", "stars": "21k"}], "notes": []}, {"name": "Privacy \u2014 Browser Sync", "entries": [{"name": "xBrowserSync", "url": "https://www.xbrowsersync.org/", "description": "Browser syncing as it should be: secure, anonymous and free!"}], "notes": []}], "total_entries": 543}, {"name": "Malware Analysis", "subcategories": [{"name": "Malware Analysis", "entries": [{"name": "Malware Collection", "url": "#malware-collection", "description": ""}, {"name": "Open Source Threat Intelligence", "url": "#open-source-threat-intelligence", "description": ""}, {"name": "Detection and Classification", "url": "#detection-and-classification", "description": ""}, {"name": "Online Scanners and Sandboxes", "url": "#online-scanners-and-sandboxes", "description": ""}, {"name": "Domain Analysis", "url": "#domain-analysis", "description": ""}, {"name": "Browser Malware", "url": "#browser-malware", "description": ""}, {"name": "Documents and Shellcode", "url": "#documents-and-shellcode", "description": ""}, {"name": "File Carving", "url": "#file-carving", "description": ""}, {"name": "Deobfuscation", "url": "#deobfuscation", "description": ""}, {"name": "Debugging and Reverse Engineering", "url": "#debugging-and-reverse-engineering", "description": ""}, {"name": "Network", "url": "#network", "description": ""}, {"name": "Memory Forensics", "url": "#memory-forensics", "description": ""}, {"name": "Windows Artifacts", "url": "#windows-artifacts", "description": ""}, {"name": "Storage and Workflow", "url": "#storage-and-workflow", "description": ""}, {"name": "Miscellaneous", "url": "#miscellaneous", "description": ""}, {"name": "Resources", "url": "#resources", "description": ""}, {"name": "Related Awesome Lists", "url": "#related-awesome-lists", "description": ""}, {"name": "Contributing", "url": "#contributing", "description": ""}, {"name": "Thanks", "url": "#thanks", "description": ""}], "notes": []}, {"name": "Malware Analysis \u2014 Anonymizers", "entries": [{"name": "Anonymouse.org", "url": "http://anonymouse.org/", "description": "A free, web based anonymizer."}, {"name": "OpenVPN", "url": "https://openvpn.net/", "description": "VPN software and hosting solutions."}, {"name": "Privoxy", "url": "http://www.privoxy.org/", "description": "An open source proxy server with some"}, {"name": "Tor", "url": "https://www.torproject.org/", "description": "The Onion Router, for browsing the web"}], "notes": []}, {"name": "Malware Analysis \u2014 Honeypots", "entries": [{"name": "Conpot", "url": "https://github.com/mushorg/conpot", "description": "ICS/SCADA honeypot.", "stars": "1.2k"}, {"name": "Cowrie", "url": "https://github.com/micheloosterhof/cowrie", "description": "SSH honeypot, based", "stars": "5k"}, {"name": "DemoHunter", "url": "https://github.com/RevengeComing/DemonHunter", "description": "Low interaction Distributed Honeypots.", "stars": "58"}, {"name": "Dionaea", "url": "https://github.com/DinoTools/dionaea", "description": "Honeypot designed to trap malware.", "stars": "688"}, {"name": "Glastopf", "url": "https://github.com/mushorg/glastopf", "description": "Web application honeypot.", "stars": "541"}, {"name": "Honeyd", "url": "http://www.honeyd.org/", "description": "Create a virtual honeynet."}, {"name": "HoneyDrive", "url": "https://bruteforce.gr/honeydrive/", "description": "Honeypot bundle Linux distro."}, {"name": "Honeytrap", "url": "https://github.com/honeytrap/honeytrap", "description": "Opensource system for running, monitoring and managing honeypots.", "stars": "1.2k"}, {"name": "MHN", "url": "https://github.com/pwnlandia/mhn", "description": "MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface.", "stars": "2.4k"}, {"name": "Mnemosyne", "url": "https://github.com/johnnykv/mnemosyne", "description": "A normalizer for", "stars": "44"}, {"name": "Thug", "url": "https://github.com/buffer/thug", "description": "Low interaction honeyclient, for", "stars": "967"}], "notes": []}, {"name": "Malware Analysis \u2014 Malware Corpora", "entries": [{"name": "Clean MX", "url": "http://support.clean-mx.com/clean-mx/viruses.php", "description": "Realtime"}, {"name": "Contagio", "url": "http://contagiodump.blogspot.com/", "description": "A collection of recent"}, {"name": "Exploit Database", "url": "https://www.exploit-db.com/", "description": "Exploit and shellcode"}, {"name": "Infosec - CERT-PA", "url": "https://infosec.cert-pa.it/analyze/submission.html", "description": "Malware samples collection and analysis."}, {"name": "InQuest Labs", "url": "https://labs.inquest.net", "description": "Evergrowing searchable corpus of malicious Microsoft documents."}, {"name": "Javascript Mallware Collection", "url": "https://github.com/HynekPetrak/javascript-malware-collection", "description": "Collection of almost 40.000 javascript malware samples", "stars": "653"}, {"name": "Malpedia", "url": "https://malpedia.caad.fkie.fraunhofer.de/", "description": "A resource providing"}, {"name": "Malshare", "url": "https://malshare.com", "description": "Large repository of malware actively"}, {"name": "Ragpicker", "url": "https://github.com/robbyFux/Ragpicker", "description": "Plugin based malware", "stars": "91"}, {"name": "theZoo", "url": "https://github.com/ytisf/theZoo", "description": "Live malware samples for", "stars": "11k"}, {"name": "Tracker h3x", "url": "http://tracker.h3x.eu/", "description": "Agregator for malware corpus tracker"}, {"name": "vduddu malware repo", "url": "https://github.com/vduddu/Malware", "description": "Collection of"}, {"name": "VirusBay", "url": "https://beta.virusbay.io/", "description": "Community-Based malware repository and social network."}, {"name": "ViruSign", "url": "http://www.virussign.com/", "description": "Malware database that detected by"}, {"name": "VirusShare", "url": "https://virusshare.com/", "description": "Malware repository, registration"}, {"name": "VX Vault", "url": "http://vxvault.net", "description": "Active collection of malware samples."}, {"name": "Zeltser's Sources", "url": "https://zeltser.com/malware-sample-sources/", "description": "A list"}, {"name": "Zeus Source Code", "url": "https://github.com/Visgean/Zeus", "description": "Source for the Zeus", "stars": "1.4k"}, {"name": "VX Underground", "url": "http://vx-underground.org/", "description": "Massive and growing collection of free malware samples."}], "notes": []}, {"name": "Malware Analysis \u2014 Tools", "entries": [{"name": "AbuseHelper", "url": "https://github.com/abusesa/abusehelper", "description": "An open-source", "stars": "113"}, {"name": "AlienVault Open Threat Exchange", "url": "https://otx.alienvault.com/", "description": "Share and"}, {"name": "Combine", "url": "https://github.com/mlsecproject/combine", "description": "Tool to gather Threat", "stars": "650"}, {"name": "Fileintel", "url": "https://github.com/keithjjones/fileintel", "description": "Pull intelligence per file hash.", "stars": "115"}, {"name": "Hostintel", "url": "https://github.com/keithjjones/hostintel", "description": "Pull intelligence per host.", "stars": "258"}, {"name": "IntelMQ", "url": "https://www.enisa.europa.eu/topics/csirt-cert-services/community-projects/incident-handling-automation", "description": ""}, {"name": "IOC Editor", "url": "https://www.fireeye.com/services/freeware/ioc-editor.html", "description": ""}, {"name": "iocextract", "url": "https://github.com/InQuest/python-iocextract", "description": "Advanced Indicator", "stars": "495"}, {"name": "ioc\\_writer", "url": "https://github.com/mandiant/ioc_writer", "description": "Python library for", "stars": "199"}, {"name": "MalPipe", "url": "https://github.com/silascutler/MalPipe", "description": "Malware/IOC ingestion and", "stars": "102"}, {"name": "Massive Octo Spice", "url": "https://github.com/csirtgadgets/massive-octo-spice", "description": "", "stars": "228"}, {"name": "MISP", "url": "https://github.com/MISP/MISP", "description": "Malware Information Sharing", "stars": "5.1k"}, {"name": "Pulsedive", "url": "https://pulsedive.com", "description": "Free, community-driven threat intelligence platform collecting IOCs from open-source feeds."}, {"name": "PyIOCe", "url": "https://github.com/pidydx/PyIOCe", "description": "A Python OpenIOC editor.", "stars": "16"}, {"name": "RiskIQ", "url": "https://community.riskiq.com/", "description": "Research, connect, tag and"}, {"name": "threataggregator", "url": "https://github.com/jpsenior/threataggregator", "description": "", "stars": "78"}, {"name": "ThreatConnect", "url": "https://threatconnect.com/free/", "description": "TC Open allows you to see and"}, {"name": "ThreatCrowd", "url": "https://www.threatcrowd.org/", "description": "A search engine for threats,"}, {"name": "ThreatIngestor", "url": "https://github.com/InQuest/ThreatIngestor/", "description": "Build", "stars": "801"}, {"name": "ThreatTracker", "url": "https://github.com/michael-yip/ThreatTracker", "description": "A Python", "stars": "64"}, {"name": "TIQ-test", "url": "https://github.com/mlsecproject/tiq-test", "description": "Data visualization", "stars": "166"}], "notes": []}, {"name": "Malware Analysis \u2014 Other Resources", "entries": [{"name": "Autoshun", "url": "https://www.autoshun.org/", "description": ""}, {"name": "Bambenek Consulting Feeds", "url": "http://osint.bambenekconsulting.com/feeds/", "description": ""}, {"name": "Fidelis Barncat", "url": "https://www.fidelissecurity.com/resources/fidelis-barncat", "description": ""}, {"name": "CI Army", "url": "http://cinsscore.com/", "description": ""}, {"name": "Critical Stack- Free Intel Market", "url": "https://intel.criticalstack.com", "description": "Free"}, {"name": "Cybercrime tracker", "url": "http://cybercrime-tracker.net/", "description": "Multiple botnet active tracker."}, {"name": "FireEye IOCs", "url": "https://github.com/fireeye/iocs", "description": "Indicators of Compromise", "stars": "461"}, {"name": "FireHOL IP Lists", "url": "https://iplists.firehol.org/", "description": "Analytics for 350+ IP lists"}, {"name": "HoneyDB", "url": "https://riskdiscovery.com/honeydb", "description": "Community driven honeypot sensor data collection and aggregation."}, {"name": "hpfeeds", "url": "https://github.com/rep/hpfeeds", "description": "Honeypot feed protocol.", "stars": "208"}, {"name": "Infosec - CERT-PA lists", "url": "https://infosec.cert-pa.it/analyze/statistics.html", "description": ""}, {"name": "InQuest REPdb", "url": "https://labs.inquest.net/repdb", "description": "Continuous aggregation of IOCs from a variety of open reputation sources."}, {"name": "InQuest IOCdb", "url": "https://labs.inquest.net/iocdb", "description": "Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter."}, {"name": "Internet Storm Center (DShield)", "url": "https://isc.sans.edu/", "description": "Diary and"}, {"name": "malc0de", "url": "http://malc0de.com/database/", "description": "Searchable incident database."}, {"name": "Malware Domain List", "url": "http://www.malwaredomainlist.com/", "description": "Search and share"}, {"name": "MetaDefender Threat Intelligence Feed", "url": "https://www.opswat.com/developers/threat-intelligence-feed", "description": ""}, {"name": "OpenIOC", "url": "https://www.fireeye.com/services/freeware.html", "description": "Framework for sharing threat intelligence."}, {"name": "Proofpoint Threat Intelligence", "url": "https://www.proofpoint.com/us/products/et-intelligence", "description": ""}, {"name": "Ransomware overview", "url": "https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml", "description": ""}, {"name": "STIX - Structured Threat Information eXpression", "url": "http://stixproject.github.io", "description": ""}, {"name": "SystemLookup", "url": "https://www.systemlookup.com/", "description": "SystemLookup hosts a collection of lists that provide information on"}, {"name": "ThreatMiner", "url": "https://www.threatminer.org/", "description": "Data mining portal for threat"}, {"name": "threatRECON", "url": "https://threatrecon.co/", "description": "Search for indicators, up to 1000"}, {"name": "ThreatShare", "url": "https://threatshare.io/", "description": "C2 panel tracker"}, {"name": "Yara rules", "url": "https://github.com/Yara-Rules/rules", "description": "Yara rules repository.", "stars": "4k"}, {"name": "YETI", "url": "https://github.com/yeti-platform/yeti", "description": "Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.", "stars": "1.7k"}, {"name": "ZeuS Tracker", "url": "https://zeustracker.abuse.ch/blocklist.php", "description": "ZeuS"}, {"name": "AnalyzePE", "url": "https://github.com/hiddenillusion/AnalyzePE", "description": "Wrapper for a", "stars": "201"}, {"name": "Assemblyline", "url": "https://cybercentrecanada.github.io/assemblyline4_docs/", "description": "A scalable file triage and malware analysis system integrating the cyber security community's best tools.."}, {"name": "BinaryAlert", "url": "https://github.com/airbnb/binaryalert", "description": "An open source, serverless", "stars": "1.4k"}, {"name": "capa", "url": "https://github.com/fireeye/capa", "description": "Detects capabilities in executable files.", "stars": "4k"}, {"name": "chkrootkit", "url": "http://www.chkrootkit.org/", "description": "Local Linux rootkit detection."}, {"name": "ClamAV", "url": "http://www.clamav.net/", "description": "Open source antivirus engine."}, {"name": "Detect It Easy(DiE)", "url": "https://github.com/horsicq/Detect-It-Easy", "description": "A program for", "stars": "6.9k"}, {"name": "Exeinfo PE", "url": "http://exeinfo.pe.hu/", "description": "Packer, compressor detector, unpack"}, {"name": "ExifTool", "url": "https://sno.phy.queensu.ca/~phil/exiftool/", "description": "Read, write and"}, {"name": "File Scanning Framework", "url": "https://github.com/EmersonElectricCo/fsf", "description": "", "stars": "283"}, {"name": "fn2yara", "url": "https://github.com/cmu-sei/pharos", "description": "FN2Yara is a tool to generate", "stars": "1.5k"}, {"name": "Generic File Parser", "url": "https://github.com/uppusaikiran/generic-parser", "description": "A Single Library Parser to extract meta information,static analysis and detect macros within the files.", "stars": "0"}, {"name": "hashdeep", "url": "https://github.com/jessek/hashdeep", "description": "Compute digest hashes with", "stars": "694"}, {"name": "HashCheck", "url": "https://github.com/gurnec/HashCheck", "description": "Windows shell extension", "stars": "1.7k"}, {"name": "Loki", "url": "https://github.com/Neo23x0/Loki", "description": "Host based scanner for IOCs.", "stars": "3.3k"}, {"name": "Malfunction", "url": "https://github.com/Dynetics/Malfunction", "description": "Catalog and", "stars": "191"}, {"name": "Manalyze", "url": "https://github.com/JusticeRage/Manalyze", "description": "Static analyzer for PE", "stars": "997"}, {"name": "MASTIFF", "url": "https://github.com/KoreLogicSecurity/mastiff", "description": "Static analysis", "stars": "173"}, {"name": "MultiScanner", "url": "https://github.com/mitre/multiscanner", "description": "Modular file", "stars": "615"}, {"name": "Nauz File Detector(NFD)", "url": "https://github.com/horsicq/Nauz-File-Detector", "description": "Linker/Compiler/Tool detector  for Windows, Linux and MacOS.", "stars": "497"}, {"name": "nsrllookup", "url": "https://github.com/rjhansen/nsrllookup", "description": "A tool for looking", "stars": "110"}, {"name": "packerid", "url": "https://github.com/sooshie/packerid", "description": "A cross-platform", "stars": "41"}, {"name": "PE-bear", "url": "https://hshrzd.wordpress.com/pe-bear/", "description": "Reversing tool for PE"}, {"name": "PEframe", "url": "https://github.com/guelfoweb/peframe", "description": "PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.", "stars": "599"}, {"name": "PEV", "url": "http://pev.sourceforge.net/", "description": "A multiplatform toolkit to work with PE"}, {"name": "PortEx", "url": "https://github.com/katjahahn/PortEx", "description": "Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.", "stars": "494"}, {"name": "Quark-Engine", "url": "https://github.com/quark-engine/quark-engine", "description": "An Obfuscation-Neglect Android Malware Scoring System", "stars": "1.3k"}, {"name": "Rootkit Hunter", "url": "http://rkhunter.sourceforge.net/", "description": "Detect Linux rootkits."}, {"name": "ssdeep", "url": "https://ssdeep-project.github.io/ssdeep/", "description": "Compute fuzzy hashes."}, {"name": "totalhash.py", "url": "https://gist.github.com/gleblanc1783/3c8e6b379fa9d646d401b96ab5c7877f", "description": ""}, {"name": "TrID", "url": "http://mark0.net/soft-trid-e.html", "description": "File identifier."}, {"name": "YARA", "url": "https://plusvic.github.io/yara/", "description": "Pattern matching tool for"}, {"name": "Yara rules generator", "url": "https://github.com/Neo23x0/yarGen", "description": "Generate", "stars": "1.5k"}, {"name": "Yara Finder", "url": "https://github.com/uppusaikiran/yara-finder", "description": "A simple tool to yara match the file against various yara rules to find the indicators of suspicion.", "stars": "0"}, {"name": "anlyz.io", "url": "https://sandbox.anlyz.io/", "description": "Online sandbox."}, {"name": "any.run", "url": "https://app.any.run/", "description": "Online interactive sandbox."}, {"name": "AndroTotal", "url": "https://andrototal.org/", "description": "Free online analysis of APKs"}, {"name": "BoomBox", "url": "https://github.com/nbeede/BoomBox", "description": "Automatic deployment of Cuckoo", "stars": "231"}, {"name": "Cryptam", "url": "http://www.cryptam.com/", "description": "Analyze suspicious office documents."}, {"name": "Cuckoo Sandbox", "url": "https://cuckoosandbox.org/", "description": "Open source, self hosted"}, {"name": "cuckoo-modified", "url": "https://github.com/brad-accuvant/cuckoo-modified", "description": "Modified", "stars": "268"}, {"name": "cuckoo-modified-api", "url": "https://github.com/keithjjones/cuckoo-modified-api", "description": "A", "stars": "19"}, {"name": "DeepViz", "url": "https://www.deepviz.com/", "description": "Multi-format file analyzer with"}, {"name": "detux", "url": "https://github.com/detuxsandbox/detux/", "description": "A sandbox developed to do", "stars": "257"}, {"name": "DRAKVUF", "url": "https://github.com/tklengyel/drakvuf", "description": "Dynamic malware analysis", "stars": "1k"}, {"name": "filescan.io", "url": "https://www.filescan.io/", "description": "Static malware analysis, VBA/Powershell/VBS/JS Emulation"}, {"name": "firmware.re", "url": "http://firmware.re/", "description": "Unpacks, scans and analyzes almost any"}, {"name": "HaboMalHunter", "url": "https://github.com/Tencent/HaboMalHunter", "description": "An Automated Malware", "stars": "725"}, {"name": "Hybrid Analysis", "url": "https://www.hybrid-analysis.com/", "description": "Online malware"}, {"name": "Intezer", "url": "https://analyze.intezer.com", "description": "Detect, analyze, and categorize malware by"}, {"name": "IRMA", "url": "http://irma.quarkslab.com/", "description": "An asynchronous and customizable"}, {"name": "Joe Sandbox", "url": "https://www.joesecurity.org", "description": "Deep malware analysis with Joe Sandbox."}, {"name": "Jotti", "url": "https://virusscan.jotti.org/en", "description": "Free online multi-AV scanner."}, {"name": "Limon", "url": "https://github.com/monnappa22/Limon", "description": "Sandbox for Analyzing Linux Malware.", "stars": "384"}, {"name": "Malheur", "url": "https://github.com/rieck/malheur", "description": "Automatic sandboxed analysis", "stars": "365"}, {"name": "malice.io", "url": "https://github.com/maliceio/malice", "description": "Massively scalable malware analysis framework.", "stars": "1.6k"}, {"name": "malsub", "url": "https://github.com/diogo-fernan/malsub", "description": "A Python RESTful API framework for", "stars": "363"}, {"name": "Malware config", "url": "https://malwareconfig.com/", "description": "Extract, decode and display online"}, {"name": "MalwareAnalyser.io", "url": "https://malwareanalyser.io/", "description": "Online malware anomaly-based static analyser with heuristic detection engine powered by data mining and machine learning."}, {"name": "Malwr", "url": "https://malwr.com/", "description": "Free analysis with an online Cuckoo Sandbox"}, {"name": "MetaDefender Cloud", "url": "https://metadefender.opswat.com/", "description": "Scan a file, hash, IP, URL or"}, {"name": "NetworkTotal", "url": "https://www.networktotal.com/index.html", "description": "A service that analyzes"}, {"name": "Noriben", "url": "https://github.com/Rurik/Noriben", "description": "Uses Sysinternals Procmon to", "stars": "1.1k"}, {"name": "PacketTotal", "url": "https://packettotal.com/", "description": "PacketTotal is an online engine for analyzing .pcap files, and visualizing the network traffic within."}, {"name": "PDF Examiner", "url": "http://www.pdfexaminer.com/", "description": "Analyse suspicious PDF files."}, {"name": "ProcDot", "url": "http://www.procdot.com", "description": "A graphical malware analysis tool kit."}, {"name": "Recomposer", "url": "https://github.com/secretsquirrel/recomposer", "description": "A helper", "stars": "130"}, {"name": "sandboxapi", "url": "https://github.com/InQuest/python-sandboxapi", "description": "Python library for", "stars": "132"}, {"name": "SEE", "url": "https://github.com/F-Secure/see", "description": "Sandboxed Execution Environment (SEE)", "stars": "809"}, {"name": "SEKOIA Dropper Analysis", "url": "https://malware.sekoia.fr/", "description": "Online dropper analysis (Js, VBScript, Microsoft Office, PDF)."}, {"name": "VirusTotal", "url": "https://www.virustotal.com/", "description": "Free online analysis of malware"}, {"name": "Visualize\\_Logs", "url": "https://github.com/keithjjones/visualize_logs", "description": "Open source", "stars": "136"}, {"name": "Zeltser's List", "url": "https://zeltser.com/automated-malware-analysis/", "description": "Free"}, {"name": "AbuseIPDB", "url": "https://www.abuseipdb.com/", "description": "AbuseIPDB is a project dedicated"}, {"name": "badips.com", "url": "https://www.badips.com/", "description": "Community based IP blacklist service."}, {"name": "boomerang", "url": "https://github.com/EmersonElectricCo/boomerang", "description": "A tool designed", "stars": "34"}, {"name": "Cymon", "url": "https://cymon.io/", "description": "Threat intelligence tracker, with IP/domain/hash"}, {"name": "Desenmascara.me", "url": "http://desenmascara.me", "description": "One click tool to retrieve as"}, {"name": "Dig", "url": "https://networking.ringofsaturn.com/", "description": "Free online dig and other"}, {"name": "dnstwist", "url": "https://github.com/elceef/dnstwist", "description": "Domain name permutation", "stars": "4.7k"}, {"name": "IPinfo", "url": "https://github.com/hiddenillusion/IPinfo", "description": "Gather information", "stars": "95"}, {"name": "Machinae", "url": "https://github.com/hurricanelabs/machinae", "description": "OSINT tool for", "stars": "499"}, {"name": "mailchecker", "url": "https://github.com/FGRibreau/mailchecker", "description": "Cross-language", "stars": "1.6k"}, {"name": "MaltegoVT", "url": "https://github.com/michael-yip/MaltegoVT", "description": "Maltego transform", "stars": "77"}, {"name": "Multi rbl", "url": "http://multirbl.valli.org/", "description": "Multiple DNS blacklist and forward"}, {"name": "NormShield Services", "url": "https://services.normshield.com/", "description": "Free API Services"}, {"name": "PhishStats", "url": "https://phishstats.info/", "description": "Phishing Statistics with search for"}, {"name": "Spyse", "url": "https://spyse.com/", "description": "subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,"}, {"name": "SecurityTrails", "url": "https://securitytrails.com/", "description": "Historical and current WHOIS,"}, {"name": "SpamCop", "url": "https://www.spamcop.net/bl.shtml", "description": "IP based spam block list."}, {"name": "SpamHaus", "url": "https://www.spamhaus.org/lookup/", "description": "Block list based on"}, {"name": "Sucuri SiteCheck", "url": "https://sitecheck.sucuri.net/", "description": "Free Website Malware"}, {"name": "Talos Intelligence", "url": "https://talosintelligence.com/", "description": "Search for IP, domain"}, {"name": "TekDefense Automater", "url": "http://www.tekdefense.com/automater/", "description": "OSINT tool"}, {"name": "URLhaus", "url": "https://urlhaus.abuse.ch/", "description": "A project from abuse.ch with the goal"}, {"name": "URLQuery", "url": "http://urlquery.net/", "description": "Free URL Scanner."}, {"name": "urlscan.io", "url": "https://urlscan.io/", "description": "Free URL Scanner & domain information."}, {"name": "Whois", "url": "https://whois.domaintools.com/", "description": "DomainTools free online whois"}, {"name": "Zeltser's List", "url": "https://zeltser.com/lookup-malicious-websites/", "description": "Free"}, {"name": "ZScalar Zulu", "url": "https://zulu.zscaler.com/#", "description": "Zulu URL Risk Analyzer."}, {"name": "Bytecode Viewer", "url": "https://github.com/Konloch/bytecode-viewer", "description": "Combines", "stars": "14k"}, {"name": "Firebug", "url": "https://getfirebug.com/", "description": "Firefox extension for web development."}, {"name": "Java Decompiler", "url": "http://jd.benow.ca/", "description": "Decompile and inspect Java apps."}, {"name": "Java IDX Parser", "url": "https://github.com/Rurik/Java_IDX_Parser/", "description": "Parses Java", "stars": "39"}, {"name": "JSDetox", "url": "http://www.relentless-coding.com/projects/jsdetox/", "description": "JavaScript"}, {"name": "jsunpack-n", "url": "https://github.com/urule99/jsunpack-n", "description": "A javascript", "stars": "158"}, {"name": "Krakatau", "url": "https://github.com/Storyyeller/Krakatau", "description": "Java decompiler,", "stars": "2k"}, {"name": "Malzilla", "url": "http://malzilla.sourceforge.net/", "description": "Analyze malicious web pages."}, {"name": "RABCDAsm", "url": "https://github.com/CyberShadow/RABCDAsm", "description": "A \"Robust", "stars": "427"}, {"name": "SWF Investigator", "url": "https://labs.adobe.com/technologies/swfinvestigator/", "description": ""}, {"name": "swftools", "url": "http://www.swftools.org/", "description": "Tools for working with Adobe Flash"}, {"name": "xxxswf", "url": "http://hooked-on-mnemonics.blogspot.com/2011/12/xxxswfpy.html", "description": "A"}, {"name": "AnalyzePDF", "url": "https://github.com/hiddenillusion/AnalyzePDF", "description": "A tool for", "stars": "171"}, {"name": "box-js", "url": "https://github.com/CapacitorSet/box-js", "description": "A tool for studying JavaScript", "stars": "606"}, {"name": "diStorm", "url": "http://www.ragestorm.net/distorm/", "description": "Disassembler for analyzing"}, {"name": "InQuest Deep File Inspection", "url": "https://labs.inquest.net/dfi", "description": "Upload common malware lures for Deep File Inspection and heuristical analysis."}, {"name": "JS Beautifier", "url": "http://jsbeautifier.org/", "description": "JavaScript unpacking and deobfuscation."}, {"name": "libemu", "url": "http://libemu.carnivore.it/", "description": "Library and tools for x86 shellcode"}, {"name": "malpdfobj", "url": "https://github.com/9b/malpdfobj", "description": "Deconstruct malicious PDFs", "stars": "51"}, {"name": "OfficeMalScanner", "url": "http://www.reconstructer.org/code.html", "description": "Scan for"}, {"name": "olevba", "url": "http://www.decalage.info/python/olevba", "description": "A script for parsing OLE"}, {"name": "Origami PDF", "url": "https://code.google.com/archive/p/origami-pdf", "description": "A tool for"}, {"name": "PDF Tools", "url": "https://blog.didierstevens.com/programs/pdf-tools/", "description": "pdfid,"}, {"name": "PDF X-Ray Lite", "url": "https://github.com/9b/pdfxray_lite", "description": "A PDF analysis tool,", "stars": "34"}, {"name": "peepdf", "url": "http://eternal-todo.com/tools/peepdf-pdf-analysis-tool", "description": "Python"}, {"name": "QuickSand", "url": "https://www.quicksand.io/", "description": "QuickSand is a compact C framework"}, {"name": "Spidermonkey", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey", "description": ""}, {"name": "bulk\\_extractor", "url": "https://github.com/simsong/bulk_extractor", "description": "Fast file", "stars": "1k"}, {"name": "EVTXtract", "url": "https://github.com/williballenthin/EVTXtract", "description": "Carve Windows", "stars": "176"}, {"name": "Foremost", "url": "http://foremost.sourceforge.net/", "description": "File carving tool designed"}, {"name": "hachoir3", "url": "https://github.com/vstinner/hachoir3", "description": "Hachoir is a Python library", "stars": "593"}, {"name": "Scalpel", "url": "https://github.com/sleuthkit/scalpel", "description": "Another data carving", "stars": "612"}, {"name": "SFlock", "url": "https://github.com/jbremer/sflock", "description": "Nested archive", "stars": "81"}, {"name": "Balbuzard", "url": "https://bitbucket.org/decalage/balbuzard/wiki/Home", "description": "A malware"}, {"name": "de4dot", "url": "https://github.com/0xd4d/de4dot", "description": ".NET deobfuscator and", "stars": "6.8k"}, {"name": "ex\\_pe\\_xor", "url": "http://hooked-on-mnemonics.blogspot.com/2014/04/expexorpy.html", "description": ""}, {"name": "FLOSS", "url": "https://github.com/fireeye/flare-floss", "description": "The FireEye Labs Obfuscated", "stars": "3.1k"}, {"name": "NoMoreXOR", "url": "https://github.com/hiddenillusion/NoMoreXOR", "description": "Guess a 256 byte", "stars": "84"}, {"name": "PackerAttacker", "url": "https://github.com/BromiumLabs/PackerAttacker", "description": "A generic", "stars": "263"}, {"name": "PyInstaller Extractor", "url": "https://github.com/extremecoders-re/pyinstxtractor", "description": "", "stars": "2.6k"}, {"name": "uncompyle6", "url": "https://github.com/rocky/python-uncompyle6/", "description": "A cross-version", "stars": "3.6k"}, {"name": "un{i}packer", "url": "https://github.com/unipacker/unipacker", "description": "Automatic and", "stars": "623"}, {"name": "unpacker", "url": "https://github.com/malwaremusings/unpacker/", "description": "Automated malware", "stars": "117"}, {"name": "unxor", "url": "https://github.com/tomchop/unxor/", "description": "Guess XOR keys using", "stars": "138"}, {"name": "VirtualDeobfuscator", "url": "https://github.com/jnraber/VirtualDeobfuscator", "description": "", "stars": "128"}, {"name": "XORBruteForcer", "url": "http://eternal-todo.com/var/scripts/xorbruteforcer", "description": ""}, {"name": "XORSearch & XORStrings", "url": "https://blog.didierstevens.com/programs/xorsearch/", "description": ""}, {"name": "xortool", "url": "https://github.com/hellman/xortool", "description": "Guess XOR key length, as", "stars": "1.4k"}, {"name": "angr", "url": "https://github.com/angr/angr", "description": "Platform-agnostic binary analysis", "stars": "7.3k"}, {"name": "bamfdetect", "url": "https://github.com/bwall/bamfdetect", "description": "Identifies and extracts"}, {"name": "BAP", "url": "https://github.com/BinaryAnalysisPlatform/bap", "description": "Multiplatform and", "stars": "2k"}, {"name": "BARF", "url": "https://github.com/programa-stic/barf-project", "description": "Multiplatform, open", "stars": "1.4k"}, {"name": "binnavi", "url": "https://github.com/google/binnavi", "description": "Binary analysis IDE for", "stars": "2.9k"}, {"name": "Binary ninja", "url": "https://binary.ninja/", "description": "A reversing engineering platform"}, {"name": "Binwalk", "url": "https://github.com/devttys0/binwalk", "description": "Firmware analysis tool.", "stars": "10k"}, {"name": "BluePill", "url": "https://github.com/season-lab/bluepill", "description": "Framework for executing and debugging evasive malware and protected executables.", "stars": "118"}, {"name": "Capstone", "url": "https://github.com/aquynh/capstone", "description": "Disassembly framework for", "stars": "7.2k"}, {"name": "codebro", "url": "https://github.com/hugsy/codebro", "description": "Web based code browser using", "stars": "42"}, {"name": "Cutter", "url": "https://github.com/radareorg/cutter", "description": "GUI for Radare2."}, {"name": "DECAF (Dynamic Executable Code Analysis Framework)", "url": "https://github.com/sycurelab/DECAF", "description": "", "stars": "794"}, {"name": "dnSpy", "url": "https://github.com/0xd4d/dnSpy", "description": ".NET assembly editor, decompiler", "stars": "26k"}, {"name": "dotPeek", "url": "https://www.jetbrains.com/decompiler/", "description": "Free .NET Decompiler and"}, {"name": "Evan's Debugger (EDB)", "url": "http://codef00.com/projects#debugger", "description": "A"}, {"name": "Fibratus", "url": "https://github.com/rabbitstack/fibratus", "description": "Tool for exploration", "stars": "2.1k"}, {"name": "FPort", "url": "https://www.mcafee.com/us/downloads/free-tools/fport.aspx", "description": "Reports"}, {"name": "GDB", "url": "http://www.sourceware.org/gdb/", "description": "The GNU debugger."}, {"name": "GEF", "url": "https://github.com/hugsy/gef", "description": "GDB Enhanced Features, for exploiters", "stars": "6.7k"}, {"name": "Ghidra", "url": "https://github.com/NationalSecurityAgency/ghidra", "description": "A software reverse engineering (SRE) framework created and       maintained by the National Security Agency Research Directorate.", "stars": "49k"}, {"name": "hackers-grep", "url": "https://github.com/codypierce/hackers-grep", "description": "A utility to", "stars": "167"}, {"name": "Hopper", "url": "https://www.hopperapp.com/", "description": "The macOS and Linux Disassembler."}, {"name": "IDA Pro", "url": "https://www.hex-rays.com/products/ida/index.shtml", "description": "Windows"}, {"name": "IDR", "url": "https://github.com/crypto2011/IDR", "description": "Interactive Delphi Reconstructor", "stars": "916"}, {"name": "Immunity Debugger", "url": "http://debugger.immunityinc.com/", "description": "Debugger for"}, {"name": "ILSpy", "url": "http://ilspy.net/", "description": "ILSpy is the open-source .NET assembly browser and decompiler."}, {"name": "Kaitai Struct", "url": "http://kaitai.io/", "description": "DSL for file formats / network protocols /"}, {"name": "LIEF", "url": "https://lief.quarkslab.com/", "description": "LIEF provides a cross-platform library"}, {"name": "ltrace", "url": "http://ltrace.org/", "description": "Dynamic analysis for Linux executables."}, {"name": "mac-a-mal", "url": "https://github.com/phdphuc/mac-a-mal", "description": "An automated framework", "stars": "82"}, {"name": "objdump", "url": "https://en.wikipedia.org/wiki/Objdump", "description": "Part of GNU binutils,"}, {"name": "OllyDbg", "url": "http://www.ollydbg.de/", "description": "An assembly-level debugger for Windows"}, {"name": "OllyDumpEx", "url": "https://low-priority.appspot.com/ollydumpex/", "description": "Dump memory"}, {"name": "PANDA", "url": "https://github.com/moyix/panda", "description": "Platform for Architecture-Neutral", "stars": "102"}, {"name": "PEDA", "url": "https://github.com/longld/peda", "description": "Python Exploit Development", "stars": "5.8k"}, {"name": "pestudio", "url": "https://winitor.com/", "description": "Perform static analysis of Windows"}, {"name": "Pharos", "url": "https://github.com/cmu-sei/pharos", "description": "The Pharos binary analysis framework", "stars": "1.5k"}, {"name": "plasma", "url": "https://github.com/plasma-disassembler/plasma", "description": "Interactive", "stars": "3k"}, {"name": "PPEE (puppy)", "url": "https://www.mzrst.com/", "description": "A Professional PE file Explorer for"}, {"name": "Process Explorer", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer", "description": ""}, {"name": "Process Hacker", "url": "http://processhacker.sourceforge.net/", "description": "Tool that monitors"}, {"name": "Process Monitor", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/procmon", "description": ""}, {"name": "PSTools", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/pstools", "description": "Windows"}, {"name": "Pyew", "url": "https://github.com/joxeankoret/pyew", "description": "Python tool for malware", "stars": "380"}, {"name": "PyREBox", "url": "https://github.com/Cisco-Talos/pyrebox", "description": "Python scriptable reverse", "stars": "1.6k"}, {"name": "Qiling Framework", "url": "https://www.qiling.io/", "description": "Cross platform emulation and sanboxing"}, {"name": "QKD", "url": "https://github.com/ispras/qemu/releases/", "description": "QEMU with embedded WinDbg", "stars": "50"}, {"name": "Radare2", "url": "http://www.radare.org/r/", "description": "Reverse engineering framework, with"}, {"name": "RegShot", "url": "https://sourceforge.net/projects/regshot/", "description": "Registry compare utility"}, {"name": "RetDec", "url": "https://retdec.com/", "description": "Retargetable machine-code decompiler with an"}, {"name": "ROPMEMU", "url": "https://github.com/Cisco-Talos/ROPMEMU", "description": "A framework to analyze, dissect", "stars": "281"}, {"name": "Scylla Imports Reconstructor", "url": "https://github.com/NtQuery/Scylla", "description": "Find and fix", "stars": "1k"}, {"name": "ScyllaHide", "url": "https://github.com/x64dbg/ScyllaHide", "description": "An Anti-Anti-Debug library", "stars": "3.3k"}, {"name": "SMRT", "url": "https://github.com/pidydx/SMRT", "description": "Sublime Malware Research Tool, a", "stars": "64"}, {"name": "strace", "url": "https://sourceforge.net/projects/strace/", "description": "Dynamic analysis for"}, {"name": "StringSifter", "url": "https://github.com/fireeye/stringsifter", "description": "A machine learning tool", "stars": "659"}, {"name": "Triton", "url": "https://triton.quarkslab.com/", "description": "A dynamic binary analysis (DBA) framework."}, {"name": "Udis86", "url": "https://github.com/vmt/udis86", "description": "Disassembler library and tool", "stars": "999"}, {"name": "Vivisect", "url": "https://github.com/vivisect/vivisect", "description": "Python tool for", "stars": "908"}, {"name": "WinDbg", "url": "https://developer.microsoft.com/en-us/windows/hardware/download-windbg", "description": "multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps."}, {"name": "X64dbg", "url": "https://github.com/x64dbg/", "description": "An open-source x64/x32 debugger for windows."}, {"name": "Bro", "url": "https://www.bro.org", "description": "Protocol analyzer that operates at incredible"}, {"name": "BroYara", "url": "https://github.com/hempnall/broyara", "description": "Use Yara rules from Bro.", "stars": "31"}, {"name": "CapTipper", "url": "https://github.com/omriher/CapTipper", "description": "Malicious HTTP traffic", "stars": "707"}, {"name": "chopshop", "url": "https://github.com/MITRECND/chopshop", "description": "Protocol analysis and", "stars": "487"}, {"name": "CloudShark", "url": "https://www.cloudshark.org", "description": "Web-based tool for packet analysis"}, {"name": "FakeNet-NG", "url": "https://github.com/fireeye/flare-fakenet-ng", "description": "Next generation", "stars": "1.7k"}, {"name": "Fiddler", "url": "https://www.telerik.com/fiddler", "description": "Intercepting web proxy designed"}, {"name": "Hale", "url": "https://github.com/pjlantz/Hale", "description": "Botnet C\\&C monitor.", "stars": "184"}, {"name": "Haka", "url": "http://www.haka-security.org/", "description": "An open source security oriented"}, {"name": "HTTPReplay", "url": "https://github.com/jbremer/httpreplay", "description": "Library for parsing", "stars": "94"}, {"name": "INetSim", "url": "http://www.inetsim.org/", "description": "Network service emulation, useful when"}, {"name": "Laika BOSS", "url": "https://github.com/lmco/laikaboss", "description": "Laika BOSS is a file-centric", "stars": "723"}, {"name": "Malcolm", "url": "https://github.com/idaholab/Malcolm", "description": "Malcolm is a powerful, easily", "stars": "327"}, {"name": "Malcom", "url": "https://github.com/tomchop/malcom", "description": "Malware Communications", "stars": "1.1k"}, {"name": "Maltrail", "url": "https://github.com/stamparm/maltrail", "description": "A malicious traffic", "stars": "5.9k"}, {"name": "mitmproxy", "url": "https://mitmproxy.org/", "description": "Intercept network traffic on the fly."}, {"name": "Moloch", "url": "https://github.com/aol/moloch", "description": "IPv4 traffic capturing, indexing", "stars": "6.2k"}, {"name": "NetworkMiner", "url": "http://www.netresec.com/?page=NetworkMiner", "description": "Network"}, {"name": "ngrep", "url": "https://github.com/jpr5/ngrep", "description": "Search through network traffic", "stars": "864"}, {"name": "PcapViz", "url": "https://github.com/mateuszk87/PcapViz", "description": "Network topology and", "stars": "328"}, {"name": "Python ICAP Yara", "url": "https://github.com/RamadhanAmizudin/python-icap-yara", "description": "An", "stars": "56"}, {"name": "Squidmagic", "url": "https://github.com/ch3k1/squidmagic", "description": "squidmagic is a tool", "stars": "75"}, {"name": "Tcpdump", "url": "http://www.tcpdump.org/", "description": "Collect network traffic."}, {"name": "tcpick", "url": "http://tcpick.sourceforge.net/", "description": "Trach and reassemble TCP streams"}, {"name": "tcpxtract", "url": "http://tcpxtract.sourceforge.net/", "description": "Extract files from network"}, {"name": "Wireshark", "url": "https://www.wireshark.org/", "description": "The network traffic analysis"}, {"name": "BlackLight", "url": "https://www.blackbagtech.com/blacklight.html", "description": "Windows/MacOS"}, {"name": "DAMM", "url": "https://github.com/504ensicsLabs/DAMM", "description": "Differential Analysis of", "stars": "209"}, {"name": "evolve", "url": "https://github.com/JamesHabben/evolve", "description": "Web interface for the", "stars": "259"}, {"name": "FindAES", "url": "https://sourceforge.net/projects/findaes/", "description": "Find AES"}, {"name": "inVtero.net", "url": "https://github.com/ShaneK2/inVtero.net", "description": "High speed memory", "stars": "276"}, {"name": "Muninn", "url": "https://github.com/ytisf/muninn", "description": "A script to automate portions", "stars": "51"}, {"name": "Rekall", "url": "http://www.rekall-forensic.com/", "description": "Memory analysis framework,"}, {"name": "TotalRecall", "url": "https://github.com/sketchymoose/TotalRecall", "description": "Script based", "stars": "49"}, {"name": "VolDiff", "url": "https://github.com/aim4r/VolDiff", "description": "Run Volatility on memory", "stars": "192"}, {"name": "Volatility", "url": "https://github.com/volatilityfoundation/volatility", "description": "Advanced", "stars": "7k"}, {"name": "VolUtility", "url": "https://github.com/kevthehermit/VolUtility", "description": "Web Interface for", "stars": "375"}, {"name": "WDBGARK", "url": "https://github.com/swwwolf/wdbgark", "description": "", "stars": "610"}, {"name": "WinDbg", "url": "https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit", "description": ""}, {"name": "AChoir", "url": "https://github.com/OMENScan/AChoir", "description": "A live incident response", "stars": "177"}, {"name": "python-evt", "url": "https://github.com/williballenthin/python-evt", "description": "Python", "stars": "46"}, {"name": "python-registry", "url": "http://www.williballenthin.com/registry/", "description": "Python"}, {"name": "RegRipper", "url": "http://brettshavers.cc/index.php/brettsblog/tags/tag/regripper/", "description": ""}, {"name": "Aleph", "url": "https://github.com/merces/aleph", "description": "Open Source Malware Analysis", "stars": "154"}, {"name": "CRITs", "url": "https://crits.github.io/", "description": "Collaborative Research Into Threats, a"}, {"name": "FAME", "url": "https://certsocietegenerale.github.io/fame/", "description": "A malware analysis"}, {"name": "Malwarehouse", "url": "https://github.com/sroberts/malwarehouse", "description": "Store, tag, and", "stars": "131"}, {"name": "Polichombr", "url": "https://github.com/ANSSI-FR/polichombr", "description": "A malware analysis", "stars": "373"}, {"name": "stoQ", "url": "http://stoq.punchcyber.com", "description": "Distributed content analysis"}, {"name": "Viper", "url": "http://viper.li/", "description": "A binary management and analysis framework for"}, {"name": "al-khaser", "url": "https://github.com/LordNoteworthy/al-khaser", "description": "A PoC malware", "stars": "5.6k"}, {"name": "CryptoKnight", "url": "https://github.com/AbertayMachineLearningGroup/CryptoKnight", "description": "Automated cryptographic algorithm reverse engineering and classification framework.", "stars": "38"}, {"name": "DC3-MWCP", "url": "https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP", "description": "", "stars": "290"}, {"name": "FLARE VM", "url": "https://github.com/fireeye/flare-vm", "description": "A fully customizable,", "stars": "6.1k"}, {"name": "MalSploitBase", "url": "https://github.com/misterch0c/malSploitBase", "description": "A database", "stars": "531"}, {"name": "Malware Museum", "url": "https://archive.org/details/malwaremuseum", "description": "Collection of"}, {"name": "Malware Organiser", "url": "https://github.com/uppusaikiran/malware-organiser", "description": "A simple tool to organise large malicious/benign files into a organised Structure.", "stars": "0"}, {"name": "Pafish", "url": "https://github.com/a0rtega/pafish", "description": "Paranoid Fish, a demonstration", "stars": "3.2k"}, {"name": "REMnux", "url": "https://remnux.org/", "description": "Linux distribution and docker images for"}, {"name": "Tsurugi Linux", "url": "https://tsurugi-linux.org/", "description": "Linux distribution designed to support your DFIR investigations, malware analysis and OSINT (Open Source INTelligence) activities."}, {"name": "Santoku Linux", "url": "https://santoku-linux.com/", "description": "Linux distribution for mobile"}, {"name": "Learning Malware Analysis", "url": "https://www.packtpub.com/networking-and-servers/learning-malware-analysis", "description": "Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware"}, {"name": "Malware Analyst's Cookbook and DVD", "url": "https://amzn.com/dp/0470613033", "description": ""}, {"name": "Mastering Malware Analysis", "url": "https://www.packtpub.com/networking-and-servers/mastering-malware-analysis", "description": "Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks"}, {"name": "Mastering Reverse Engineering", "url": "https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering", "description": "Mastering Reverse Engineering: Re-engineer your ethical hacking skills"}, {"name": "Practical Malware Analysis", "url": "https://amzn.com/dp/1593272901", "description": "The Hands-On"}, {"name": "Practical Reverse Engineering", "url": "https://www.amzn.com/dp/1118787315/", "description": ""}, {"name": "Real Digital Forensics", "url": "https://www.amzn.com/dp/0321240693", "description": "Computer"}, {"name": "Rootkits and Bootkits", "url": "https://www.amazon.com/dp/1593277164", "description": "Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats"}, {"name": "The Art of Memory Forensics", "url": "https://amzn.com/dp/1118825098", "description": "Detecting"}, {"name": "The IDA Pro Book", "url": "https://amzn.com/dp/1593272898", "description": "The Unofficial Guide"}, {"name": "The Rootkit Arsenal", "url": "https://amzn.com/dp/144962636X", "description": "The Rootkit Arsenal:"}, {"name": "APT Notes", "url": "https://github.com/aptnotes/data", "description": "A collection of papers", "stars": "1.6k"}, {"name": "Ember", "url": "https://github.com/endgameinc/ember", "description": "Endgame Malware BEnchmark for Research,", "stars": "905"}, {"name": "File Formats posters", "url": "https://github.com/corkami/pics", "description": "Nice visualization", "stars": "10k"}, {"name": "Honeynet Project", "url": "http://honeynet.org/", "description": "Honeypot tools, papers, and"}, {"name": "Kernel Mode", "url": "http://www.kernelmode.info/forum/", "description": "An active community"}, {"name": "Malicious Software", "url": "https://zeltser.com/malicious-software/", "description": "Malware"}, {"name": "Malware Analysis Search", "url": "https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu", "description": ""}, {"name": "Malware Analysis Tutorials", "url": "http://fumalwareanalysis.blogspot.nl/p/malware-analysis-tutorials-reverse.html", "description": ""}, {"name": "Malware Analysis, Threat Intelligence and Reverse Engineering", "url": "https://www.slideshare.net/bartblaze/malware-analysis-threat-intelligence-and-reverse-engineering", "description": ""}, {"name": "Malware Persistence", "url": "https://github.com/Karneades/malware-persistence", "description": "Collection", "stars": "160"}, {"name": "Malware Samples and Traffic", "url": "http://malware-traffic-analysis.net/", "description": "This"}, {"name": "Malware Search+++", "url": "https://addons.mozilla.org/fr/firefox/addon/malware-search-plusplusplus/", "description": ""}, {"name": "Practical Malware Analysis Starter Kit", "url": "https://bluesoul.me/practical-malware-analysis-starter-kit/", "description": ""}, {"name": "RPISEC Malware Analysis", "url": "https://github.com/RPISEC/Malware", "description": "These are the", "stars": "3.7k"}, {"name": "WindowsIR: Malware", "url": "http://windowsir.blogspot.com/p/malware.html", "description": "Harlan"}, {"name": "Windows Registry specification", "url": "https://github.com/msuhanov/regf/blob/master/Windows%20registry%20file%20format%20specification.md", "description": "", "stars": "312"}, {"name": "/r/csirt\\_tools", "url": "https://www.reddit.com/r/csirt_tools/", "description": "Subreddit for CSIRT"}, {"name": "/r/Malware", "url": "https://www.reddit.com/r/Malware", "description": "The malware subreddit."}, {"name": "/r/ReverseEngineering", "url": "https://www.reddit.com/r/ReverseEngineering", "description": ""}, {"name": "Android Security", "url": "https://github.com/ashishb/android-security-awesome", "description": "", "stars": "7.9k"}, {"name": "AppSec", "url": "https://github.com/paragonie/awesome-appsec", "description": "", "stars": "6.2k"}, {"name": "CTFs", "url": "https://github.com/apsdehal/awesome-ctf", "description": "", "stars": "9.4k"}, {"name": "Executable Packing", "url": "https://github.com/dhondta/awesome-executable-packing", "description": "", "stars": "1.1k"}, {"name": "Forensics", "url": "https://github.com/Cugu/awesome-forensics", "description": "", "stars": "3.7k"}, {"name": "\"Hacking\"", "url": "https://github.com/carpedm20/awesome-hacking", "description": "", "stars": "12k"}, {"name": "Honeypots", "url": "https://github.com/paralax/awesome-honeypots", "description": "", "stars": "8.3k"}, {"name": "Industrial Control System Security", "url": "https://github.com/hslatman/awesome-industrial-control-system-security", "description": "", "stars": "1.6k"}, {"name": "Incident-Response", "url": "https://github.com/meirwah/awesome-incident-response", "description": "", "stars": "7.3k"}, {"name": "Infosec", "url": "https://github.com/onlurking/awesome-infosec", "description": "", "stars": "5.1k"}, {"name": "PCAP Tools", "url": "https://github.com/caesar0301/awesome-pcaptools", "description": "", "stars": "3k"}, {"name": "Pentesting", "url": "https://github.com/enaqx/awesome-pentest", "description": "", "stars": "21k"}, {"name": "Security", "url": "https://github.com/sbilly/awesome-security", "description": "", "stars": "12k"}, {"name": "Threat Intelligence", "url": "https://github.com/hslatman/awesome-threat-intelligence", "description": "", "stars": "7.6k"}, {"name": "YARA", "url": "https://github.com/InQuest/awesome-yara", "description": "", "stars": "3.4k"}], "notes": []}], "total_entries": 417}, {"name": "Web Security", "subcategories": [{"name": "Web Security", "entries": [{"name": "Digests", "url": "#digests", "description": ""}, {"name": "Forums", "url": "#forums", "description": ""}, {"name": "Introduction", "url": "#intro", "description": ""}, {"name": "Evasions", "url": "#evasions", "description": ""}, {"name": "Tricks", "url": "#tricks", "description": ""}, {"name": "Browser Exploitation", "url": "#browser-exploitation", "description": ""}, {"name": "PoCs", "url": "#pocs", "description": ""}, {"name": "Cheetsheets", "url": "#cheetsheets", "description": ""}, {"name": "Tools", "url": "#tools", "description": ""}, {"name": "Social Engineering Database", "url": "#social-engineering-database", "description": ""}, {"name": "Blogs", "url": "#blogs", "description": ""}, {"name": "Twitter Users", "url": "#twitter-users", "description": ""}, {"name": "Practices", "url": "#practices", "description": ""}, {"name": "Community", "url": "#community", "description": ""}, {"name": "Miscellaneous", "url": "#miscellaneous", "description": ""}, {"name": "Hacker101", "url": "https://www.hacker101.com/", "description": "Written by [hackerone](https://www.hackerone.com/start-hacking)."}, {"name": "The Daily Swig - Web security digest", "url": "https://portswigger.net/daily-swig", "description": "Written by [PortSwigger](https://portswigger.net/)."}, {"name": "Web Application Security Zone by Netsparker", "url": "https://www.netsparker.com/blog/web-security/", "description": "Written by [Netsparker](https://www.netsparker.com/)."}, {"name": "Infosec Newbie", "url": "https://www.sneakymonkey.net/2017/04/23/infosec-newbie/", "description": "Written by [Mark Robinson](https://www.sneakymonkey.net/)."}, {"name": "The Magic of Learning", "url": "https://bitvijays.github.io/", "description": "Written by [@bitvijays](https://bitvijays.github.io/aboutme.html)."}, {"name": "CTF Field Guide", "url": "https://trailofbits.github.io/ctf/", "description": "Written by [Trail of Bits](https://www.trailofbits.com/)."}, {"name": "PayloadsAllTheThings", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}, {"name": "tl;dr sec", "url": "https://tldrsec.com/", "description": "Weekly summary of top security tools, blog posts, and security research."}, {"name": "Phrack Magazine", "url": "http://www.phrack.org/", "description": "Ezine written by and for hackers."}, {"name": "The Hacker News", "url": "https://thehackernews.com/", "description": "Security in a serious way."}, {"name": "Security Weekly", "url": "https://securityweekly.com/", "description": "The security podcast network."}, {"name": "The Register", "url": "http://www.theregister.co.uk/", "description": "Biting the hand that feeds IT."}, {"name": "Dark Reading", "url": "https://www.darkreading.com/Default.asp", "description": "Connecting The Information Security Community."}, {"name": "HackDig", "url": "http://en.hackdig.com/", "description": "Dig high-quality web security articles for hacker."}], "notes": []}, {"name": "Web Security \u2014 XSS - Cross-Site Scripting", "entries": [{"name": "Cross-Site Scripting \u2013 Application Security \u2013 Google", "url": "https://www.google.com/intl/sw/about/appsecurity/learning/xss/", "description": "Written by [Google](https://www.google.com/)."}, {"name": "H5SC", "url": "https://github.com/cure53/H5SC", "description": "Written by [@cure53](https://github.com/cure53).", "stars": "2.7k"}, {"name": "AwesomeXSS", "url": "https://github.com/s0md3v/AwesomeXSS", "description": "Written by [@s0md3v](https://github.com/s0md3v).", "stars": "4k"}, {"name": "XSS.png", "url": "https://github.com/LucaBongiorni/XSS.png", "description": "Written by @jackmasa."}, {"name": "C.XSS Guide", "url": "https://excess-xss.com/", "description": "Written by [@JakobKallin](https://github.com/JakobKallin) and [Irene Lobo Valbuena](https://www.linkedin.com/in/irenelobovalbuena/)."}, {"name": "THE BIG BAD WOLF - XSS AND MAINTAINING ACCESS", "url": "http://www.paulosyibelo.com/2018/06/the-big-bad-wolf-xss-and-maintaining.html", "description": "Written by [Paulos Yibelo](http://www.paulosyibelo.com/)."}, {"name": "payloadbox/xss-payload-list", "url": "https://github.com/payloadbox/xss-payload-list", "description": "Written by [@payloadbox](https://github.com/payloadbox).", "stars": "3.7k"}, {"name": "PayloadsAllTheThings - XSS Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Prototype Pollution", "entries": [{"name": "Prototype pollution attack in NodeJS application", "url": "https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf", "description": "Written by [@HoLyVieR](https://github.com/HoLyVieR).", "stars": "449"}, {"name": "Exploiting prototype pollution \u2013 RCE in Kibana (CVE-2019-7609)", "url": "https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/", "description": "Written by [@securitymb](https://twitter.com/securitymb)."}, {"name": "Real-world JS - 1", "url": "https://blog.p6.is/Real-World-JS-1/", "description": "Written by [@po6ix](https://twitter.com/po6ix)."}], "notes": []}, {"name": "Web Security \u2014 CSV Injection", "entries": [{"name": "CSV Injection -> Meterpreter on Pornhub", "url": "https://news.webamooz.com/wp-content/uploads/bot/offsecmag/147.pdf", "description": "Written by [Andy](https://blog.zsec.uk/)."}, {"name": "The Absurdly Underestimated Dangers of CSV Injection", "url": "http://georgemauer.net/2017/10/07/csv-injection.html", "description": "Written by [George Mauer](http://georgemauer.net/)."}, {"name": "PayloadsAllTheThings - CSV Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSV%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 SQL Injection", "entries": [{"name": "SQL Injection Cheat Sheet", "url": "https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/", "description": "Written by [@netsparker](https://twitter.com/netsparker)."}, {"name": "SQL Injection Wiki", "url": "https://sqlwiki.netspi.com/", "description": "Written by [NETSPI](https://www.netspi.com/)."}, {"name": "SQL Injection Pocket Reference", "url": "https://websec.ca/kb/sql_injection", "description": "Written by [@LightOS](https://twitter.com/LightOS)."}, {"name": "payloadbox/sql-injection-payload-list", "url": "https://github.com/payloadbox/sql-injection-payload-list", "description": "Written by [@payloadbox](https://github.com/payloadbox).", "stars": "2.6k"}, {"name": "PayloadsAllTheThings - SQL Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SQL%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Command Injection", "entries": [{"name": "Potential command injection in resolv.rb", "url": "https://github.com/ruby/ruby/pull/1777", "description": "Written by [@drigg3r](https://github.com/drigg3r).", "stars": "20k"}, {"name": "payloadbox/command-injection-payload-list", "url": "https://github.com/payloadbox/command-injection-payload-list", "description": "Written by [@payloadbox](https://github.com/payloadbox).", "stars": "1.6k"}, {"name": "PayloadsAllTheThings - Command Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Command%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 ORM Injection", "entries": [{"name": "HQL for pentesters", "url": "http://blog.h3xstream.com/2014/02/hql-for-pentesters.html", "description": "Written by [@h3xstream](https://twitter.com/h3xstream/)."}, {"name": "HQL : Hyperinsane Query Language (or how to access the whole SQL API within a HQL injection ?)", "url": "https://www.synacktiv.com/ressources/hql2sql_sstic_2015_en.pdf", "description": "Written by [@\\_m0bius](https://twitter.com/_m0bius)."}, {"name": "ORM2Pwn: Exploiting injections in Hibernate ORM", "url": "https://www.slideshare.net/0ang3el/orm2pwn-exploiting-injections-in-hibernate-orm", "description": "Written by [Mikhail Egorov](https://0ang3el.blogspot.tw/)."}, {"name": "ORM Injection", "url": "https://www.slideshare.net/simone.onofri/orm-injection", "description": "Written by [Simone Onofri](https://onofri.org/)."}], "notes": []}, {"name": "Web Security \u2014 FTP Injection", "entries": [{"name": "Advisory: Java/Python FTP Injections Allow for Firewall Bypass", "url": "http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html", "description": "Written by [Timothy Morgan](https://plus.google.com/105917618099766831589)."}, {"name": "SMTP over XXE \u2212 how to send emails using Java's XML parser", "url": "https://shiftordie.de/blog/2017/02/18/smtp-over-xxe/", "description": "Written by [Alexander Klink](https://shiftordie.de/)."}], "notes": []}, {"name": "Web Security \u2014 XXE - XML eXternal Entity", "entries": [{"name": "XXE", "url": "https://phonexicum.github.io/infosec/xxe.html", "description": "Written by [@phonexicum](https://twitter.com/phonexicum)."}, {"name": "XML external entity (XXE) injection", "url": "https://portswigger.net/web-security/xxe", "description": "Written by [portswigger](https://portswigger.net/)."}, {"name": "XML Schema, DTD, and Entity Attacks", "url": "https://www.vsecurity.com/download/publications/XMLDTDEntityAttacks.pdf", "description": "Written by [Timothy D. Morgan](https://twitter.com/ecbftw) and Omar Al Ibrahim."}, {"name": "payloadbox/xxe-injection-payload-list", "url": "https://github.com/payloadbox/xxe-injection-payload-list", "description": "Written by [@payloadbox](https://github.com/payloadbox)", "stars": "738"}, {"name": "PayloadsAllTheThings - XXE Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection", "description": "Written by various contributors.", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 CSRF - Cross-Site Request Forgery", "entries": [{"name": "Wiping Out CSRF", "url": "https://medium.com/@jrozner/wiping-out-csrf-ded97ae7e83f", "description": "Written by [@jrozner](https://medium.com/@jrozner)."}, {"name": "PayloadsAllTheThings - CSRF Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CSRF%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Clickjacking", "entries": [{"name": "Clickjacking", "url": "https://www.imperva.com/learn/application-security/clickjacking/", "description": "Written by [Imperva](https://www.imperva.com/)."}, {"name": "X-Frame-Options: All about Clickjacking?", "url": "https://github.com/cure53/Publications/blob/master/xfo-clickjacking.pdf?raw=true", "description": "Written by [Mario Heiderich](http://www.slideshare.net/x00mario).", "stars": "33"}], "notes": []}, {"name": "Web Security \u2014 SSRF - Server-Side Request Forgery", "entries": [{"name": "SSRF bible. Cheatsheet", "url": "https://docs.google.com/document/d/1v1TkWZtrhzRLy0bYXBcdLUedXGb9njTNIJXa3u9akHM/edit", "description": "Written by [Wallarm](https://wallarm.com/)."}, {"name": "PayloadsAllTheThings - Server-Side Request Forgery", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Web Cache Poisoning", "entries": [{"name": "Practical Web Cache Poisoning", "url": "https://portswigger.net/blog/practical-web-cache-poisoning", "description": "Written by [@albinowax](https://twitter.com/albinowax)."}, {"name": "PayloadsAllTheThings - Web Cache Deception", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Web%20Cache%20Deception", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Relative Path Overwrite", "entries": [{"name": "Large-scale analysis of style injection by relative path overwrite", "url": "https://blog.acolyer.org/2018/05/28/large-scale-analysis-of-style-injection-by-relative-path-overwrite/", "description": "Written by [The Morning Paper](https://blog.acolyer.org/)."}, {"name": "MBSD Technical Whitepaper - A few RPO exploitation techniques", "url": "https://www.mbsd.jp/Whitepaper/rpo.pdf", "description": "Written by [Mitsui Bussan Secure Directions, Inc.](https://www.mbsd.jp/)."}], "notes": []}, {"name": "Web Security \u2014 Open Redirect", "entries": [{"name": "Open Redirect Vulnerability", "url": "https://s0cket7.com/open-redirect-vulnerability/", "description": "Written by [s0cket7](https://s0cket7.com/)."}, {"name": "payloadbox/open-redirect-payload-list", "url": "https://github.com/payloadbox/open-redirect-payload-list", "description": "Written by [@payloadbox](https://github.com/payloadbox).", "stars": "380"}, {"name": "PayloadsAllTheThings - Open Redirect", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Security Assertion Markup Language (SAML)", "entries": [{"name": "How to Hunt Bugs in SAML; a Methodology - Part I", "url": "https://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/", "description": "Written by [epi](https://epi052.gitlab.io/notes-to-self/)."}, {"name": "How to Hunt Bugs in SAML; a Methodology - Part II", "url": "https://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/", "description": "Written by [epi](https://epi052.gitlab.io/notes-to-self/)."}, {"name": "How to Hunt Bugs in SAML; a Methodology - Part III", "url": "https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/", "description": "Written by [epi](https://epi052.gitlab.io/notes-to-self/)."}, {"name": "PayloadsAllTheThings - SAML Injection", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/SAML%20Injection", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Upload", "entries": [{"name": "File Upload Restrictions Bypass", "url": "https://www.exploit-db.com/docs/english/45074-file-upload-restrictions-bypass.pdf", "description": "Written by [Haboob Team](https://www.exploit-db.com/author/?a=9381)."}, {"name": "PayloadsAllTheThings - Upload Insecure Files", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files", "description": "Written by [@swisskyrepo](https://github.com/swisskyrepo).", "stars": "42k"}], "notes": []}, {"name": "Web Security \u2014 Rails", "entries": [{"name": "Rails Security - First part", "url": "https://hackmd.io/s/SkuTVw5O-", "description": "Written by [@qazbnm456](https://github.com/qazbnm456)."}, {"name": "Zen Rails Security Checklist", "url": "https://github.com/brunofacca/zen-rails-security-checklist", "description": "Written by [@brunofacca](https://github.com/brunofacca).", "stars": "1.8k"}, {"name": "Rails SQL Injection", "url": "https://rails-sqli.org", "description": "Written by [@presidentbeef](https://github.com/presidentbeef)."}, {"name": "Official Rails Security Guide", "url": "http://guides.rubyonrails.org/security.html", "description": "Written by [Rails team](https://rubyonrails.org/)."}], "notes": []}, {"name": "Web Security \u2014 AngularJS", "entries": [{"name": "XSS without HTML: Client-Side Template Injection with AngularJS", "url": "http://blog.portswigger.net/2016/01/xss-without-html-client-side-template.html", "description": "Written by [Gareth Heyes](https://www.blogger.com/profile/10856178524811553475)."}, {"name": "DOM based Angular sandbox escapes", "url": "http://blog.portswigger.net/2017/05/dom-based-angularjs-sandbox-escapes.html", "description": "Written by [@garethheyes](https://twitter.com/garethheyes)"}], "notes": []}, {"name": "Web Security \u2014 ReactJS", "entries": [{"name": "XSS via a spoofed React element", "url": "http://danlec.com/blog/xss-via-a-spoofed-react-element", "description": "Written by [Daniel LeCheminant](http://danlec.com/)."}], "notes": []}, {"name": "Web Security \u2014 SSL/TLS", "entries": [{"name": "SSL & TLS Penetration Testing", "url": "https://www.aptive.co.uk/blog/tls-ssl-security-testing/", "description": "Written by [APTIVE](https://www.aptive.co.uk/)."}, {"name": "Practical introduction to SSL/TLS", "url": "https://github.com/Hakky54/mutual-tls-ssl", "description": "Written by [@Hakky54](https://github.com/Hakky54).", "stars": "441"}], "notes": []}, {"name": "Web Security \u2014 Webmail", "entries": [{"name": "Why mail() is dangerous in PHP", "url": "https://blog.ripstech.com/2017/why-mail-is-dangerous-in-php/", "description": "Written by [Robin Peraglie](https://www.ripstech.com/)."}], "notes": []}, {"name": "Web Security \u2014 NFS", "entries": [{"name": "NFS | PENETRATION TESTING ACADEMY", "url": "https://pentestacademy.wordpress.com/2017/09/20/nfs/?t=1\\&cn=ZmxleGlibGVfcmVjc18y\\&refsrc=email\\&iid=b34422ce15164e99a193fea0ccc7a02f\\&uid=1959680352\\&nid=244+289476616", "description": "Written by [PENETRATION ACADEMY](https://pentestacademy.wordpress.com/)."}], "notes": []}, {"name": "Web Security \u2014 AWS", "entries": [{"name": "PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET", "url": "https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-storage/", "description": "Written by Dwight Hohnstein from [Rhino Security Labs](https://rhinosecuritylabs.com/)."}, {"name": "AWS PENETRATION TESTING PART 1. S3 BUCKETS", "url": "https://www.virtuesecurity.com/aws-penetration-testing-part-1-s3-buckets/", "description": "Written by [VirtueSecurity](https://www.virtuesecurity.com/)."}, {"name": "AWS PENETRATION TESTING PART 2. S3, IAM, EC2", "url": "https://www.virtuesecurity.com/aws-penetration-testing-part-2-s3-iam-ec2/", "description": "Written by [VirtueSecurity](https://www.virtuesecurity.com/)."}, {"name": "Misadventures in AWS", "url": "https://labs.f-secure.com/blog/misadventures-in-aws", "description": "Written by Christian Demko"}], "notes": []}, {"name": "Web Security \u2014 Azure", "entries": [{"name": "Common Azure Security Vulnerabilities and Misconfigurations", "url": "https://rhinosecuritylabs.com/cloud-security/common-azure-security-vulnerabilities/", "description": "Written by [@rhinobenjamin](https://twitter.com/rhinobenjamin)."}, {"name": "Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability", "url": "https://rhinosecuritylabs.com/azure/cloud-security-risks-part-1-azure-csv-injection-vulnerability/", "description": "Written by [@spengietz](https://twitter.com/spengietz)."}], "notes": []}, {"name": "Web Security \u2014 Fingerprint", "entries": [], "notes": []}, {"name": "Web Security \u2014 Sub Domain Enumeration", "entries": [{"name": "A penetration tester\u2019s guide to sub-domain enumeration", "url": "https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6", "description": "Written by [Bharath](https://blog.appsecco.com/@yamakira_)."}, {"name": "The Art of Subdomain Enumeration", "url": "https://blog.sweepatic.com/art-of-subdomain-enumeration/", "description": "Written by [Patrik Hudak](https://blog.sweepatic.com/author/patrik/)."}], "notes": []}, {"name": "Web Security \u2014 Crypto", "entries": [{"name": "Applied Crypto Hardening", "url": "https://bettercrypto.org/", "description": "Written by [The bettercrypto.org Team](https://bettercrypto.org/)."}, {"name": "What is a Side-Channel Attack ?", "url": "https://www.csoonline.com/article/3388647/what-is-a-side-channel-attack-how-these-end-runs-around-encryption-put-everyone-at-risk.html", "description": "Written by [J.M Porup](https://www.csoonline.com/author/J.M.-Porup/)."}], "notes": []}, {"name": "Web Security \u2014 Web Shell", "entries": [{"name": "Hunting for Web Shells", "url": "https://www.tenable.com/blog/hunting-for-web-shells", "description": "Written by [Jacob Baines](https://www.tenable.com/profile/jacob-baines)."}, {"name": "Hacking with JSP Shells", "url": "https://blog.netspi.com/hacking-with-jsp-shells/", "description": "Written by [@\\_nullbind](https://twitter.com/_nullbind)."}], "notes": []}, {"name": "Web Security \u2014 OSINT", "entries": [{"name": "Hacking Cryptocurrency Miners with OSINT Techniques", "url": "https://medium.com/@s3yfullah/hacking-cryptocurrency-miners-with-osint-techniques-677bbb3e0157", "description": "Written by [@s3yfullah](https://medium.com/@s3yfullah)."}, {"name": "OSINT x UCCU Workshop on Open Source Intelligence", "url": "https://www.slideshare.net/miaoski/osint-x-uccu-workshop-on-open-source-intelligence", "description": "Written by [Philippe Lin](https://www.slideshare.net/miaoski)."}, {"name": "102 Deep Dive in the Dark Web OSINT Style Kirby Plessas", "url": "https://www.youtube.com/watch?v=fzd3zkAI_o4", "description": "Presented by [@kirbstr](https://twitter.com/kirbstr)."}, {"name": "The most complete guide to finding anyone\u2019s email", "url": "https://www.blurbiz.io/blog/the-most-complete-guide-to-finding-anyones-email", "description": "Written by [Timur Daudpota](https://www.blurbiz.io/)."}], "notes": []}, {"name": "Web Security \u2014 DNS Rebinding", "entries": [{"name": "Attacking Private Networks from the Internet with DNS Rebinding", "url": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325", "description": "Written by [@brannondorsey](https://medium.com/@brannondorsey)"}, {"name": "Hacking home routers from the Internet", "url": "https://medium.com/@radekk/hackers-can-get-access-to-your-home-router-1ddadd12a7a7", "description": "Written by [@radekk](https://medium.com/@radekk)"}], "notes": []}, {"name": "Web Security \u2014 Deserialization", "entries": [{"name": "What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.", "url": "https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/", "description": "Written by [@breenmachine](https://twitter.com/breenmachine)."}, {"name": "Attacking .NET deserialization", "url": "https://www.youtube.com/watch?v=eDfGpu3iE4Q", "description": "Written by [@pwntester](https://twitter.com/pwntester)."}, {"name": ".NET Roulette: Exploiting Insecure Deserialization in Telerik UI", "url": "https://www.youtube.com/watch?v=--6PiuvBGAU", "description": "Written by [@noperator](https://twitter.com/noperator)."}, {"name": "How to exploit the DotNetNuke Cookie Deserialization", "url": "https://pentest-tools.com/blog/exploit-dotnetnuke-cookie-deserialization/", "description": "Written by [CRISTIAN CORNEA](https://pentest-tools.com/blog/author/pentest-cristian/)."}, {"name": "HOW TO EXPLOIT LIFERAY CVE-2020-7961 : QUICK JOURNEY TO POC", "url": "https://www.synacktiv.com/en/publications/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html", "description": "Written by [@synacktiv](https://twitter.com/synacktiv)."}], "notes": []}, {"name": "Web Security \u2014 OAuth", "entries": [{"name": "Introduction to OAuth 2.0 and OpenID Connect", "url": "https://pragmaticwebsecurity.com/courses/introduction-oauth-oidc.html", "description": "Written by [@PhilippeDeRyck](https://twitter.com/PhilippeDeRyck)."}, {"name": "What is going on with OAuth 2.0? And why you should not use it for authentication.", "url": "https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611", "description": "Written by [@damianrusinek](https://medium.com/@damianrusinek)."}], "notes": []}, {"name": "Web Security \u2014 JWT", "entries": [{"name": "Hardcoded secrets, unverified tokens, and other common JWT mistakes", "url": "https://r2c.dev/blog/2020/hardcoded-secrets-unverified-tokens-and-other-common-jwt-mistakes/", "description": "Written by [@ermil0v](https://twitter.com/ermil0v)."}], "notes": []}, {"name": "Web Security \u2014 XXE", "entries": [{"name": "Bypass Fix of OOB XXE Using Different encoding", "url": "https://twitter.com/SpiderSec/status/1191375472690528256", "description": "Written by [@SpiderSec](https://twitter.com/SpiderSec)."}], "notes": []}, {"name": "Web Security \u2014 CSP", "entries": [{"name": "Any protection against dynamic module import?", "url": "https://github.com/w3c/webappsec-csp/issues/243", "description": "Written by [@shhnjk](https://twitter.com/@shhnjk).", "stars": "176"}, {"name": "CSP: bypassing form-action with reflected XSS", "url": "https://labs.detectify.com/2016/04/04/csp-bypassing-form-action-with-reflected-xss/", "description": "Written by [Detectify Labs](https://labs.detectify.com/)."}, {"name": "TWITTER XSS + CSP BYPASS", "url": "http://www.paulosyibelo.com/2017/05/twitter-xss-csp-bypass.html", "description": "Written by [Paulos Yibelo](http://www.paulosyibelo.com/)."}, {"name": "Neatly bypassing CSP", "url": "https://lab.wallarm.com/how-to-trick-csp-in-letting-you-run-whatever-you-want-73cb5ff428aa", "description": "Written by [Wallarm](https://wallarm.com/)."}, {"name": "Evading CSP with DOM-based dangling markup", "url": "https://portswigger.net/blog/evading-csp-with-dom-based-dangling-markup", "description": "Written by [portswigger](https://portswigger.net/)."}, {"name": "GitHub's CSP journey", "url": "https://githubengineering.com/githubs-csp-journey/", "description": "Written by [@ptoomey3](https://github.com/ptoomey3)."}, {"name": "GitHub's post-CSP journey", "url": "https://githubengineering.com/githubs-post-csp-journey/", "description": "Written by [@ptoomey3](https://github.com/ptoomey3)."}], "notes": []}, {"name": "Web Security \u2014 WAF", "entries": [{"name": "Web Application Firewall (WAF) Evasion Techniques", "url": "https://medium.com/secjuice/waf-evasion-techniques-718026d693d8", "description": "Written by [@secjuice](https://twitter.com/secjuice)."}, {"name": "Web Application Firewall (WAF) Evasion Techniques #2", "url": "https://medium.com/secjuice/web-application-firewall-waf-evasion-techniques-2-125995f3e7b0", "description": "Written by [@secjuice](https://twitter.com/secjuice)."}, {"name": "Airbnb \u2013 When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities", "url": "https://buer.haus/2017/03/08/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-vulnerabilities/", "description": "Written by [@Brett Buerhaus](https://twitter.com/bbuerhaus)."}, {"name": "How to bypass libinjection in many WAF/NGWAF", "url": "https://medium.com/@d0znpp/how-to-bypass-libinjection-in-many-waf-ngwaf-1e2513453c0f", "description": "Written by [@d0znpp](https://medium.com/@d0znpp)."}], "notes": []}, {"name": "Web Security \u2014 JSMVC", "entries": [{"name": "JavaScript MVC and Templating Frameworks", "url": "http://www.slideshare.net/x00mario/jsmvcomfg-to-sternly-look-at-javascript-mvc-and-templating-frameworks", "description": "Written by [Mario Heiderich](http://www.slideshare.net/x00mario)."}], "notes": []}, {"name": "Web Security \u2014 Authentication", "entries": [{"name": "Trend Micro Threat Discovery Appliance - Session Generation Authentication Bypass (CVE-2016-8584)", "url": "http://blog.malerisch.net/2017/04/trend-micro-threat-discovery-appliance-session-generation-authentication-bypass-cve-2016-8584.html", "description": "Written by [@malerisch](https://twitter.com/malerisch) and [@steventseeley](https://twitter.com/steventseeley)."}], "notes": []}, {"name": "Web Security \u2014 CSRF", "entries": [{"name": "Neat tricks to bypass CSRF-protection", "url": "https://zhuanlan.zhihu.com/p/32716181", "description": "Written by [Twosecurity](https://twosecurity.io/)."}, {"name": "Exploiting CSRF on JSON endpoints with Flash and redirects", "url": "https://blog.appsecco.com/exploiting-csrf-on-json-endpoints-with-flash-and-redirects-681d4ad6b31b", "description": "Written by [@riyazwalikar](https://blog.appsecco.com/@riyazwalikar)."}, {"name": "Stealing CSRF tokens with CSS injection (without iFrames)", "url": "https://github.com/dxa4481/cssInjection", "description": "Written by [@dxa4481](https://github.com/dxa4481).", "stars": "305"}, {"name": "Cracking Java\u2019s RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters", "url": "https://blog.securityevaluators.com/cracking-javas-rng-for-csrf-ea9cacd231d2", "description": "Written by [@rramgattie](https://blog.securityevaluators.com/@rramgattie)."}, {"name": "If HttpOnly You Could Still CSRF\u2026 Of CORS you can!", "url": "https://medium.com/@_graphx/if-httponly-you-could-still-csrf-of-cors-you-can-5d7ee2c7443", "description": "Written by [@GraphX](https://twitter.com/GraphX)."}], "notes": []}, {"name": "Web Security \u2014 Clickjacking", "entries": [{"name": "Clickjackings in Google worth 14981.7$", "url": "https://medium.com/@raushanraj_65039/google-clickjacking-6a04132b918a", "description": "Written by [@raushanraj\\_65039](https://medium.com/@raushanraj_65039)."}], "notes": []}, {"name": "Web Security \u2014 Remote Code Execution", "entries": [{"name": "CVE-2019-1306: ARE YOU MY INDEX?", "url": "https://www.thezdi.com/blog/2019/10/23/cve-2019-1306-are-you-my-index", "description": "Written by [@yu5k3](https://twitter.com/yu5k3)."}, {"name": "WebLogic RCE (CVE-2019-2725) Debug Diary", "url": "https://paper.seebug.org/910/", "description": "Written by Badcode\\@Knownsec 404 Team."}, {"name": "What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.", "url": "https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/", "description": "Written by [@breenmachine](https://twitter.com/@breenmachine)."}, {"name": "Exploiting Node.js deserialization bug for Remote Code Execution", "url": "https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/", "description": "Written by [OpSecX](https://opsecx.com/index.php/author/ajinabraham/)."}, {"name": "DRUPAL 7.X SERVICES MODULE UNSERIALIZE() TO RCE", "url": "https://www.ambionics.io/blog/drupal-services-module-rce", "description": "Written by [Ambionics Security](https://www.ambionics.io/)."}, {"name": "How we exploited a remote code execution vulnerability in math.js", "url": "https://capacitorset.github.io/mathjs/", "description": "Written by [@capacitorset](https://github.com/capacitorset)."}, {"name": "GitHub Enterprise Remote Code Execution", "url": "http://exablue.de/blog/2017-03-15-github-enterprise-remote-code-execution.html", "description": "Written by [@iblue](https://github.com/iblue)."}, {"name": "Evil Teacher: Code Injection in Moodle", "url": "https://blog.ripstech.com/2018/moodle-remote-code-execution/", "description": "Written by [RIPS Technologies](https://www.ripstech.com/)."}, {"name": "How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!", "url": "http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html", "description": "Written by [Orange](http://blog.orange.tw/)."}, {"name": "$36k Google App Engine RCE", "url": "https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce", "description": "Written by [Ezequiel Pereira](https://sites.google.com/site/testsitehacking/)."}, {"name": "Poor RichFaces", "url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html", "description": "Written by [CODE WHITE](https://www.code-white.com/)."}, {"name": "Remote Code Execution on a Facebook server", "url": "https://blog.scrt.ch/2018/08/24/remote-code-execution-on-a-facebook-server/", "description": "Written by [@blaklis\\_](https://twitter.com/blaklis_)."}], "notes": []}, {"name": "Web Security \u2014 XSS", "entries": [{"name": "Exploiting XSS with 20 characters limitation", "url": "https://jlajara.gitlab.io/posts/2019/11/30/XSS_20_characters.html", "description": "Written by [Jorge Lajara](https://jlajara.gitlab.io/)."}, {"name": "Upgrade self XSS to Exploitable XSS an 3 Ways Technic", "url": "https://www.hahwul.com/2019/11/upgrade-self-xss-to-exploitable-xss.html", "description": "Written by [HAHWUL](https://www.hahwul.com/)."}, {"name": "XSS without parentheses and semi-colons", "url": "https://portswigger.net/blog/xss-without-parentheses-and-semi-colons", "description": "Written by [@garethheyes](https://twitter.com/garethheyes)."}, {"name": "XSS-Auditor\u200a\u2014\u200athe protector of unprotected and the deceiver of protected.", "url": "https://medium.com/bugbountywriteup/xss-auditor-the-protector-of-unprotected-f900a5e15b7b", "description": "Written by [@terjanq](https://medium.com/@terjanq)."}, {"name": "Query parameter reordering causes redirect page to render unsafe URL", "url": "https://hackerone.com/reports/293689", "description": "Written by [kenziy](https://hackerone.com/kenziy)."}, {"name": "ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes, and everything else", "url": "http://www.slideshare.net/x00mario/es6-en", "description": "Written by [Mario Heiderich](http://www.slideshare.net/x00mario)."}, {"name": "How I found a $5,000 Google Maps XSS (by fiddling with Protobuf)", "url": "https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff#.u50nrzhas", "description": "Written by [@marin\\_m](https://medium.com/@marin_m)."}, {"name": "DON'T TRUST THE DOM: BYPASSING XSS MITIGATIONS VIA SCRIPT GADGETS", "url": "https://www.blackhat.com/docs/us-17/thursday/us-17-Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-Gadgets.pdf", "description": "Written by [Sebastian Lekies](https://twitter.com/slekies), [Krzysztof Kotowicz](https://twitter.com/kkotowicz), and [Eduardo Vela](https://twitter.com/sirdarckcat)."}, {"name": "Uber XSS via Cookie", "url": "http://zhchbin.github.io/2017/08/30/Uber-XSS-via-Cookie/", "description": "Written by [zhchbin](http://zhchbin.github.io/)."}, {"name": "DOM XSS \u2013 auth.uber.com", "url": "http://stamone-bug-bounty.blogspot.tw/2017/10/dom-xss-auth14.html", "description": "Written by [StamOne\\_](http://stamone-bug-bounty.blogspot.tw/)."}, {"name": "Stored XSS on Facebook", "url": "https://opnsec.com/2018/03/stored-xss-on-facebook/", "description": "Written by [Enguerran Gillier](https://opnsec.com/)."}, {"name": "XSS in Google Colaboratory + CSP bypass", "url": "https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html", "description": "Written by [Micha\u0142 Bentkowski](https://blog.bentkowski.info/)."}, {"name": "Another XSS in Google Colaboratory", "url": "https://blog.bentkowski.info/2018/09/another-xss-in-google-colaboratory.html", "description": "Written by [Micha\u0142 Bentkowski](https://blog.bentkowski.info/)."}, {"name": "</script> is filtered ?", "url": "https://twitter.com/strukt93/status/931586377665331200", "description": "Written by [@strukt93](https://twitter.com/strukt93)."}, {"name": "$20000 Facebook DOM XSS", "url": "https://vinothkumar.me/20000-facebook-dom-xss/", "description": "Written by [@vinodsparrow](https://twitter.com/vinodsparrow)."}], "notes": []}, {"name": "Web Security \u2014 SQL Injection", "entries": [{"name": "MySQL Error Based SQL Injection Using EXP", "url": "https://www.exploit-db.com/docs/english/37953-mysql-error-based-sql-injection-using-exp.pdf", "description": "Written by [@osandamalith](https://twitter.com/osandamalith)."}, {"name": "SQL injection in an UPDATE query - a bug bounty story!", "url": "http://zombiehelp54.blogspot.jp/2017/02/sql-injection-in-update-query-bug.html", "description": "Written by [Zombiehelp54](http://zombiehelp54.blogspot.jp/)."}, {"name": "GitHub Enterprise SQL Injection", "url": "http://blog.orange.tw/2017/01/bug-bounty-github-enterprise-sql-injection.html", "description": "Written by [Orange](http://blog.orange.tw/)."}, {"name": "Making a Blind SQL Injection a little less blind", "url": "https://medium.com/@tomnomnom/making-a-blind-sql-injection-a-little-less-blind-428dcb614ba8", "description": "Written by [TomNomNom](https://twitter.com/TomNomNom)."}, {"name": "Red Team Tales 0x01: From MSSQL to RCE", "url": "https://www.tarlogic.com/en/blog/red-team-tales-0x01/", "description": "Written by [Tarlogic](https://www.tarlogic.com/en/cybersecurity-blog/)."}, {"name": "SQL INJECTION AND POSTGRES - AN ADVENTURE TO EVENTUAL RCE", "url": "https://pulsesecurity.co.nz/articles/postgres-sqli", "description": "Written by [@denandz](https://github.com/denandz)."}], "notes": []}, {"name": "Web Security \u2014 NoSQL Injection", "entries": [{"name": "GraphQL NoSQL Injection Through JSON Types", "url": "http://www.petecorey.com/blog/2017/06/12/graphql-nosql-injection-through-json-types/", "description": "Written by [Pete](http://www.petecorey.com/work/)."}], "notes": []}, {"name": "Web Security \u2014 FTP Injection", "entries": [{"name": "XML Out-Of-Band Data Retrieval", "url": "https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf", "description": "Written by [@a66at](https://twitter.com/a66at) and Alexey Osipov."}, {"name": "XXE OOB exploitation at Java 1.7+", "url": "http://lab.onsec.ru/2014/06/xxe-oob-exploitation-at-java-17.html", "description": "Written by [Ivan Novikov](http://lab.onsec.ru/)."}], "notes": []}, {"name": "Web Security \u2014 XXE", "entries": [{"name": "Evil XML with two encodings", "url": "https://mohemiv.com/all/evil-xml/", "description": "Written by [Arseniy Sharoglazov](https://mohemiv.com/)."}, {"name": "XXE in WeChat Pay Sdk ( WeChat leave a backdoor on merchant websites)", "url": "http://seclists.org/fulldisclosure/2018/Jul/3", "description": "Written by [Rose Jackcode](https://twitter.com/codeshtool)."}, {"name": "XML Out-Of-Band Data Retrieval", "url": "https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf", "description": "Written by Timur Yunusov and Alexey Osipov."}, {"name": "XXE OOB exploitation at Java 1.7+ (2014)", "url": "http://lab.onsec.ru/2014/06/xxe-oob-exploitation-at-java-17.html", "description": ""}, {"name": "XXE OOB extracting via HTTP+FTP using single opened port", "url": "https://skavans.ru/en/2017/12/02/xxe-oob-extracting-via-httpftp-using-single-opened-port/", "description": "Written by [skavans](https://skavans.ru/)."}, {"name": "What You Didn't Know About XML External Entities Attacks", "url": "https://2013.appsecusa.org/2013/wp-content/uploads/2013/12/WhatYouDidntKnowAboutXXEAttacks.pdf", "description": "Written by [Timothy D. Morgan](https://twitter.com/ecbftw)."}, {"name": "Pre-authentication XXE vulnerability in the Services Drupal module", "url": "https://www.synacktiv.com/ressources/synacktiv_drupal_xxe_services.pdf", "description": "Written by [Renaud Dubourguais](https://twitter.com/_m0bius)."}, {"name": "Forcing XXE Reflection through Server Error Messages", "url": "https://blog.netspi.com/forcing-xxe-reflection-server-error-messages/", "description": "Written by [Antti Rantasaari](https://blog.netspi.com/author/antti-rantasaari/)."}, {"name": "Exploiting XXE with local DTD files", "url": "https://mohemiv.com/all/exploiting-xxe-with-local-dtd-files/", "description": "Written by [Arseniy Sharoglazov](https://twitter.com/_mohemiv)."}, {"name": "Automating local DTD discovery for XXE exploitation", "url": "https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation", "description": "Written by [Philippe Arteau](https://twitter.com/h3xstream)."}], "notes": []}, {"name": "Web Security \u2014 SSRF", "entries": [{"name": "AWS takeover through SSRF in JavaScript", "url": "http://10degres.net/aws-takeover-through-ssrf-in-javascript/", "description": "Written by [Gwen](http://10degres.net/)."}, {"name": "SSRF in Exchange leads to ROOT access in all instances", "url": "https://hackerone.com/reports/341876", "description": "Written by [@0xacb](https://twitter.com/0xacb)."}, {"name": "SSRF to ROOT Access", "url": "https://hackerone.com/reports/341876", "description": "A $25k bounty for SSRF leading to ROOT Access in all instances by [0xacb](https://hackerone.com/0xacb)."}, {"name": "PHP SSRF Techniques", "url": "https://medium.com/secjuice/php-ssrf-techniques-9d422cb28d51", "description": "Written by [@themiddleblue](https://medium.com/@themiddleblue)."}, {"name": "SSRF in https://imgur.com/vidgif/url", "url": "https://hackerone.com/reports/115748", "description": "Written by [aesteral](https://hackerone.com/aesteral)."}, {"name": "All you need to know about SSRF and how may we write tools to do auto-detect", "url": "https://www.auxy.xyz/web%20security/2017/07/06/all-ssrf-knowledge.html", "description": "Written by [@Auxy233](https://twitter.com/Auxy233)."}, {"name": "A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!", "url": "https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf", "description": "Written by [Orange](http://blog.orange.tw/)."}, {"name": "SSRF Tips", "url": "http://blog.safebuff.com/2016/07/03/SSRF-Tips/", "description": "Written by [xl7dev](http://blog.safebuff.com/)."}, {"name": "Into the Borg \u2013 SSRF inside Google production network", "url": "https://opnsec.com/2018/07/into-the-borg-ssrf-inside-google-production-network/", "description": "Written by [opnsec](https://opnsec.com/)."}, {"name": "Piercing the Veil: Server Side Request Forgery to NIPRNet access", "url": "https://medium.com/bugbountywriteup/piercing-the-veil-server-side-request-forgery-to-niprnet-access-c358fd5e249a", "description": "Written by [Alyssa Herrera](https://medium.com/@alyssa.o.herrera)."}], "notes": []}, {"name": "Web Security \u2014 Web Cache Poisoning", "entries": [{"name": "Bypassing Web Cache Poisoning Countermeasures", "url": "https://portswigger.net/blog/bypassing-web-cache-poisoning-countermeasures", "description": "Written by [@albinowax](https://twitter.com/albinowax)."}, {"name": "Cache poisoning and other dirty tricks", "url": "https://lab.wallarm.com/cache-poisoning-and-other-dirty-tricks-120468f1053f", "description": "Written by [Wallarm](https://wallarm.com/)."}], "notes": []}, {"name": "Web Security \u2014 Header Injection", "entries": [{"name": "Java/Python FTP Injections Allow for Firewall Bypass", "url": "http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html", "description": "Written by [Timothy Morgan](https://plus.google.com/105917618099766831589)."}], "notes": []}, {"name": "Web Security \u2014 URL", "entries": [{"name": "Some Problems Of URLs", "url": "https://noncombatant.org/2017/11/07/problems-of-urls/", "description": "Written by [Chris Palmer](https://noncombatant.org/about/)."}, {"name": "Phishing with Unicode Domains", "url": "https://www.xudongz.com/blog/2017/idn-phishing/", "description": "Written by [Xudong Zheng](https://www.xudongz.com/)."}, {"name": "Unicode Domains are bad and you should feel bad for supporting them", "url": "https://www.vgrsec.com/post20170219.html", "description": "Written by [VRGSEC](https://www.vgrsec.com/)."}, {"name": "\\[dev.twitter.com\\] XSS", "url": "http://blog.blackfan.ru/2017/09/devtwittercom-xss.html", "description": "Written by [Sergey Bobrov](http://blog.blackfan.ru/)."}], "notes": []}, {"name": "Web Security \u2014 Deserialization", "entries": [{"name": "ASP.NET resource files (.RESX) and deserialisation issues", "url": "https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/", "description": "Written by [@irsdl](https://twitter.com/irsdl)."}], "notes": []}, {"name": "Web Security \u2014 OAuth", "entries": [{"name": "Facebook OAuth Framework Vulnerability", "url": "https://www.amolbaikar.com/facebook-oauth-framework-vulnerability/", "description": "Written by [@AmolBaikar](https://twitter.com/AmolBaikar)."}], "notes": []}, {"name": "Web Security \u2014 Others", "entries": [{"name": "How I hacked Google\u2019s bug tracking system itself for $15,600 in bounties", "url": "https://medium.com/free-code-camp/messing-with-the-google-buganizer-system-for-15-600-in-bounties-58f86cc9f9a5", "description": "Written by [@alex.birsan](https://medium.com/@alex.birsan)."}, {"name": "Some Tricks From My Secret Group", "url": "https://www.leavesongs.com/SHARE/some-tricks-from-my-secret-group.html", "description": "Written by [phithon](https://www.leavesongs.com/)."}, {"name": "Inducing DNS Leaks in Onion Web Services", "url": "https://github.com/epidemics-scepticism/writing/blob/master/onion-dns-leaks.md", "description": "Written by [@epidemics-scepticism](https://github.com/epidemics-scepticism).", "stars": "39"}, {"name": "Stored XSS, and SSRF in Google using the Dataset Publishing Language", "url": "https://s1gnalcha0s.github.io/dspl/2018/03/07/Stored-XSS-and-SSRF-Google.html", "description": "Written by [@signalchaos](https://twitter.com/signalchaos)."}], "notes": []}, {"name": "Web Security \u2014 Frontend (like SOP bypass, URL spoofing, and something like that)", "entries": [{"name": "The world of Site Isolation and compromised renderer", "url": "https://speakerdeck.com/shhnjk/the-world-of-site-isolation-and-compromised-renderer", "description": "Written by [@shhnjk](https://twitter.com/shhnjk)."}, {"name": "The Cookie Monster in Your Browsers", "url": "https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers", "description": "Written by [@filedescriptor](https://twitter.com/filedescriptor)."}, {"name": "Bypassing Mobile Browser Security For Fun And Profit", "url": "https://www.blackhat.com/docs/asia-16/materials/asia-16-Baloch-Bypassing-Browser-Security-Policies-For-Fun-And-Profit-wp.pdf", "description": "Written by [@rafaybaloch](https://twitter.com/@rafaybaloch)."}, {"name": "The inception bar: a new phishing method", "url": "https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/", "description": "Written by [jameshfisher](https://jameshfisher.com/)."}, {"name": "JSON hijacking for the modern web", "url": "http://blog.portswigger.net/2016/11/json-hijacking-for-modern-web.html", "description": "Written by [portswigger](https://portswigger.net/)."}, {"name": "IE11 Information disclosure - local file detection", "url": "https://www.facebook.com/ExploitWareLabs/photos/a.361854183878462.84544.338832389513975/1378579648872572/?type=3\\&theater", "description": "Written by James Lee."}, {"name": "SOP bypass / UXSS \u2013 Stealing Credentials Pretty Fast (Edge)", "url": "https://www.brokenbrowser.com/sop-bypass-uxss-stealing-credentials-pretty-fast/", "description": "Written by [Manuel](https://twitter.com/magicmac2000)."}, {"name": "\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 Safari \u0432 client-side \u0430\u0442\u0430\u043a\u0430\u0445", "url": "https://bo0om.ru/safari-client-side", "description": "Written by [Bo0oM](https://bo0om.ru/author/admin)."}, {"name": "How do we Stop Spilling the Beans Across Origins?", "url": "https://docs.google.com/document/d/1cbL-X0kV_tQ5rL8XJ3lXkV-j0pt_CfTu5ZSzYrncPDc/", "description": "Written by [aaj at google.com](https://github.com/qazbnm456/awesome-web-security/blob/master/README.md/aaj@google.com) and [mkwst at google.com](https://github.com/qazbnm456/awesome-web-security/blob/master/README.md/mkwst@google.com)."}, {"name": "Setting arbitrary request headers in Chromium via CRLF injection", "url": "https://blog.bentkowski.info/2018/06/setting-arbitrary-request-headers-in.html", "description": "Written by [Micha\u0142 Bentkowski](https://blog.bentkowski.info/)."}, {"name": "I\u2019m harvesting credit card numbers and passwords from your site. Here\u2019s how.", "url": "https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5", "description": "Written by [David Gilbertson](https://hackernoon.com/@david.gilbertson)."}, {"name": "Sending arbitrary IPC messages via overriding Function.prototype.apply", "url": "https://hackerone.com/reports/188086", "description": "Written by [@kinugawamasato](https://twitter.com/kinugawamasato)."}, {"name": "Take Advantage of Out-of-Scope Domains in Bug Bounty Programs", "url": "https://ahussam.me/Take-Advantage-of-Out-of-Scope-Domains-in-Bug-Bounty/", "description": "Written by [@Abdulahhusam](https://twitter.com/Abdulahhusam)."}], "notes": []}, {"name": "Web Security \u2014 Backend (core of Browser implementation, and often refers to C or C++ part)", "entries": [{"name": "Breaking UC Browser", "url": "https://habr.com/en/company/drweb/blog/452076/", "description": "Written by [\u0414\u043e\u043a\u0442\u043e\u0440 \u0412\u0435\u0431](https://www.drweb.ru/)."}, {"name": "Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622", "url": "http://www.phrack.org/papers/attacking_javascript_engines.html", "description": "Written by [phrack@saelo.net](https://github.com/qazbnm456/awesome-web-security/blob/master/README.md/phrack@saelo.net)."}, {"name": "Three roads lead to Rome", "url": "http://blogs.360.cn/360safe/2016/11/29/three-roads-lead-to-rome-2/", "description": "Written by [@holynop](https://twitter.com/holynop)."}, {"name": "Exploiting a V8 OOB write.", "url": "https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/", "description": "Written by [@halbecaf](https://twitter.com/halbecaf)."}, {"name": "SSD Advisory \u2013 Chrome Turbofan Remote Code Execution", "url": "https://blogs.securiteam.com/index.php/archives/3379", "description": "Written by [SecuriTeam Secure Disclosure (SSD)](https://blogs.securiteam.com/)."}, {"name": "Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11", "url": "https://labs.bluefrostsecurity.de/files/Look_Mom_I_Dont_Use_Shellcode-WP.pdf", "description": "Written by [@moritzj](http://twitter.com/moritzj)."}, {"name": "PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT", "url": "https://www.zerodayinitiative.com/blog/2018/2/12/pushing-webkits-buttons-with-a-mobile-pwn2own-exploit", "description": "Written by [@wanderingglitch](https://twitter.com/wanderingglitch)."}, {"name": "A Methodical Approach to Browser Exploitation", "url": "https://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/", "description": "Written by [RET2 SYSTEMS, INC](https://blog.ret2.io/)."}, {"name": "CVE-2017-2446 or JSC::JSGlobalObject::isHavingABadTime.", "url": "https://doar-e.github.io/blog/2018/07/14/cve-2017-2446-or-jscjsglobalobjectishavingabadtime/", "description": "Written by [Diary of a reverse-engineer](https://doar-e.github.io/)."}, {"name": "CLEANLY ESCAPING THE CHROME SANDBOX", "url": "https://theori.io/research/escaping-chrome-sandbox", "description": "Written by [@tjbecker\\_](https://twitter.com/tjbecker_)."}, {"name": "A Methodical Approach to Browser Exploitation", "url": "https://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/", "description": "Written by [@PatrickBiernat](https://twitter.com/PatrickBiernat), [@gaasedelen](https://twitter.com/gaasedelen) and [@itszn13](https://twitter.com/itszn13)."}], "notes": []}, {"name": "Web Security \u2014 Database", "entries": [{"name": "js-vuln-db", "url": "https://github.com/tunz/js-vuln-db", "description": "Collection of JavaScript engine CVEs with PoCs by [@tunz](https://github.com/tunz).", "stars": "2.2k"}, {"name": "awesome-cve-poc", "url": "https://github.com/qazbnm456/awesome-cve-poc", "description": "Curated list of CVE PoCs by [@qazbnm456](https://github.com/qazbnm456).", "stars": "3k"}, {"name": "Some-PoC-oR-ExP", "url": "https://github.com/coffeehb/Some-PoC-oR-ExP", "description": "\u5404\u79cd\u6f0f\u6d1epoc\u3001Exp\u7684\u6536\u96c6\u6216\u7f16\u5199 by [@coffeehb](https://github.com/coffeehb).", "stars": "1.9k"}, {"name": "uxss-db", "url": "https://github.com/Metnew/uxss-db", "description": "Collection of UXSS CVEs with PoCs by [@Metnew](https://github.com/Metnew).", "stars": "634"}, {"name": "SPLOITUS", "url": "https://sploitus.com/", "description": "Exploits & Tools Search Engine by [@i\\_bo0om](https://twitter.com/i_bo0om)."}, {"name": "Exploit Database", "url": "https://www.exploit-db.com/", "description": "ultimate archive of Exploits, Shellcode, and Security Papers by [Offensive Security](https://www.offensive-security.com/)."}, {"name": "XSS Cheat Sheet - 2018 Edition", "url": "https://leanpub.com/xss", "description": "Written by [@brutelogic](https://twitter.com/brutelogic)."}, {"name": "Capture the Flag CheatSheet", "url": "https://github.com/uppusaikiran/awesome-ctf-cheatsheet", "description": "Written by [@uppusaikiran](https://github.com/uppusaikiran)."}], "notes": []}, {"name": "Web Security \u2014 Auditing", "entries": [{"name": "prowler", "url": "https://github.com/Alfresco/prowler", "description": "Tool for AWS security assessment, auditing and hardening by [@Alfresco](https://github.com/Alfresco).", "stars": "6.8k"}, {"name": "slurp", "url": "https://github.com/hehnope/slurp", "description": "Evaluate the security of S3 buckets by [@hehnope](https://github.com/hehnope).", "stars": "0"}, {"name": "A2SV", "url": "https://github.com/hahwul/a2sv", "description": "Auto Scanning to SSL Vulnerability by [@hahwul](https://github.com/hahwul).", "stars": "576"}], "notes": []}, {"name": "Web Security \u2014 Command Injection", "entries": [{"name": "commix", "url": "https://github.com/commixproject/commix", "description": "Automated All-in-One OS command injection and exploitation tool by [@commixproject](https://github.com/commixproject).", "stars": "3.5k"}], "notes": []}, {"name": "Web Security \u2014 Reconnaissance", "entries": [{"name": "Shodan", "url": "https://www.shodan.io/", "description": "Shodan is the world's first search engine for Internet-connected devices by [@shodanhq](https://twitter.com/shodanhq)."}, {"name": "Censys", "url": "https://censys.io/", "description": "Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet by [University of Michigan](https://umich.edu/)."}, {"name": "urlscan.io", "url": "https://urlscan.io/", "description": "Service which analyses websites and the resources they request by [@heipei](https://twitter.com/heipei)."}, {"name": "ZoomEye", "url": "https://www.zoomeye.org/", "description": "Cyberspace Search Engine by [@zoomeye\\_team](https://twitter.com/zoomeye_team)."}, {"name": "FOFA", "url": "https://fofa.so/?locale=en", "description": "Cyberspace Search Engine by [BAIMAOHUI](http://baimaohui.net/)."}, {"name": "NSFOCUS", "url": "https://nti.nsfocus.com/", "description": "THREAT INTELLIGENCE PORTAL by NSFOCUS GLOBAL."}, {"name": "Photon", "url": "https://github.com/s0md3v/Photon", "description": "Incredibly fast crawler designed for OSINT by [@s0md3v](https://github.com/s0md3v).", "stars": "9.1k"}, {"name": "FOCA", "url": "https://github.com/ElevenPaths/FOCA", "description": "FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans by [ElevenPaths](https://www.elevenpaths.com/index.html).", "stars": "2.1k"}, {"name": "SpiderFoot", "url": "http://www.spiderfoot.net/", "description": "Open source footprinting and intelligence-gathering tool by [@binarypool](https://twitter.com/binarypool)."}, {"name": "xray", "url": "https://github.com/evilsocket/xray", "description": "XRay is a tool for recon, mapping and OSINT gathering from public networks by [@evilsocket](https://github.com/evilsocket).", "stars": "1.8k"}, {"name": "gitrob", "url": "https://github.com/michenriksen/Gitrob", "description": "Reconnaissance tool for GitHub organizations by [@michenriksen](https://github.com/michenriksen).", "stars": "5.5k"}, {"name": "GSIL", "url": "https://github.com/FeeiCN/GSIL", "description": "Github Sensitive Information Leakage\uff08Github\u654f\u611f\u4fe1\u606f\u6cc4\u9732\uff09by [@FeeiCN](https://github.com/FeeiCN).", "stars": "1.9k"}, {"name": "raven", "url": "https://github.com/0x09AL/raven", "description": "raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin by [@0x09AL](https://github.com/0x09AL).", "stars": "752"}, {"name": "ReconDog", "url": "https://github.com/s0md3v/ReconDog", "description": "Reconnaissance Swiss Army Knife by [@s0md3v](https://github.com/s0md3v).", "stars": "1.5k"}, {"name": "Databases - start.me", "url": "https://start.me/p/QRENnO/databases", "description": "Various databases which you can use for your OSINT research by [@technisette](https://twitter.com/technisette)."}, {"name": "peoplefindThor", "url": "https://peoplefindthor.dk/", "description": "the easy way to find people on Facebook by \\[postkassen]\\(mailto:[postkassen@oejvind.dk](https://github.com/qazbnm456/awesome-web-security/blob/master/README.md/mailto:postkassen@oejvind.dk)?subject=peoplefindthor.dk comments)."}, {"name": "tinfoleak", "url": "https://github.com/vaguileradiaz/tinfoleak", "description": "The most complete open-source tool for Twitter intelligence analysis by [@vaguileradiaz](https://github.com/vaguileradiaz).", "stars": "1.7k"}, {"name": "Raccoon", "url": "https://github.com/evyatarmeged/Raccoon", "description": "High performance offensive security tool for reconnaissance and vulnerability scanning by [@evyatarmeged](https://github.com/evyatarmeged).", "stars": "2.6k"}, {"name": "Social Mapper", "url": "https://github.com/SpiderLabs/social_mapper", "description": "Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf) by [@SpiderLabs](https://github.com/SpiderLabs).", "stars": "3.4k"}, {"name": "espi0n/Dockerfiles", "url": "https://github.com/espi0n/Dockerfiles", "description": "Dockerfiles for various OSINT tools by [@espi0n](https://github.com/espi0n).", "stars": "36"}, {"name": "Sublist3r", "url": "https://github.com/aboul3la/Sublist3r", "description": "Sublist3r is a multi-threaded sub-domain enumeration tool for penetration testers by [@aboul3la](https://github.com/aboul3la).", "stars": "7.6k"}, {"name": "EyeWitness", "url": "https://github.com/ChrisTruncer/EyeWitness", "description": "EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible by [@ChrisTruncer](https://github.com/ChrisTruncer).", "stars": "3.8k"}, {"name": "subDomainsBrute", "url": "https://github.com/lijiejie/subDomainsBrute", "description": "A simple and fast sub domain brute tool for pentesters by [@lijiejie](https://github.com/lijiejie).", "stars": "2.9k"}, {"name": "AQUATONE", "url": "https://github.com/michenriksen/aquatone", "description": "Tool for Domain Flyovers by [@michenriksen](https://github.com/michenriksen).", "stars": "4.9k"}, {"name": "domain\\_analyzer", "url": "https://github.com/eldraco/domain_analyzer", "description": "Analyze the security of any domain by finding all the information possible by [@eldraco](https://github.com/eldraco).", "stars": "1.7k"}, {"name": "VirusTotal domain information", "url": "https://www.virustotal.com/en/documentation/searching/#getting-domain-information", "description": "Searching for domain information by [VirusTotal](https://www.virustotal.com/)."}, {"name": "Certificate Transparency", "url": "https://github.com/google/certificate-transparency", "description": "Google's Certificate Transparency project fixes several structural flaws in the SSL certificate system by [@google](https://github.com/google).", "stars": "827"}, {"name": "Certificate Search", "url": "https://crt.sh/", "description": "Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by [@crtsh](https://github.com/crtsh)."}, {"name": "GSDF", "url": "https://github.com/We5ter/GSDF", "description": "Domain searcher named GoogleSSLdomainFinder by [@We5ter](https://github.com/We5ter).", "stars": "170"}], "notes": []}, {"name": "Web Security \u2014 Code Generating", "entries": [{"name": "VWGen", "url": "https://github.com/qazbnm456/VWGen", "description": "Vulnerable Web applications Generator by [@qazbnm456](https://github.com/qazbnm456).", "stars": "79"}], "notes": []}, {"name": "Web Security \u2014 Fuzzing", "entries": [{"name": "wfuzz", "url": "https://github.com/xmendez/wfuzz", "description": "Web application bruteforcer by [@xmendez](https://github.com/xmendez).", "stars": "4.7k"}, {"name": "charsetinspect", "url": "https://github.com/hack-all-the-things/charsetinspect", "description": "Script that inspects multi-byte character sets looking for characters with specific user-defined properties by [@hack-all-the-things](https://github.com/hack-all-the-things).", "stars": "26"}, {"name": "IPObfuscator", "url": "https://github.com/OsandaMalith/IPObfuscator", "description": "Simple tool to convert the IP to a DWORD IP by [@OsandaMalith](https://github.com/OsandaMalith).", "stars": "123"}, {"name": "domato", "url": "https://github.com/google/domato", "description": "DOM fuzzer by [@google](https://github.com/google).", "stars": "1.5k"}, {"name": "FuzzDB", "url": "https://github.com/fuzzdb-project/fuzzdb", "description": "Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.", "stars": "7k"}, {"name": "dirhunt", "url": "https://github.com/Nekmo/dirhunt", "description": "Web crawler optimized for searching and analyzing the directory structure of a site by [@nekmo](https://github.com/Nekmo).", "stars": "1.4k"}, {"name": "ssltest", "url": "https://www.ssllabs.com/ssltest/", "description": "Online service that performs a deep analysis of the configuration of any SSL web server on the public internet. Provided by [Qualys SSL Labs](https://www.ssllabs.com)."}, {"name": "fuzz.txt", "url": "https://github.com/Bo0oM/fuzz.txt", "description": "Potentially dangerous files by [@Bo0oM](https://github.com/Bo0oM).", "stars": "2.3k"}], "notes": []}, {"name": "Web Security \u2014 Scanning", "entries": [{"name": "wpscan", "url": "https://github.com/wpscanteam/wpscan", "description": "WPScan is a black box WordPress vulnerability scanner by [@wpscanteam](https://github.com/wpscanteam).", "stars": "7.1k"}, {"name": "JoomlaScan", "url": "https://github.com/drego85/JoomlaScan", "description": "Free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan by [@drego85](https://github.com/drego85).", "stars": "165"}, {"name": "WAScan", "url": "https://github.com/m4ll0k/WAScan", "description": "Is an open source web application security scanner that uses \"black-box\" method, created by [@m4ll0k](https://github.com/m4ll0k)."}, {"name": "Nuclei", "url": "https://github.com/projectdiscovery/nuclei", "description": "Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use by [@projectdiscovery](https://github.com/projectdiscovery).", "stars": "10k"}], "notes": []}, {"name": "Web Security \u2014 Penetration Testing", "entries": [{"name": "Burp Suite", "url": "https://portswigger.net/burp/", "description": "Burp Suite is an integrated platform for performing security testing of web applications by [portswigger](https://portswigger.net/)."}, {"name": "TIDoS-Framework", "url": "https://github.com/theInfectedDrake/TIDoS-Framework", "description": "A comprehensive web application audit framework to cover up everything from Reconnaissance and OSINT to Vulnerability Analysis by [@\\_tID](https://github.com/theInfectedDrake).", "stars": "1.6k"}, {"name": "Astra", "url": "https://github.com/flipkart-incubator/astra", "description": "Automated Security Testing For REST API's by [@flipkart-incubator](https://github.com/flipkart-incubator).", "stars": "2.1k"}, {"name": "aws\\_pwn", "url": "https://github.com/dagrz/aws_pwn", "description": "A collection of AWS penetration testing junk by [@dagrz](https://github.com/dagrz).", "stars": "1k"}, {"name": "grayhatwarfare", "url": "https://buckets.grayhatwarfare.com/", "description": "Public buckets by [grayhatwarfare](http://www.grayhatwarfare.com/)."}], "notes": []}, {"name": "Web Security \u2014 Offensive", "entries": [{"name": "beef", "url": "https://github.com/beefproject/beef", "description": "The Browser Exploitation Framework Project by [beefproject](https://beefproject.com).", "stars": "7.8k"}, {"name": "JShell", "url": "https://github.com/s0md3v/JShell", "description": "Get a JavaScript shell with XSS by [@s0md3v](https://github.com/s0md3v).", "stars": "459"}, {"name": "XSStrike", "url": "https://github.com/s0md3v/XSStrike", "description": "XSStrike is a program which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs by [@s0md3v](https://github.com/s0md3v).", "stars": "11k"}, {"name": "xssor2", "url": "https://github.com/evilcos/xssor2", "description": "XSS'OR - Hack with JavaScript by [@evilcos](https://github.com/evilcos).", "stars": "2k"}, {"name": "csp evaluator", "url": "https://csper.io/evaluator", "description": "A tool for evaluating content-security-policies by [Csper](http://csper.io)."}, {"name": "sqlmap", "url": "https://github.com/sqlmapproject/sqlmap", "description": "Automatic SQL injection and database takeover tool.", "stars": "25k"}, {"name": "tplmap", "url": "https://github.com/epinna/tplmap", "description": "Code and Server-Side Template Injection Detection and Exploitation Tool by [@epinna](https://github.com/epinna).", "stars": "3.1k"}, {"name": "dtd-finder", "url": "https://github.com/GoSecure/dtd-finder", "description": "List DTDs and generate XXE payloads using those local DTDs by [@GoSecure](https://github.com/GoSecure).", "stars": "484"}, {"name": "XSRFProbe", "url": "https://github.com/0xInfection/XSRFProbe", "description": "The Prime CSRF Audit & Exploitation Toolkit by [@0xInfection](https://github.com/0xinfection).", "stars": "790"}, {"name": "Open redirect/SSRF payload generator", "url": "https://tools.intigriti.io/redirector/", "description": "Open redirect/SSRF payload generator by [intigriti](https://www.intigriti.com/)."}], "notes": []}, {"name": "Web Security \u2014 Leaking", "entries": [{"name": "HTTPLeaks", "url": "https://github.com/cure53/HTTPLeaks", "description": "All possible ways, a website can leak HTTP requests by [@cure53](https://github.com/cure53).", "stars": "1.7k"}, {"name": "dvcs-ripper", "url": "https://github.com/kost/dvcs-ripper", "description": "Rip web accessible (distributed) version control systems: SVN/GIT/HG... by [@kost](https://github.com/kost).", "stars": "1.5k"}, {"name": "DVCS-Pillage", "url": "https://github.com/evilpacket/DVCS-Pillage", "description": "Pillage web accessible GIT, HG and BZR repositories by [@evilpacket](https://github.com/evilpacket).", "stars": "297"}, {"name": "GitMiner", "url": "https://github.com/UnkL4b/GitMiner", "description": "Tool for advanced mining for content on Github by [@UnkL4b](https://github.com/UnkL4b).", "stars": "1.9k"}, {"name": "gitleaks", "url": "https://github.com/zricethezav/gitleaks", "description": "Searches full repo history for secrets and keys by [@zricethezav](https://github.com/zricethezav).", "stars": "11k"}, {"name": "CSS-Keylogging", "url": "https://github.com/maxchehab/CSS-Keylogging", "description": "Chrome extension and Express server that exploits keylogging abilities of CSS by [@maxchehab](https://github.com/maxchehab).", "stars": "3.1k"}, {"name": "pwngitmanager", "url": "https://github.com/allyshka/pwngitmanager", "description": "Git manager for pentesters by [@allyshka](https://github.com/allyshka).", "stars": "106"}, {"name": "snallygaster", "url": "https://github.com/hannob/snallygaster", "description": "Tool to scan for secret files on HTTP servers by [@hannob](https://github.com/hannob).", "stars": "1.9k"}, {"name": "LinkFinder", "url": "https://github.com/GerbenJavado/LinkFinder", "description": "Python script that finds endpoints in JavaScript files by [@GerbenJavado](https://github.com/GerbenJavado).", "stars": "2.7k"}], "notes": []}, {"name": "Web Security \u2014 Detecting", "entries": [{"name": "sqlchop", "url": "https://sqlchop.chaitin.cn/", "description": "SQL injection detection engine by [chaitin](http://chaitin.com)."}, {"name": "xsschop", "url": "https://xsschop.chaitin.cn/", "description": "XSS detection engine by [chaitin](http://chaitin.com)."}, {"name": "retire.js", "url": "https://github.com/RetireJS/retire.js", "description": "Scanner detecting the use of JavaScript libraries with known vulnerabilities by [@RetireJS](https://github.com/RetireJS).", "stars": "3.1k"}, {"name": "malware-jail", "url": "https://github.com/HynekPetrak/malware-jail", "description": "Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction by [@HynekPetrak](https://github.com/HynekPetrak).", "stars": "408"}, {"name": "repo-supervisor", "url": "https://github.com/auth0/repo-supervisor", "description": "Scan your code for security misconfiguration, search for passwords and secrets.", "stars": "580"}, {"name": "bXSS", "url": "https://github.com/LewisArdern/bXSS", "description": "bXSS is a simple Blind XSS application adapted from [cure53.de/m](https://cure53.de/m) by [@LewisArdern](https://github.com/LewisArdern).", "stars": "393"}, {"name": "OpenRASP", "url": "https://github.com/baidu/openrasp", "description": "An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load.", "stars": "2.3k"}, {"name": "GuardRails", "url": "https://github.com/apps/guardrails", "description": "A GitHub App that provides security feedback in Pull Requests."}], "notes": []}, {"name": "Web Security \u2014 Preventing", "entries": [{"name": "DOMPurify", "url": "https://github.com/cure53/DOMPurify", "description": "DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG by [Cure53](https://cure53.de/).", "stars": "9.8k"}, {"name": "js-xss", "url": "https://github.com/leizongmin/js-xss", "description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist by [@leizongmin](https://github.com/leizongmin).", "stars": "4.7k"}, {"name": "Acra", "url": "https://github.com/cossacklabs/acra", "description": "Client-side encryption engine for SQL databases, with strong selective encryption, SQL injections prevention and intrusion detection by [@cossacklabs](https://www.cossacklabs.com/).", "stars": "1.1k"}, {"name": "Csper", "url": "https://csper.io", "description": "A set of tools for building/evaluating/monitoring content-security-policy to prevent/detect cross site scripting by [Csper](https://csper.io)."}], "notes": []}, {"name": "Web Security \u2014 Proxy", "entries": [{"name": "Charles", "url": "https://www.charlesproxy.com/", "description": "HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet."}, {"name": "mitmproxy", "url": "https://github.com/mitmproxy/mitmproxy", "description": "Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers by [@mitmproxy](https://github.com/mitmproxy).", "stars": "29k"}], "notes": []}, {"name": "Web Security \u2014 Webshell", "entries": [{"name": "nano", "url": "https://github.com/s0md3v/nano", "description": "Family of code golfed PHP shells by [@s0md3v](https://github.com/s0md3v).", "stars": "414"}, {"name": "webshell", "url": "https://github.com/tennc/webshell", "description": "This is a webshell open source project by [@tennc](https://github.com/tennc).", "stars": "8.5k"}, {"name": "Weevely", "url": "https://github.com/epinna/weevely3", "description": "Weaponized web shell by [@epinna](https://github.com/epinna).", "stars": "2.6k"}, {"name": "Webshell-Sniper", "url": "https://github.com/WangYihang/Webshell-Sniper", "description": "Manage your website via terminal by [@WangYihang](https://github.com/WangYihang).", "stars": "407"}, {"name": "Reverse-Shell-Manager", "url": "https://github.com/WangYihang/Reverse-Shell-Manager", "description": "Reverse Shell Manager via Terminal\u00a0[@WangYihang](https://github.com/WangYihang).", "stars": "204"}, {"name": "reverse-shell", "url": "https://github.com/lukechilds/reverse-shell", "description": "Reverse Shell as a Service by [@lukechilds](https://github.com/lukechilds).", "stars": "1.6k"}, {"name": "PhpSploit", "url": "https://github.com/nil0x42/phpsploit", "description": "Full-featured C2 framework which silently persists on webserver via evil PHP oneliner by [@nil0x42](https://github.com/nil0x42).", "stars": "1.8k"}], "notes": []}, {"name": "Web Security \u2014 Disassembler", "entries": [{"name": "plasma", "url": "https://github.com/plasma-disassembler/plasma", "description": "Plasma is an interactive disassembler for x86/ARM/MIPS by [@plasma-disassembler](https://github.com/plasma-disassembler).", "stars": "3k"}, {"name": "radare2", "url": "https://github.com/radare/radare2", "description": "Unix-like reverse engineering framework and commandline tools by [@radare](https://github.com/radare).", "stars": "17k"}, {"name": "Iait\u014d", "url": "https://github.com/hteso/iaito", "description": "Qt and C++ GUI for radare2 reverse engineering framework by [@hteso](https://github.com/hteso).", "stars": "1.5k"}], "notes": []}, {"name": "Web Security \u2014 Decompiler", "entries": [{"name": "CFR", "url": "http://www.benf.org/other/cfr/", "description": "Another java decompiler by [@LeeAtBenf](https://twitter.com/LeeAtBenf)."}], "notes": []}, {"name": "Web Security \u2014 DNS Rebinding", "entries": [{"name": "DNS Rebind Toolkit", "url": "https://github.com/brannondorsey/dns-rebind-toolkit", "description": "DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network (LAN) by [@brannondorsey](https://github.com/brannondorsey)", "stars": "473"}, {"name": "dref", "url": "https://github.com/mwrlabs/dref", "description": "DNS Rebinding Exploitation Framework. Dref does the heavy-lifting for DNS rebinding by [@mwrlabs](https://github.com/mwrlabs)", "stars": "468"}, {"name": "Singularity of Origin", "url": "https://github.com/nccgroup/singularity", "description": "It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine's IP address and to serve attack payloads to exploit vulnerable software on the target machine by [@nccgroup](https://github.com/nccgroup)", "stars": "813"}, {"name": "Whonow DNS Server", "url": "https://github.com/brannondorsey/whonow", "description": "A malicious DNS server for executing DNS Rebinding attacks on the fly by [@brannondorsey](https://github.com/brannondorsey)", "stars": "574"}], "notes": []}, {"name": "Web Security \u2014 Others", "entries": [{"name": "Dnslogger", "url": "https://wiki.skullsecurity.org/index.php?title=Dnslogger", "description": "DNS Logger by [@iagox86](https://github.com/iagox86)."}, {"name": "CyberChef", "url": "https://github.com/gchq/CyberChef", "description": "The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by [@GCHQ](https://github.com/gchq).", "stars": "19k"}, {"name": "ntlm\\_challenger", "url": "https://github.com/b17zr/ntlm_challenger", "description": "Parse NTLM over HTTP challenge messages by [@b17zr](https://github.com/b17zr).", "stars": "131"}, {"name": "cefdebug", "url": "https://github.com/taviso/cefdebug", "description": "Minimal code to connect to a CEF debugger by [@taviso](https://github.com/taviso).", "stars": "167"}, {"name": "ctftool", "url": "https://github.com/taviso/ctftool", "description": "Interactive CTF Exploration Tool by [@taviso](https://github.com/taviso).", "stars": "1.6k"}, {"name": "haveibeenpwned", "url": "https://haveibeenpwned.com/", "description": "Check if you have an account that has been compromised in a data breach by [Troy Hunt](https://www.troyhunt.com/)."}, {"name": "Orange", "url": "http://blog.orange.tw/", "description": "Taiwan's talented web penetrator."}, {"name": "leavesongs", "url": "https://www.leavesongs.com/", "description": "China's talented web penetrator."}, {"name": "James Kettle", "url": "http://albinowax.skeletonscribe.net/", "description": "Head of Research at [PortSwigger Web Security](https://portswigger.net/)."}, {"name": "Broken Browser", "url": "https://www.brokenbrowser.com/", "description": "Fun with Browser Vulnerabilities."}, {"name": "Scrutiny", "url": "https://datarift.blogspot.tw/", "description": "Internet Security through Web Browsers by Dhiraj Mishra."}, {"name": "BRETT BUERHAUS", "url": "https://buer.haus/", "description": "Vulnerability disclosures and rambles on application security."}, {"name": "n0tr00t", "url": "https://www.n0tr00t.com/", "description": "\\~# n0tr00t Security Team."}, {"name": "OpnSec", "url": "https://opnsec.com/", "description": "Open Mind Security!"}, {"name": "RIPS Technologies", "url": "https://blog.ripstech.com/tags/security/", "description": "Write-ups for PHP vulnerabilities."}, {"name": "0Day Labs", "url": "http://blog.0daylabs.com/", "description": "Awesome bug-bounty and challenges writeups."}, {"name": "Blog of Osanda", "url": "https://osandamalith.com/", "description": "Security Researching and Reverse Engineering."}, {"name": "@HackwithGitHub", "url": "https://twitter.com/HackwithGithub", "description": "Initiative to showcase open source hacking tools for hackers and pentesters"}, {"name": "@filedescriptor", "url": "https://twitter.com/filedescriptor", "description": "Active penetrator often tweets and writes useful articles"}, {"name": "@cure53berlin", "url": "https://twitter.com/cure53berlin", "description": "[Cure53](https://cure53.de/) is a German cybersecurity firm."}, {"name": "@XssPayloads", "url": "https://twitter.com/XssPayloads", "description": "The wonderland of JavaScript unexpected usages, and more."}, {"name": "@kinugawamasato", "url": "https://twitter.com/kinugawamasato", "description": "Japanese web penetrator."}, {"name": "@h3xstream", "url": "https://twitter.com/h3xstream/", "description": "Security Researcher, interested in web security, crypto, pentest, static analysis but most of all, samy is my hero."}, {"name": "@garethheyes", "url": "https://twitter.com/garethheyes", "description": "English web penetrator."}, {"name": "@hasegawayosuke", "url": "https://twitter.com/hasegawayosuke", "description": "Japanese javascript security researcher."}, {"name": "@shhnjk", "url": "https://twitter.com/shhnjk", "description": "Web and Browsers Security Researcher."}], "notes": []}, {"name": "Web Security \u2014 Application", "entries": [{"name": "OWASP Juice Shop", "url": "https://github.com/bkimminich/juice-shop", "description": "Probably the most modern and sophisticated insecure web application - Written by [@bkimminich](https://github.com/bkimminich) and the [@owasp\\_juiceshop](https://twitter.com/owasp_juiceshop) team.", "stars": "7.3k"}, {"name": "BadLibrary", "url": "https://github.com/SecureSkyTechnology/BadLibrary", "description": "Vulnerable web application for training - Written by [@SecureSkyTechnology](https://github.com/SecureSkyTechnology).", "stars": "56"}, {"name": "Hackxor", "url": "http://hackxor.net/", "description": "Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax)."}, {"name": "SELinux Game", "url": "http://selinuxgame.org/", "description": "Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame)."}, {"name": "Portswigger Web Security Academy", "url": "https://portswigger.net/web-security", "description": "Free trainings and labs - Written by [PortSwigger](https://portswigger.net/)."}], "notes": []}, {"name": "Web Security \u2014 AWS", "entries": [{"name": "FLAWS", "url": "http://flaws.cloud/", "description": "Amazon AWS CTF challenge - Written by [@0xdabbad00](https://twitter.com/0xdabbad00)."}, {"name": "CloudGoat", "url": "https://github.com/RhinoSecurityLabs/cloudgoat", "description": "Rhino Security Labs' \"Vulnerable by Design\" AWS infrastructure setup tool  - Written by [@RhinoSecurityLabs](https://github.com/RhinoSecurityLabs).", "stars": "1.7k"}], "notes": []}, {"name": "Web Security \u2014 XSS", "entries": [{"name": "XSS game", "url": "https://xss-game.appspot.com/", "description": "Google XSS Challenge - Written by Google."}, {"name": "prompt(1) to win", "url": "http://prompt.ml/", "description": "Complex 16-Level XSS Challenge held in summer 2014 (+4 Hidden Levels) - Written by [@cure53](https://github.com/cure53)."}, {"name": "alert(1) to win", "url": "https://alf.nu/alert1", "description": "Series of XSS challenges - Written by [@steike](https://twitter.com/steike)."}, {"name": "XSS Challenges", "url": "http://xss-quiz.int21h.jp/", "description": "Series of XSS challenges - Written by yamagata21."}], "notes": []}, {"name": "Web Security \u2014 ModSecurity / OWASP ModSecurity Core Rule Set", "entries": [{"name": "ModSecurity / OWASP ModSecurity Core Rule Set", "url": "https://www.netnea.com/cms/apache-tutorials/", "description": "Series of tutorials to install, configure and tune ModSecurity and the Core Rule Set - Written by [@ChrFolini](https://twitter.com/ChrFolini)."}, {"name": "Reddit", "url": "https://www.reddit.com/r/websecurity/", "description": ""}, {"name": "Stack Overflow", "url": "http://stackoverflow.com/questions/tagged/security", "description": ""}, {"name": "awesome-bug-bounty", "url": "https://github.com/djadmin/awesome-bug-bounty", "description": "Comprehensive curated list of available Bug Bounty & Disclosure Programs and write-ups by [@djadmin](https://github.com/djadmin).", "stars": "3.5k"}, {"name": "bug-bounty-reference", "url": "https://github.com/ngalongc/bug-bounty-reference", "description": "List of bug bounty write-up that is categorized by the bug nature by [@ngalongc](https://github.com/ngalongc).", "stars": "3.1k"}, {"name": "Google VRP and Unicorns", "url": "https://sites.google.com/site/bughunteruniversity/behind-the-scenes/presentations/google-vrp-and-unicorns", "description": "Written by [Daniel Stelter-Gliese](https://www.linkedin.com/in/daniel-stelter-gliese-170a70a2/)."}, {"name": "Brute Forcing Your Facebook Email and Phone Number", "url": "http://pwndizzle.blogspot.jp/2014/02/brute-forcing-your-facebook-email-and.html", "description": "Written by [PwnDizzle](http://pwndizzle.blogspot.jp/)."}, {"name": "Pentest + Exploit dev Cheatsheet wallpaper", "url": "http://i.imgur.com/Mr9pvq9.jpg", "description": "Penetration Testing and Exploit Dev CheatSheet."}, {"name": "The Definitive Security Data Science and Machine Learning Guide", "url": "http://www.covert.io/the-definitive-security-datascience-and-machinelearning-guide/", "description": "Written by JASON TROS."}, {"name": "EQGRP", "url": "https://github.com/x0rz/EQGRP", "description": "Decrypted content of eqgrp-auction-file.tar.xz by [@x0rz](https://github.com/x0rz).", "stars": "3.9k"}, {"name": "notes", "url": "https://github.com/ChALkeR/notes", "description": "Some public notes by [@ChALkeR](https://github.com/ChALkeR).", "stars": "1.3k"}, {"name": "A glimpse into GitHub's Bug Bounty workflow", "url": "https://githubengineering.com/githubs-bug-bounty-workflow/", "description": "Written by [@gregose](https://github.com/gregose)."}, {"name": "Cybersecurity Campaign Playbook", "url": "https://www.belfercenter.org/CyberPlaybook", "description": "Written by [Belfer Center for Science and International Affairs](https://www.belfercenter.org/)."}, {"name": "Infosec\\_Reference", "url": "https://github.com/rmusser01/Infosec_Reference", "description": "Information Security Reference That Doesn't Suck by [@rmusser01](https://github.com/rmusser01).", "stars": "4.6k"}, {"name": "Internet of Things Scanner", "url": "http://iotscanner.bullguard.com/", "description": "Check if your internet-connected devices at home are public on Shodan by [BullGuard](https://www.bullguard.com/)."}, {"name": "The Bug Hunters Methodology v2.1", "url": "https://docs.google.com/presentation/d/1VpRT8dFyTaFpQa9jhehtmGaC7TqQniMSYbUdlHN6VrY/edit?usp=sharing", "description": "Written by [@jhaddix](https://twitter.com/jhaddix)."}, {"name": "$7.5k Google services mix-up", "url": "https://sites.google.com/site/testsitehacking/-7-5k-Google-services-mix-up", "description": "Written by [Ezequiel Pereira](https://sites.google.com/site/testsitehacking/)."}, {"name": "How I exploited ACME TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain using shared hosting", "url": "https://labs.detectify.com/2018/01/12/how-i-exploited-acme-tls-sni-01-issuing-lets-encrypt-ssl-certs-for-any-domain-using-shared-hosting/", "description": "Written by [@fransrosen](https://twitter.com/fransrosen)."}, {"name": "TL:DR: VPN leaks users\u2019 IPs via WebRTC. I\u2019ve tested seventy VPN providers and 16 of them leaks users\u2019 IPs via WebRTC (23%)", "url": "https://voidsec.com/vpn-leak/", "description": "Written by [voidsec](https://voidsec.com/)."}, {"name": "Escape and Evasion Egressing Restricted Networks", "url": "https://www.optiv.com/blog/escape-and-evasion-egressing-restricted-networks", "description": "Written by [Chris Patten, Tom Steele](https://github.com/qazbnm456/awesome-web-security/blob/master/README.md/info@optiv.com)."}, {"name": "Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters", "url": "https://medium.com/@umpox/be-careful-what-you-copy-invisibly-inserting-usernames-into-text-with-zero-width-characters-18b4e6f17b66", "description": "Written by [@umpox](https://medium.com/@umpox)."}, {"name": "Domato Fuzzer's Generation Engine Internals", "url": "https://www.sigpwn.io/blog/2018/4/14/domato-fuzzers-generation-engine-internals", "description": "Written by [sigpwn](https://www.sigpwn.io/)."}, {"name": "CSS Is So Overpowered It Can Deanonymize Facebook Users", "url": "https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/", "description": "Written by [Ruslan Habalov](https://www.evonide.com/)."}, {"name": "Introduction to Web Application Security", "url": "https://www.slideshare.net/nragupathy/introduction-to-web-application-security-blackhoodie-us-2018", "description": "Written by [@itsC0rg1](https://twitter.com/itsC0rg1), [@jmkeads](https://twitter.com/jmkeads) and [@matir](https://twitter.com/matir)."}, {"name": "Finding The Real Origin IPs Hiding Behind CloudFlare or TOR", "url": "https://www.secjuice.com/finding-real-ips-of-origin-servers-behind-cloudflare-or-tor/", "description": "Written by [Paul Dannewitz](https://www.secjuice.com/author/paul-dannewitz/)."}, {"name": "Why Facebook's api starts with a for loop", "url": "https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob", "description": "Written by [@AntoGarand](https://twitter.com/AntoGarand)."}, {"name": "How I could have stolen your photos from Google - my first 3 bug bounty writeups", "url": "https://blog.avatao.com/How-I-could-steal-your-photos-from-Google/", "description": "Written by [@gergoturcsanyi](https://twitter.com/gergoturcsanyi)."}, {"name": "An example why NAT is NOT security", "url": "https://0day.work/an-example-why-nat-is-not-security/", "description": "Written by [@0daywork](https://twitter.com/@0daywork)."}, {"name": "WEB APPLICATION PENETRATION TESTING NOTES", "url": "https://techvomit.net/web-application-penetration-testing-notes/", "description": "Written by [Jayson](https://techvomit.net/)."}, {"name": "Hacking with a Heads Up Display", "url": "https://segment.com/blog/hacking-with-a-heads-up-display/", "description": "Written by [David Scrobonia](https://segment.com/blog/authors/david-scrobonia/)."}, {"name": "Alexa Top 1 Million Security - Hacking the Big Ones", "url": "https://slashcrypto.org/data/itsecx2018.pdf", "description": "Written by [@slashcrypto](https://twitter.com/slashcrypto)."}, {"name": "The bug bounty program that changed my life", "url": "http://10degres.net/the-bug-bounty-program-that-changed-my-life/", "description": "Written by [Gwen](http://10degres.net/)."}, {"name": "List of bug bounty writeups", "url": "https://pentester.land/list-of-bug-bounty-writeups.html", "description": "Written by [Mariem](https://pentester.land/)."}, {"name": "Implications of Loading .NET Assemblies", "url": "https://threatvector.cylance.com/en_us/home/implications-of-loading-net-assemblies.html", "description": "Written by [Brian Wallace](https://threatvector.cylance.com/en_us/contributors/brian-wallace.html)."}, {"name": "WCTF2019: Gyotaku The Flag", "url": "https://westerns.tokyo/wctf2019-gtf/wctf2019-gtf-slides.pdf", "description": "Written by [@t0nk42](https://twitter.com/t0nk42)."}, {"name": "How we abused Slack's TURN servers to gain access to internal services", "url": "https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/", "description": "Written by [@sandrogauci](https://twitter.com/sandrogauci)."}, {"name": "DOS File Path Magic Tricks", "url": "https://medium.com/walmartlabs/dos-file-path-magic-tricks-5eda7a7a85fa", "description": "Written by [@clr2of8](https://medium.com/@clr2of8)."}, {"name": "How I got my first big bounty payout with Tesla", "url": "https://medium.com/heck-the-packet/how-i-got-my-first-big-bounty-payout-with-tesla-8d28b520162d", "description": "Written by [@cj.fairhead](https://medium.com/@cj.fairhead)."}], "notes": []}], "total_entries": 413}, {"name": "Executable Packing", "subcategories": [{"name": "Executable Packing", "entries": [{"name": ":books: Literature", "url": "#books-literature", "description": ""}, {"name": ":bookmark\\_tabs: Datasets", "url": "#bookmark_tabs-datasets", "description": ""}, {"name": ":package: Packers", "url": "#package-packers", "description": ""}, {"name": ":wrench: Tools", "url": "#wrench-tools", "description": ""}], "notes": []}, {"name": "Executable Packing \u2014 Documentation", "entries": [], "notes": []}, {"name": "Executable Packing \u2014 Scientific Research", "entries": [{"name": "BODMAS", "url": "https://github.com/whyisyoung/BODMAS", "description": "Code for our DLS'21 paper - BODMAS: An Open Dataset for Learning based Temporal Analysis of PE Malware.", "stars": "92"}, {"name": "Contagio", "url": "https://contagiodump.blogspot.com", "description": "Collection of the latest malware samples, threats, observations, and analyses."}, {"name": "CyberCrime", "url": "https://cybercrime-tracker.net/vx.php", "description": "C\u00b2 tracking and malware database."}, {"name": "Dataset of Packed ELF", "url": "https://github.com/dhondta/dataset-packed-elf", "description": "Compilation of packed ELF samples.", "stars": "21"}, {"name": "Dataset of Packed PE", "url": "https://github.com/dhondta/dataset-packed-pe", "description": "Sanitized version of the original dataset, PackingData, removing packed samples from the Notpacked folder but also samples in packer folders that failed to be packed (having a same hash as the original unpacked executable).", "stars": "43"}, {"name": "Ember", "url": "https://github.com/elastic/ember", "description": "Collection of features from PE files that serve as a benchmark dataset for researchers.", "stars": "1.1k"}, {"name": "Ember2024", "url": "https://github.com/futurecomputing4ai/ember2024", "description": "Update to the EMBER2017 and EMBER2018 datasets.", "stars": "91"}, {"name": "FFRI Dataset Scripts", "url": "https://github.com/FFRI/ffridataset-scripts", "description": "Make datasets like FFRI Dataset.", "stars": "13"}, {"name": "MaleX", "url": "https://github.com/Mayachitra-Inc/MaleX", "description": "Curated dataset of malware and benign Windows executable samples for malware researchers containing 1,044,394 Windows executable binaries and corresponding image representations with 864,669 labelled as malware and 179,725 as benign.", "stars": "52"}, {"name": "Malfease", "url": "https://web.archive.org/web/20141221153307/http://malfease.oarci.net", "description": "Dataset of about 5,000 packed malware samples."}, {"name": "Malheur", "url": "https://web.archive.org/web/20240928172928/https://www.sec.cs.tu-bs.de/data/malheur", "description": "Contains the recorded behavior of malicious software (malware) and has been used for developing methods for classifying and clustering malware behavior (see the JCS article from 2011)."}, {"name": "Malicia", "url": "https://web.archive.org/web/20220615143940/http://malicia-project.com/dataset.html", "description": "Dataset of 11,688 malicous PE files collected from 500 drive-by download servers over a period of 11 months in 2013 (DISCONTINUED)."}, {"name": "MalShare", "url": "https://malshare.com", "description": "Free Malware repository providing researchers access to samples, malicious feeds, and Yara results."}, {"name": "Malware Archive", "url": "https://github.com/jstrosch/malware-samples", "description": "Malware samples, analysis exercises and other interesting resources.", "stars": "1.6k"}, {"name": "The Malware Museum", "url": "https://archive.org/details/malwaremuseum", "description": "Collection of malware programs, usually viruses, that were distributed in the 1980s and 1990s on home computers."}, {"name": "MalwareBazaar", "url": "https://bazaar.abuse.ch/browse", "description": "Project operated by abuse.ch aimed to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats."}, {"name": "MalwareGallery", "url": "https://www.malwaregallery.com", "description": "Yet another malware collection in the Internet."}, {"name": "MalwareSamples", "url": "https://github.com/MalwareSamples", "description": "Bringing you the best of the worst files on the Internet."}, {"name": "MalwareTips", "url": "https://malwaretips.com", "description": "Community-driven platform providing the latest information and resources on malware and cyber threats."}, {"name": "OARC Malware Dataset", "url": "https://www.dns-oarc.net", "description": "Semi-public dataset of 3,467 samples captured in the wild from Sep 2005 to Jan 2006 by mail traps, user submissions, honeypots and other sources aggregated by the OARC, available to qualified academic and industry researchers upon request."}, {"name": "Open Malware Project", "url": "https://web.archive.org/web/20190116100735/http://www.offensivecomputing.net/", "description": "Online collection of malware samples (formerly Offensive Computing)."}, {"name": "PackingData", "url": "https://github.com/chesvectain/PackingData", "description": "Original dataset with sample PE files packed with a large variety of packers, including ASPack, BeRoEXEPacker, exe32pack, eXpressor, FSG, JDPack, MEW, Molebox, MPRESS, Neolite, NSPack, Pckman, PECompact, PEtite, RLPack, UPX, WinUpack, Yoda's Crypter and Yoda's Protector.", "stars": "16"}, {"name": "Packware", "url": "https://github.com/ucsb-seclab/packware", "description": "Datasets and codes that are needed to reproduce the experiments in the paper \"When Malware is Packing Heat\".", "stars": "89"}, {"name": "RCE Lab", "url": "https://github.com/apuromafo/RCE_Lab", "description": "Crackme's, keygenme's, serialme's ; the \"tuts4you\" folder contains many packed binaries.", "stars": "43"}, {"name": "Runtime Packers Testset", "url": "https://www.researchgate.net/publication/268030543_Runtime_Packers_The_Hidden_Problem", "description": "Dataset of 10 common Malware files, packed with about 40 different runtime packers in over 500 versions and options, with a total of about 5,000 samples."}, {"name": "SAC", "url": "https://www.sac.sk/files.php?d=7\\&l=", "description": "Slovak Antivirus Center, non-commercial project of AVIR and ESET companies ; contains packers, detectors and unpackers."}, {"name": "SOREL", "url": "https://github.com/sophos-ai/SOREL-20M", "description": "Sophos-ReversingLabs 20 Million dataset.", "stars": "691"}, {"name": "theZoo", "url": "https://github.com/ytisf/theZoo", "description": "Project created to make the possibility of malware analysis open and available to the public.", "stars": "13k"}, {"name": "ViruSign", "url": "https://web.archive.org/web/20200615094642/http://www.virusign.com/", "description": "Another online malware database."}, {"name": "VirusSamples", "url": "https://www.virussamples.com", "description": "Best of the worst kind of files on the Internet."}, {"name": "VirusShare", "url": "https://virusshare.com", "description": "Virus online database with more than 44 millions of samples."}, {"name": "VirusSign", "url": "https://www.virussign.com", "description": "Giant database dedicated to combating malware in the digital world."}, {"name": "VirusTotal", "url": "https://www.virustotal.com/gui/", "description": "File analysis Web service for detecting malware."}, {"name": "VX Heaven", "url": "https://web.archive.org/web/20170817143838/http://vxheaven.org/", "description": "Site dedicated to providing information about computer viruses."}, {"name": "VX Underground", "url": "https://vx-underground.org/Samples", "description": "PL-CERT based open source MWDB python application holding a malware database containing every APT sample from 2010 and over 7.5M maliciousbinaries."}, {"name": "VXvault", "url": "http://vxvault.net/ViriList.php", "description": "Online malware database."}, {"name": "WildList", "url": "https://web.archive.org/web/20220927214837/http://www.wildlist.org/CurrentList.txt", "description": "Cooperative listing of malwares reported as being in the wild by security professionals."}], "notes": []}, {"name": "Executable Packing \u2014 After 2010", "entries": [{"name": "Alienyze", "url": "https://alienyze.com", "description": "Advanced software protection and security for Windows 32-bit executables."}, {"name": "Alternate EXE Packer", "url": "https://www.alternate-tools.com/pages/c_exepacker.php", "description": "Compression tool for executable files (type EXE) or DLL's relying on UPX 3.96."}, {"name": "Amber", "url": "https://github.com/EgeBalci/amber/releases", "description": "Position-independent(reflective) PE loader that enables in-memory execution of native PE files(EXE, DLL, SYS).", "stars": "1.4k"}, {"name": "Andromeda", "url": "https://blog.morphisec.com/andromeda-tactics-analyzed", "description": "Custom packer used in malware campaigns using RunPE techniques for evading AV mitigation methods."}, {"name": "APKProtect", "url": "https://sourceforge.net/projects/apkprotect", "description": "APK encryption and shell protection supporting Java and C++."}, {"name": "Armadillo", "url": "https://web.archive.org/web/20030324043555/https://www.exetools.com/files/protectors/win/armd252b2.zip", "description": "Incorporates both a license manager and wrapper system for protecting PE files."}, {"name": "ASM Guard", "url": "https://github.com/DosX-dev/ASM-Guard", "description": "Packer utility for compressing and complicating reversing compiled native code (native files), protecting resources, adding DRM, and packing into an optimized loader.", "stars": "264"}, {"name": "ASPack", "url": "http://www.aspack.com/aspack.html", "description": "Advanced solution created to provide Win32 EXE file packing and to protect them against non-professional reverse engineering."}, {"name": "ASProtect 32", "url": "http://www.aspack.com/asprotect32.html", "description": "Multifunctional EXE packing tool designed for software developers to protect 32-bit applications with in-built application copy protection system."}, {"name": "ASProtect 64", "url": "http://www.aspack.com/asprotect64.html", "description": "Tool for protecting 64-bit applications and .NET applications for Windows against unauthorized use, industrial and home copying, professional hacking and analysis of software products distributed over the Internet and on any physical media."}, {"name": "Astral-PE", "url": "https://github.com/DosX-dev/Astral-PE", "description": "Low-level mutator (Headers/EP obfuscator) for native Windows PE files (x32/x64).", "stars": "329"}, {"name": "AutoIT", "url": "https://www.autoitscript.com/site", "description": "Legitimate executable encryption service."}, {"name": "AxProtector", "url": "https://www.wibu.com/us/products/protection-suite/axprotector.html", "description": "Encrypts the complete software you aim to protect, and shields it with a security shell, AxEngine, best-of-breed anti-debugging and anti-disassembly methods are then injected into your software."}, {"name": "Backpack", "url": "https://github.com/Enelg52/Backpack", "description": "", "stars": "19"}, {"name": "BangCle", "url": "https://github.com/woxihuannisja/Bangcle", "description": "Protection tool using the second generation Android Hardening Protection, loading the encrypted DEX file from memory dynamically.", "stars": "407"}, {"name": "Bero", "url": "https://blog.rosseaux.net/page/875fbe6549aa072b5ee0ac9cefff4827/BeRoEXEPacker", "description": "BEP (Bero EXE Packer) for 32-bit windows executables."}, {"name": "BIN-crypter", "url": "https://www.autoitscript.com/forum/topic/129383-bin-crypter/", "description": "EXE protection software against crackers and decompilers."}, {"name": "BoxedApp Packer", "url": "https://www.boxedapp.com/boxedapppacker", "description": ""}, {"name": "Code Virtualizer", "url": "https://www.oreans.com/CodeVirtualizer.php", "description": "Powerful code obfuscation system for Windows, Linux and macOS applications that helps developers to protect their sensitive code areas against Reverse Engineering with very strong obfuscation code, based on code virtualization."}, {"name": "ConfuserEx", "url": "https://github.com/mkaring/ConfuserEx", "description": "An open-source, free protector for .NET applications.", "stars": "2.8k"}, {"name": "Crinkler", "url": "https://github.com/runestubbe/Crinkler", "description": "Compressing linker for Windows, specifically targeted towards executables with a size of just a few kilobytes.", "stars": "1.2k"}, {"name": "DarkCrypt", "url": "https://totalcmd.net/plugring/darkcrypttc.html", "description": "Simply and powerful plugin for Total Commander used for file encryption using 100 algorithms and 5 modes."}, {"name": "DexGuard", "url": "https://www.guardsquare.com/en/products/dexguard", "description": "Android app obfuscation & security protocols for mobile app protection."}, {"name": "DexProtector", "url": "https://dexprotector.com/", "description": "Multi-layered RASP solution that secures your Android and iOS apps against static and dynamic analysis, illegal use and tampering."}, {"name": "DotBundle", "url": "https://web.archive.org/web/20160508074421/http://www.dotbundle.com:80/download.html", "description": "GUI tool to compress, encrypt ad password-protect a .NET application or embed .NET libraries."}, {"name": "DotNetZ", "url": "https://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/NETZ.shtml", "description": "Straightforward and lightweight, command-line piece of software written in C that allows you to compress and pack Microsoft .NET Framework executable files."}, {"name": "ElecKey", "url": "https://www.sciensoft.com", "description": "Suite of software and tools that offer a complete solution for software protection, copy protection, and license management."}, {"name": "ELF Packer", "url": "https://github.com/telepath9000/elf-packer", "description": "Encrypts 64-bit elf files that decrypt at runtime.", "stars": "37"}, {"name": "ELF-Encrypter", "url": "https://elf-encrypter.sourceforge.net/", "description": "Collection of programs to encrypt ELF binaries using various algorithms."}, {"name": "ELF-Packer", "url": "https://github.com/glen-mac/ELF-Packer", "description": "Simple Polymorphic x86\\_64 Runtime Code Segment Cryptor.", "stars": "59"}, {"name": "ELFCrypt", "url": "https://github.com/droberson/ELFcrypt", "description": "Simple ELF crypter using RC4 encryption.", "stars": "127"}, {"name": "ELFkickers", "url": "https://github.com/BR903/ELFkickers", "description": "A collection of programs that access and manipulate ELF files.", "stars": "614"}, {"name": "ELFuck", "url": "https://github.com/timhsutw/elfuck", "description": "ELF packer for i386 original version from sk2 by sd.", "stars": "32"}, {"name": "Enigma Protector", "url": "https://www.enigmaprotector.com", "description": "Professional system for executable files licensing and protection."}, {"name": "Enigma Virtual Box", "url": "https://www.enigmaprotector.com/en/aboutvb.html", "description": "Application virtualization system for Windows."}, {"name": "Eronona-Packer", "url": "https://github.com/Eronana/packer", "description": "This is a packer for exe under win32.", "stars": "48"}, {"name": "EXE Bundle", "url": "https://exebundle.software.informer.com/3.1", "description": "Bundles application files into a single PE32 file."}, {"name": "Ezuri", "url": "https://github.com/guitmz/ezuri/blob/master/ezuri.go", "description": "A Simple Linux ELF Runtime Crypter.", "stars": "270"}, {"name": "GzExe", "url": "https://git.savannah.gnu.org/cgit/gzip.git", "description": "Utility that allows to compress executables as a shell script."}, {"name": "hXOR-Packer", "url": "https://github.com/rurararura/hXOR-Packer", "description": "PE packer with Huffman compression and XOR encryption.", "stars": "67"}, {"name": "Hyperion", "url": "https://github.com/nullsecuritynet/tools/tree/main/binary/hyperion", "description": "", "stars": "65"}, {"name": "LIAPP", "url": "https://liapp.lockincomp.com", "description": "Easiest and most powerful mobile app security solution."}, {"name": "LM-X License Manager", "url": "https://www.x-formation.com/lm-x-license-manager", "description": "Lets you protect your products against piracy by enforcing various levels of security, save time, and reduce business risks."}, {"name": "m0dern\\_p4cker", "url": "https://github.com/n4sm/m0dern_p4cker", "description": "Just a modern packer for elf binaries ( works on Linux executables only ).", "stars": "41"}, {"name": "MidgetPack", "url": "https://github.com/arisada/midgetpack", "description": "ELF binary packer, such as burneye, upx or other tools.", "stars": "208"}, {"name": "MPRESS", "url": "https://www.autohotkey.com/mpress/mpress_web.htm", "description": "Compresses (using LZMA) and protects PE, .NET or Mach-O programs against reverse engineering."}, {"name": "NetCrypt", "url": "https://github.com/friedkiwi/netcrypt", "description": "A proof-of-concept packer for .NET executables, designed to provide a starting point to explain the basic principles of runtime packing.", "stars": "62"}, {"name": ".netshrink", "url": "https://www.pelock.com/products/netshrink", "description": "Executable compressor for your Windows or Linux .NET application executable file using LZMA."}, {"name": "Obsidium", "url": "https://www.obsidium.de/product/sps/download", "description": "Feature-rich professional software protection and licensing system designed as a cost effective and easy to implement, yet reliable and non-invasive way to protect your 32- and 64-bit Windows software applications and games from reverse engineering."}, {"name": "oplzkwp", "url": "https://github.com/tweksteen/oplzkwp", "description": "Library for ELF obfuscation ; it uses PRESENT and blake244 to encrypt your payload on the fly.", "stars": "70"}, {"name": "Origami", "url": "https://github.com/dr4k0nia/Origami", "description": "Packer compressing .net assemblies, (ab)using the PE format for data storage.", "stars": "177"}, {"name": "OS-X\\_Packer", "url": "https://web.archive.org/web/20200929161737/https://github.com/AlysonBee/OSX_Packer", "description": "Binary packer for the Mach-O file format."}, {"name": "Pakkero", "url": "https://github.com/89luca89/pakkero", "description": "Binary packer written in Go made for fun and educational purpose.", "stars": "269"}, {"name": "Pakr", "url": "https://github.com/iangcarroll/pakr", "description": "In-memory packer for macOS Mach-O bundles.", "stars": "9"}, {"name": "Papaw", "url": "https://github.com/dimkr/papaw", "description": "Permissively-licensed packer for ELF executables using LZMA Zstandard or Deflate compression.", "stars": "46"}, {"name": "PE-Packer", "url": "https://github.com/czs108/PE-Packer", "description": "Simple packer for Windows 32-bits PE files.", "stars": "356"}, {"name": "PE-Toy", "url": "https://github.com/r0ngwe1/petoy", "description": "A PE file packer.", "stars": "8"}, {"name": "PELock", "url": "https://www.pelock.com", "description": "Software protection system for Windows executable files ; protects your applications from tampering and reverse engineering, and provides extensive support for software license key management, including support for time trial periods."}, {"name": "PePacker", "url": "https://github.com/SamLarenN/PePacker", "description": "Simple PE Packer Which Encrypts .text Section I release a simple PE file packer which encrypts the .text section and adds a decryption stub to the end of the last section.", "stars": "50"}, {"name": "PEShield", "url": "https://webscene.ir/tools/show/PE-SHIELD-0.25", "description": "PE-SHiELD is a program, which encrypts 32-bit Windows EXE files, leaving them still executable."}, {"name": "PESpin", "url": "http://downloads.fyxm.net/PESpin-95477.html", "description": ""}, {"name": "PEtite", "url": "https://www.un4seen.com/petite/", "description": "Free Win32 (Windows 95/98/2000/NT/XP/Vista/7/etc) executable (EXE/DLL/etc) compressor."}, {"name": "PEzoNG", "url": "https://www.youtube.com/watch?v=RZAWSCesiSs", "description": "Framework for automatically creating stealth binaries that target a very low detection rate in a Windows environment."}, {"name": "PEzor", "url": "https://github.com/phra/PEzor", "description": "Open-Source Shellcode & PE Packer.", "stars": "2.1k"}, {"name": "pocrypt", "url": "https://github.com/picoflamingo/pocrypt", "description": "Naive Proof of Concept Crypter for GNU/Linux ELF64.", "stars": "11"}, {"name": "ProtectMyTooling", "url": "https://github.com/mgeeky/ProtectMyTooling", "description": "Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry.", "stars": "1k"}, {"name": "ps2-packer", "url": "https://github.com/ps2dev/ps2-packer", "description": "Create packed ELF files to run on the PS2.", "stars": "80"}, {"name": "RapidEXE", "url": "https://sourceforge.net/projects/rapidexe", "description": "Simple and efficient way to convert a PHP/Python script to a standalone executable."}, {"name": "sherlocked", "url": "https://github.com/elfmaster/sherlocked", "description": "", "stars": "105"}, {"name": "Silent-Packer", "url": "https://github.com/SilentVoid13/Silent_Packer", "description": "Silent Packer is an ELF / PE packer written in pure C.", "stars": "108"}, {"name": "Simple-PE32-Packer", "url": "https://github.com/z3r0d4y5/Simple-PE32-Packer", "description": "Simple PE32 Packer with aPLib compression library.", "stars": "9"}, {"name": "SimpleDPack", "url": "https://github.com/YuriSizuku/SimpleDpack", "description": "A very simple windows EXE packing tool for learning or investigating PE structure.", "stars": "117"}, {"name": "Smart Packer", "url": "https://www.smartpacker.nl", "description": "Packs 32 & 64bit applications with DLLs, data files, 3rd party run-time into one single executable that runs instantly, with no installs or hassles."}, {"name": "Squishy", "url": "https://logicoma.io/squishy", "description": "Modern packer developed for 64kb demoscene productions, targets 32bit and 64bit executables."}, {"name": "theArk", "url": "https://github.com/aaaddress1/theArk", "description": "Windows x86 PE Packer In C++.", "stars": "51"}, {"name": "Themida", "url": "https://www.oreans.com/themida.php", "description": "From Renovo paper: Themida converts the original x86 instructions into virtual instructions in its own randomized instruction set, and then interpret these virtual instructions at run-time."}, {"name": "UPX", "url": "https://upx.github.io/", "description": "Ultimate Packer for eXecutables."}, {"name": "VirtualMachineObfuscationPoC", "url": "https://web.archive.org/web/20231226141018/https://github.com/eaglx/VirtualMachineObfuscationPoC", "description": "Obfuscation method using virtual machine."}, {"name": "VMProtect", "url": "https://vmpsoft.com/products/vmprotect", "description": "Protects code by executing it on a virtual machine with non-standard architecture that makes it extremely difficult to analyze and crack the software."}, {"name": "Ward", "url": "https://github.com/ex0dus-0x/ward", "description": "Simple implementation of an ELF packer that creates stealthy droppers for loading malicious ELFs in-memory.", "stars": "22"}, {"name": "Woody Wood Packer", "url": "https://github.com/Jibus22/woody_woodpacker", "description": "ELF packer - encrypt and inject self-decryption code into executable ELF binary target.", "stars": "21"}, {"name": "xorPacker", "url": "https://github.com/nqntmqmqmb/xorPacker", "description": "Simple packer working with all PE files which cipher your exe with a XOR implementation.", "stars": "15"}, {"name": "XyrisPack", "url": "https://github.com/01Xyris/XyrisPack", "description": "", "stars": "11"}, {"name": "zELF", "url": "https://github.com/seb3773/zelf", "description": "A modular ELF64 packer for Linux x86\\_64 featuring 22 compression codecs, ML-based codec selection, and support for both static and PIE binaries.", "stars": "3"}, {"name": "ZProtect", "url": "http://www.jiami.net", "description": "Renames metadata entities and supports advanced obfuscation methods that harden protection scheme and foil reverse engineering altogether."}], "notes": []}, {"name": "Executable Packing \u2014 Between 2000 and 2010", "entries": [{"name": "20to4", "url": "http://20to4.net", "description": "Executable compressor that is able to stuff about 20k of finest code and data into less than 4k."}, {"name": "ACProtect", "url": "https://www.yaldex.com/Bestsoft/Utilities/acprotect.htm", "description": "Application that allows to protect Windows executable files against piracy, using RSA to create and verify the registration keys and unlock code."}, {"name": "AHPack", "url": "https://www.delphibasics.info/home/delphibasicscounterstrikewireleases/ahpacker01byfeuerraderahteam", "description": "PE and PE+ file packer."}, {"name": "Application Protector", "url": "https://sourceforge.net/projects/balaji/", "description": "Tool for protecting Windows applications."}, {"name": "AT4RE Protector", "url": "https://en.52yma.com/thread-5444-1-1.html", "description": "Very simple PE files protector programmed in ASM."}, {"name": "AverCryptor", "url": "https://web.archive.org/web/20071012084924/http://secnull.org", "description": "Small and very handy utility designed to encrypt notes in which you can store any private information - it helps to hide your infection from antiviruses."}, {"name": "BurnEye", "url": "https://packetstormsecurity.com/files/29691/burneye-1.0-linux-static.tar.gz.html", "description": "ELF encryption program, x86-linux binary."}, {"name": "ByteBoozer", "url": "https://csdb.dk/release/?id=33093", "description": "Commodore 64 executable packer."}, {"name": "cryptelf", "url": "https://packetstormsecurity.com/files/30886/cryptelf.c.html", "description": "Modifies binary by appending code to handle runtime decryption, changing the program EP and changing the .note segment to LOAD ; encrypts the .text section by XORing its bytes with a key."}, {"name": "CryptExec", "url": "http://phrack.org/issues/63/13.html", "description": "Next-generation runtime binary encryption using on-demand function extraction."}, {"name": "EXE Guarder", "url": "http://www.exeicon.com/exeguarder", "description": "Licensing tool for PE files allowing to compress and specify a password notice."}, {"name": "EXE Wrapper", "url": "https://web.archive.org/web/20160331144211/http://533soft.com/exewrapper", "description": "Protects any EXE file with a password from non-authorized execution."}, {"name": "Exe32Pack", "url": "https://exe32pack.apponic.com/", "description": "Compresses Win32 EXEs, DLLs, etc and dynamically expands them upon execution."}, {"name": "EXECryptor", "url": "https://execryptor.freedownloadscenter.com/windows", "description": "Protects EXE programs from reverse engineering, analysis, modifications and cracking."}, {"name": "ExeFog", "url": "https://www.delphibasics.info/home/delphibasicscounterstrikewireleases/exefog11-executablepackerbybagie", "description": "Simple Win32 PE files packer."}, {"name": "eXPressor", "url": "https://www.cgsoftlabs.ro/express.html", "description": "Used as a compressor this tool can compress EXE files to half their normal size."}, {"name": "FSG", "url": "https://web.archive.org/web/20030324043555/https://www.exetools.com/files/compressors/win/fsg.zip", "description": "*Fast Small Good*, perfect compressor for small exes, eg."}, {"name": "GHF Protector", "url": "https://www.delphibasics.info/home/delphibasicscounterstrikewireleases/ghfprotector10", "description": "Executable packer / protector based on open source engines Morphine and AHPack."}, {"name": "HackStop", "url": "https://defacto2.net/f/a520164?packer=hs", "description": "EXE and COM programs encrypter and protector."}, {"name": "Kkrunchy", "url": "http://www.farbrausch.de/~fg/kkrunchy", "description": "Small exe packer primarily meant for 64k intros."}, {"name": "Laturi", "url": "http://laturi.haxor.fi", "description": "Linker and compressor intended to be used for macOS 1k, 4k and perhaps 64K intros."}, {"name": "mPack", "url": "https://blog.fearcat.in/a?ID=00050-86a031da-e36f-4409-9a08-d3d993dbf8f5", "description": "Mario PACKersimple Win32 PE Executable compressor."}, {"name": "NSPack", "url": "https://nspack.apponic.com", "description": "32/64-bits exe, dll, ocx, scr Windows program compressor."}, {"name": "NTPacker", "url": "https://hacking-software-free-download.blogspot.com/2013/02/nt-packer-v21.html", "description": "PE file packer relying on aPlib for compression and/or XOR for encryption."}, {"name": "PECompact", "url": "http://www.bitsum.com/pec2.asp", "description": "Windows executable compressor featuring third-party plug-ins offering protection against reverse engineering."}, {"name": "RDMC", "url": "https://www.sac.sk/download/pack/rdm006be.zip", "description": "DMC algorithm based packer."}, {"name": "RLPack", "url": "https://web.archive.org/web/20070527132336/http://rlpack.jezgra.net", "description": "Compresses your executables and dynamic link libraries in a way that keeps them small and has no effect on compressed file functionality."}, {"name": "RSCC", "url": "https://defacto2.net/f/a520164?packer=rscc", "description": "ROSE Super COM Crypt ; polymorph cryptor for files greater than 300-400B and smaller than 60kB."}, {"name": "RUCC", "url": "https://defacto2.net/f/a520164?packer=rucc", "description": "ROSE Ultra COM Compressor ; COM and EXE compression utility based on 624."}, {"name": "Sentinel HASP Envelope", "url": "https://cpl.thalesgroup.com/en-gb/software-monetization/all-products/sentinel-hasp", "description": "Wrapping application that protects the target application with a secure shield, providing a means to counteract reverse engineering and other anti-debugging measures."}, {"name": "sePACKER", "url": "https://sourceforge.net/projects/sepacker/", "description": "Simple Executable Packer is compressing executables' code section inorder to decrease size of binary files."}, {"name": "Shiva", "url": "https://packetstormsecurity.com/files/31087/shiva-0.95.tar.gz.html", "description": "Tool to encrypt ELF executables under Linux."}, {"name": "tElock", "url": "https://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/Telock.shtml", "description": "Practical tool that intends to help developers who want to protect their work and reduce the size of the executable files."}, {"name": "TTProtect", "url": "https://web.archive.org/web/20081218083606/http://www.ttprotect.com/en/index.htm", "description": "Professional protection tool designed for software developers to protect their PE applications against illegal modification or decompilation."}, {"name": "UPack", "url": "https://www.sac.sk/download/pack/upack399.rar", "description": "Compresses Windows PE file."}, {"name": "UPX-Scrambler", "url": "https://defacto2.net/f/a520164?packer=upxs", "description": "Scrambler for files packed with UPX (up to 1.06) so that they cannot be unpacked with the '-d' option."}, {"name": "WinUpack", "url": "https://www.sac.sk/download/pack/wupck039.zip", "description": "Graphical interface for Upack, a command-line program used to create self-extracting archives from Windows PE files."}, {"name": "x86.Virtualizer", "url": "http://rewolf.pl", "description": "x86 Virtualizer."}, {"name": "XComp", "url": "http://www.soft-lab.de/JoKo/index_old.htm", "description": "PE32 image file packer and rebuilder."}, {"name": "Yoda Crypter", "url": "https://sourceforge.net/projects/yodap/files/Yoda%20Crypter/1.3/yC1.3.zip/download", "description": "Supports polymorphic encryption, softice detection, anti-debug API's, anti-dumping, etc, encrypts the Import Table and erases PE Header."}, {"name": "Yoda Protector", "url": "http://yodap.sourceforge.net", "description": "Free, open source, Windows 32-bit software protector."}], "notes": []}, {"name": "Executable Packing \u2014 Before 2000", "entries": [{"name": "32Lite", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/32lte02d.zip", "description": "Compression tool for executable files created with Watcom C/C++ compiler."}, {"name": "624", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/624-11.zip", "description": "COM packer that can compress COM programs shorter than 25000 bytes."}, {"name": "ABK Scrambler", "url": "https://defacto2.net/f/a520164?packer=abk-scrambler", "description": "COM file scrambler and protector recoded from ABKprot."}, {"name": "AEP", "url": "https://defacto2.net/f/a520164?packer=aep", "description": "Addition Encode-Protective for COM and EXE file."}, {"name": "AINEXE", "url": "https://defacto2.net/f/a520164?packer=ainexe", "description": "DOS executable packer (part of the AIN Archiver suite)."}, {"name": "aPack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/apack099.zip", "description": "16-bit real-mode DOS executable ( .EXE and .COM ) compressor."}, {"name": "AVPack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/avpck122.zip", "description": "Encrypts EXE or COM files so that they'll be able to start on your PC only."}, {"name": "AXE", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/axe22.zip", "description": "Program compression utility."}, {"name": "BIN-Lock", "url": "https://defacto2.net/f/a520164?packer=bin-lock", "description": "COM file scrambler for preventing reverse engineering."}, {"name": "BitLok", "url": "https://defacto2.net/f/a520164?packer=bitlok", "description": "COM and EXE file protector."}, {"name": "CauseWay Compressor", "url": "https://gitlab.com/tkchia/causeway", "description": "DOS EXE compressor."}, {"name": "CC Pro", "url": "https://defacto2.net/f/a520164?packer=ccpro", "description": "COM and EXE executable file compression utility."}, {"name": "CEXE", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/win/cexe10a.zip", "description": "Compresses an input EXE into a smaller executable (only runs on WinNT, Win2000 and above - won't run on Win95 or Win98)."}, {"name": "COMProtector", "url": "https://defacto2.net/f/a520164?packer=comprotector", "description": "Adds a security envelope around DOS .COM files by randomly encrypting it and adding several anti-debugging tricks."}, {"name": "CrackStop", "url": "https://defacto2.net/f/a520164?packer=crackstop", "description": "Tool that creates a security  envelope around a DOS EXE file to protect it against crackers."}, {"name": "Crunch", "url": "https://defacto2.net/f/a520164?packer=crunch", "description": "File encryptor for COM and EXE files."}, {"name": "EPack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/epack16.zip", "description": "EXE and COM file compressor ; works with DOS/Windows95 files."}, {"name": "ExeGuard", "url": "https://defacto2.net/f/a520164?packer=exeguard", "description": "DOS EXE files free protector using anti-debugging ticks to prevent hacking, analysis and unpacking."}, {"name": "EXELOCK 666", "url": "https://defacto2.net/f/a520164?packer=exelock666", "description": "Utility for protecting .EXE files so no lamers can hack out the copyright."}, {"name": "Fire-Pack", "url": "http://files.dhs.nu/files_source/axe.zip?fire-pack", "description": ""}, {"name": "FSE", "url": "https://defacto2.net/f/a520164?packer=fse", "description": "Final Fantasy Security Envelope freeware for protecting COM and EXE progams."}, {"name": "Gardian Angel", "url": "https://defacto2.net/f/a520164?packer=gardian-angel", "description": "COM and EXE encrypter and protector using a variety of anti-debugging tricks."}, {"name": "JMCryptExe", "url": "https://defacto2.net/f/a520164?packer=jmce", "description": "DOS EXE encrypter."}, {"name": "LGLZ", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/lglz104b.zip", "description": "DOS EXE and COM file compressor using modified LZ77."}, {"name": "LzExe", "url": "https://defacto2.net/f/a520164?packer=lzexe", "description": "MS-DOS executable file compressor."}, {"name": "Mask", "url": "https://defacto2.net/f/a520164?packer=mask", "description": "Tool that prevents COM program from being cracked by using encryption and anti-debugging tricks."}, {"name": "Megalite", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/megal120.zip", "description": "MS-DOS executable file compressor."}, {"name": "Mess", "url": "https://defacto2.net/f/a520164?packer=mess", "description": "This tool does the same as HackStop, with the exception that it is freeware for non-commercial use."}, {"name": "Morphine", "url": "https://github.com/bowlofstew/rootkit.com/blob/master/hf/Morphine27", "description": "Application for PE files encryption.", "stars": "302"}, {"name": "Neolite", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/win/neolte20.zip", "description": "Compresses Windows 32-bit EXE files and DLLs."}, {"name": "PACK", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/pack201.zip", "description": "Executable files compressor."}, {"name": "Pack-Ice", "url": "http://files.dhs.nu/files_source/axe.zip?pack-ice", "description": ""}, {"name": "PCShrink", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/win/pcsnk071.zip", "description": "Windows 9x/NT executable file compressor relying on the aPLib compression library."}, {"name": "PE Diminisher", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/win/ped.zip", "description": "Simple PE packer relying on the aPLib compression library."}, {"name": "PE-Protector", "url": "https://web.archive.org/web/20030324043555/https://www.exetools.com/files/protectors/win/pe-protector10.zip", "description": "Encrypter/protector for Windows 9x/ME to protect executable files PEagainst reverse engineering or cracking with a very strong protection."}, {"name": "PEBundle", "url": "https://bitsum.com/pebundle.htm", "description": "Physically attaches DLL(s) to an executable, resolving dependencies in memory."}, {"name": "PEPack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/win/pepack10.zip", "description": "PE compression tool based on the code of a newer version of PE-SHiELD."}, {"name": "PKlite", "url": "https://defacto2.net/f/a520164?packer=pklite", "description": "Easy-to-use file compression program for compressing DOS and Windows executable files."}, {"name": "Pro-Pack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/pp219.zip", "description": "DOS executable file compressor."}, {"name": "RERP", "url": "https://www.sac.sk/download/pack/rerp.rar", "description": "ROSE's EXE Relocation Packer."}, {"name": "RJCrush", "url": "https://www.sac.sk/download/pack/rjc-beta.zip", "description": "EXE and COM files compressor with the ability to compress overlays."}, {"name": "Scorpion", "url": "https://defacto2.net/f/a520164?packer=scorpion", "description": "EXE and COM file encrypter and protector."}, {"name": "SecuPack", "url": "https://web.archive.org/web/20210119235522/https://www.exetools.com/files/compressors/win/secupack15.zip", "description": "Win32 executable compressor."}, {"name": "Shrinker", "url": "https://www.sac.sk/download/pack/shrinker.exe", "description": "Compresses (up to 70%) 16 and 32 bit Windows and real mode DOS programs."}, {"name": "SPack", "url": "https://www.sac.sk/download/pack/spack20.zip", "description": ""}, {"name": "$PIRIT", "url": "https://defacto2.net/f/a520164?packer=%24pirit", "description": "COM/EXE executable files polymorphic encryptor."}, {"name": "SysPack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/syspack.zip", "description": "Device drivers compressor."}, {"name": "T-Pack", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/tpack05.zip", "description": "Executable COM-FILE  compressor (LZ77) optimized for small files like BBS-Addys or similar files."}, {"name": "TinyProg", "url": "https://www.sac.sk/download/pack/tinyp39.zip", "description": "EXE and COM programs compressor."}, {"name": "TRAP", "url": "https://defacto2.net/f/a520164?packer=trap", "description": "EXE and COM files encrypter and protector."}, {"name": "Vacuum", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/vacuum.zip", "description": "Runtime Compressor for DOS32 executables."}, {"name": "WinLite", "url": "https://www.sac.sk/download/pack/winlite1.zip", "description": "Compresses Windows executables (such as Pklite, Diet or Wwpack) for executables programs under DOS."}, {"name": "WWPack", "url": "https://defacto2.net/f/a520164?packer=wwpack", "description": "Squeezes EXE files, compresses relocation tables, optimizes headers, protects EXE files from hacking."}, {"name": "XE", "url": "https://defacto2.net/f/a520164?packer=xe", "description": "PE32 image file packer and rebuilder."}, {"name": "XorCopy", "url": "https://defacto2.net/f/a520164?packer=xorcopy", "description": "COM file XOR-based encrypter."}, {"name": "XORER", "url": "https://defacto2.net/f/a520164?packer=xorer", "description": "COM file XOR-based encrypter."}, {"name": "XPA", "url": "https://web.archive.org/web/20060111104142/http://www.exetools.com/files/compressors/dos/xpa.zip", "description": "DOS executable packer."}, {"name": "XPack", "url": "https://defacto2.net/f/a520164?packer=xpack", "description": "EXE/COM/SYS executable file compressor."}, {"name": "Android Unpacker", "url": "https://github.com/strazzere/android-unpacker", "description": "Presented at Defcon 22: Android Hacker Protection Level 0.", "stars": "1.2k"}, {"name": "Angr", "url": "https://github.com/angr/angr", "description": "Platform-agnostic binary analysis framework.", "stars": "8.5k"}, {"name": "APKiD", "url": "https://github.com/rednaga/APKiD", "description": "Android application Identifier for packers, protectors, obfuscators and oddities - PEiD for Android.", "stars": "2.4k"}, {"name": "aPLib", "url": "https://ibsensoftware.com/products_aPLib.html", "description": "Compression library based on the algorithm used in aPACK."}, {"name": "AppSpear", "url": "https://github.com/UchihaL/AppSpear", "description": "Universal and automated unpacking system suitable for both Dalvik and ART.", "stars": "45"}, {"name": "Assiste (Packer)", "url": "https://web.archive.org/web/20211017145403/https://assiste.com/Packer.html", "description": "Assiste.com's example list of packers."}, {"name": "AVClass", "url": "https://github.com/malicialab/avclass", "description": "Python tools to tag / label malware samples.", "stars": "483"}, {"name": "Bintropy", "url": "https://github.com/dhondta/bintropy", "description": "Prototype analysis tool that estimates the likelihood that a binary file contains compressed or encrypted bytes.", "stars": "47"}, {"name": "BinUnpack", "url": "https://dl.acm.org/doi/10.1145/3243734.3243771?-", "description": "Unpacking approach free from tedious memory access monitoring, therefore introducing very small runtime overhead."}, {"name": "Binutils", "url": "https://www.gnu.org/software/binutils", "description": "The GNU Binutils are a collection of binary tools for Linux (it namely includes Readelf)."}, {"name": "BitBlaze", "url": "http://bitblaze.cs.berkeley.edu/release/index.html", "description": "Analysis platform that features a novel fusion of static and dynamic analysis techniques, mixed concrete and symbolic execution, and whole-system emulation and binary instrumentation, all to facilitate state-of-the art research on real security problems."}, {"name": "Capa", "url": "https://github.com/mandiant/capa", "description": "Open-source tool to identify capabilities in PE, ELF or .NET executable files.", "stars": "5.8k"}, {"name": "Capstone", "url": "https://www.capstone-engine.org", "description": "Lightweight multi-platform, multi-architecture disassembly framework."}, {"name": "Cave-Finder", "url": "https://github.com/adamhlt/Cave-Finder", "description": "Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files.", "stars": "71"}, {"name": "CFF Explorer", "url": "https://ntcore.com/?page_id=388", "description": "PE32/64 and .NET editor, part of the Explorer Suite."}, {"name": "ChkEXE", "url": "https://defacto2.net/f/a91dea6?dosmachine=svga\\&dosspeed=max", "description": "Identifies almost any EXE/COM packer, crypter or protector."}, {"name": "Clamscan Unpacker", "url": "https://clamunpacker.sourceforge.io/", "description": "Unpacker derived from ClamAV."}, {"name": "COM2EXE", "url": "https://defacto2.net/f/a520164?tool=com2exe", "description": "Free tool for converting COM files to EXE format."}, {"name": "de4dot", "url": "https://github.com/0xd4d/de4dot", "description": ".NET deobfuscator and unpacker.", "stars": "7.3k"}, {"name": "de4js", "url": "https://github.com/lelinhtinh/de4js", "description": "JavaScript Deobfuscator and Unpacker.", "stars": "1.5k"}, {"name": "Defacto2 Analyzers Archive", "url": "https://defacto2.net/f/aa2e6ec", "description": "Collection of 60 binary files analysers for MS-DOS and Windows32 from the 1990s and the 2000s."}, {"name": "Defacto2 Packers Archive", "url": "https://defacto2.net/f/a520164", "description": "Collection of 460 binary and data file packers for MS-DOS and Windows32 from the 1990s and 2000s."}, {"name": "Defacto2 Unpackers Archive", "url": "https://defacto2.net/f/a218ab4", "description": "Collection of 152 binary files unpackers for MS-DOS and Windows 32 from the 1990s and 2000s."}, {"name": "DIE", "url": "https://github.com/horsicq/DIE-engine/releases", "description": "Detect It Easy ; Program for determining types of files.", "stars": "3k"}, {"name": "DSFF", "url": "https://github.com/packing-box/python-dsff", "description": "DataSet File Format for exchanging datasets and converting to ARFF (for use with Weka), CSV or Packing-Box's dataset structure.", "stars": "3"}, {"name": "DynamoRIO", "url": "https://dynamorio.org", "description": "Runtime code manipulation system that supports code transformations on any part of a program, while it executes."}, {"name": "Emulator", "url": "https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/Using-policies-to-manage-security/preventing-and-handling-virus-and-spyware-attacks-v40739565-d49e172/how-does-the-emulator-in-symantec-endpoint-protect-v121004909-d47e230.html", "description": "Symantec Endpoint Protector (from v14) capability to create a virtual machine on the fly to identify, detonate, and eliminate malware hiding inside custom malware packers."}, {"name": "EtherUnpack", "url": "https://ether.gtisc.gatech.edu/web_unpack", "description": "Precision universal automated unpacker (successor of PolyUnpack)."}, {"name": "Eureka", "url": "https://web.archive.org/web/20150502154942/http://eureka.cyber-ta.org", "description": "Binary static analysis preparation framework implementing a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing."}, {"name": "EXEInfo-PE", "url": "https://github.com/ExeinfoASL/ASL", "description": "Fast detector for executable PE files.", "stars": "1k"}, {"name": "ExeScan", "url": "https://defacto2.net/f/ae2c42e", "description": "Executable file analyzer which detects the most famous  EXE/COM Protectors, Packers, Converters and compilers."}, {"name": "EXETools", "url": "https://forum.exetools.com", "description": "Forum for reverse engineering and executale packing related topics."}, {"name": "FUU", "url": "https://github.com/crackinglandia/fuu", "description": "Fast Universal Unpacker.", "stars": "60"}, {"name": "GetTyp", "url": "https://www.helger.com/gt/gt.htm", "description": "File format detection program for DOS based on special strings and byte code."}, {"name": "GUnpacker", "url": "https://web.archive.org/web/20220121084407/http://qunpack.ahteam.org/?p=327", "description": "Shell tool that performs OEP positioning and dumps decrypted code."}, {"name": "Gym-Malware", "url": "https://github.com/endgameinc/gym-malware", "description": "This is a malware manipulation environment for OpenAI's gym.", "stars": "632"}, {"name": "IDR", "url": "https://github.com/crypto2011/IDR", "description": "Interactive Delphi Reconstructor.", "stars": "1.1k"}, {"name": "ImpREC", "url": "https://www.aldeid.com/wiki/ImpREC", "description": "This can be used to repair the import table for packed programs."}, {"name": "Justin", "url": "https://doi.org/10.1007/978-3-540-87403-4_6", "description": "Just-In-Time AV scanning ; generic unpacking solution."}, {"name": "Language 2000", "url": "https://farrokhi.net/language", "description": "Ultimate compiler detection utility."}, {"name": "LIEF", "url": "https://github.com/lief-project/LIEF", "description": "Library to Instrument Executable Formats ; Python package for parsing PE, ELF, Mach-O and DEX formats, modifying and rebuilding executables.", "stars": "5.3k"}, {"name": "LordPE", "url": "https://www.aldeid.com/wiki/LordPE", "description": "PE header viewer, editor and rebuilder."}, {"name": "Malheur", "url": "https://github.com/rieck/malheur", "description": "Tool for the automatic analysis of malware behavior (recorded from malicious software in a sandbox environment).", "stars": "373"}, {"name": "MalUnpack", "url": "https://github.com/hasherezade/mal_unpack", "description": "Dynamic unpacker based on PE-sieve.", "stars": "793"}, {"name": "Manalyze", "url": "https://github.com/JusticeRage/Manalyze", "description": "Robust parser for PE files with a flexible plugin architecture which allows users to statically analyze files in-depth.", "stars": "1.1k"}, {"name": "MRC", "url": "https://mandiant-red-curtain.apponic.com", "description": "(Mandiant Red Curtain) Free software for Incident Responders that assists with the analysis of malware ; it examines executable files (e.g., .exe, .dll, and so on) to determine how suspicious they are based on a set of criteria."}, {"name": ".NET Deobfuscator", "url": "https://github.com/NotPrab/.NET-Deobfuscator", "description": "List of .NET Deobfuscators and Unpackers.", "stars": "1.5k"}, {"name": "NotPacked++", "url": "https://github.com/packing-box/packer-masking-tool", "description": "Attack tool for altering packed samples so that they evade static packing detection.", "stars": "22"}, {"name": "Oedipus", "url": "https://github.com/tum-i4/Oedipus", "description": "A Python framework that uses machine learning algorithms to implement the metadata recovery attack against obfuscated programs.", "stars": "11"}, {"name": "OEPdet", "url": "https://ieeexplore.ieee.org/abstract/document/7782073", "description": "Automated original-entry-point detector."}, {"name": "OllyDbg Scripts", "url": "https://github.com/xshows/ollydbg-script", "description": "Collection of OllyDbg scripts for unpacking many different packers.", "stars": "9"}, {"name": "OmniUnpack", "url": "https://doi.org/10.1109/ACSAC.2007.15", "description": "New technique for fast, generic, and safe unpacking of malware by monitoring the execution in real-time and detecting the removed layers of packing."}, {"name": "PackerAttacker", "url": "https://github.com/BromiumLabs/PackerAttacker", "description": "Tool that uses memory and code hooks to detect packers.", "stars": "274"}, {"name": "PackerBreaker", "url": "https://web.archive.org/web/20150504162711/https://www.sysreveal.com/packerbreaker-intro", "description": "Tool for helping unpack, decompress and decrypt most of the programs packed, compressed or encrypted using advanced emulation technology."}, {"name": "PackerGrind", "url": "https://github.com/rewhy/adaptiveunpacker", "description": "Adaptive unpacking tool for tracking packing bahaviors and unpacking Android packed apps.", "stars": "39"}, {"name": "PackerID", "url": "https://github.com/sooshie/packerid", "description": "Fork of packerid.py using PEid signatures and featuring additional output types, formats, digital signature extraction, and disassembly support.", "stars": "47"}, {"name": "PackID", "url": "https://github.com/mesaleh/PackiD", "description": "Packer identification multiplatform tool/library using the same database syntax as PEiD.", "stars": "10"}, {"name": "Packing-Box", "url": "https://github.com/dhondta/docker-packing-box", "description": "Docker image gathering many packing-related tools and for making datasets of packed executables for use with machine learning.", "stars": "62"}, {"name": "PANDA", "url": "https://github.com/panda-re/panda", "description": "Platform for Architecture-Neutral Dynamic Analysis.", "stars": "2.7k"}, {"name": "PANDI", "url": "https://github.com/dimitriwauters/PANDI", "description": "Dynamic packing detection solution built on top of PANDA.", "stars": "3"}, {"name": "Pandora's Bochs", "url": "https://0x0badc0.de/gitweb?p=bochs/.git", "description": "Extension to the Bochs PC eumlator to enable it to monitor execution of the unpacking stubs for extracting the original code."}, {"name": "PCjs", "url": "https://www.pcjs.org", "description": "Uses JavaScript to recreate the IBM PC experience, using original ROMs, CPUs running at their original speeds, and early IBM video cards and monitors."}, {"name": "PE Compression Test", "url": "https://web.archive.org/web/20250427032942/http://pect.atspace.com", "description": "List of packers tested on a few sample executables for comparing compressed sizes."}, {"name": "PE Detective", "url": "https://ntcore.com/?page_id=367", "description": "This GUI tool can scan single PE files or entire directories (also recursevely) and generate complete reports."}, {"name": "PE-bear", "url": "https://github.com/hasherezade/pe-bear-releases", "description": "Freeware reversing tool for PE files aimed to deliver fast and flexible \u201cfirst view\u201d for malware analysts, stable and capable to handle malformed PE files.", "stars": "781"}, {"name": "PEdump", "url": "https://pedump.me/", "description": "Dump windows PE files using Ruby."}, {"name": "Pefeats", "url": "https://github.com/roussieau/masterthesis/tree/master/src/detector/tools/pefeats", "description": "Utility for extracting 119 features from a PE file for use with machine learning algorithms.", "stars": "2"}, {"name": "Pefile", "url": "https://github.com/erocarrera/pefile", "description": "Multi-platform Python module to parse and work with Portable Executable files.", "stars": "2k"}, {"name": "PEFrame", "url": "https://github.com/guelfoweb/peframe", "description": "Tool for performing static analysis on PE malware and generic suspicious files.", "stars": "618"}, {"name": "PEiD", "url": "https://web.archive.org/web/20070529035022/https://www.secretashell.com/codomain/peid/", "description": "Packed Executable iDentifier."}, {"name": "PEiD (CLI)", "url": "https://github.com/dhondta/peid", "description": "Python implementation of PEiD featuring an additional tool for making new signatures.", "stars": "142"}, {"name": "PEiD (yara)", "url": "https://github.com/K-atc/PEiD", "description": "Yet another implementation of PEiD with yara.", "stars": "17"}, {"name": "PeLib", "url": "https://github.com/avast/pelib", "description": "PE file manipulation library.", "stars": "64"}, {"name": "PEPack", "url": "https://github.com/mentebinaria/readpe", "description": "PE file packer detection tool, part of the Unix package \"pev\".", "stars": "759"}, {"name": "PEscan", "url": "https://tzworks.com/prototype_page.php?proto_id=15", "description": "CLI tool to scan PE files to identify how they were constructed."}, {"name": "PETools", "url": "https://github.com/petoolse/petools", "description": "Old-school reverse engineering tool (with a long history since 2002) for manipulating PE files.", "stars": "1.2k"}, {"name": "PEview", "url": "http://wjradburn.com/software", "description": "Provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files."}, {"name": "PExplorer", "url": "http://www.heaventools.com/overview.htm", "description": "Most feature-packed program for inspecting the inner workings of your own software, and more importantly, third party Windows applications and libraries for which you do not have source code."}, {"name": "Pin", "url": "https://www.intel.com/content/www/us/en/developer/articles/tool/pin-a-dynamic-binary-instrumentation-tool.html", "description": "Dynamic binary instrumentation framework for the IA-32, x86-64 and MIC instruction-set architectures that enables the creation of dynamic program analysis tools."}, {"name": "PINdemonium", "url": "https://github.com/Phat3/PINdemonium", "description": "Unpacker for PE files exploiting the capabilities of PIN.", "stars": "238"}, {"name": "PolyUnpack", "url": "https://github.com/PlatonovIvan/PolyUnpack", "description": "Implemention attempt of the general approach for extracting the original hidden code of PE files without any heuristic assumptions.", "stars": "13"}, {"name": "PortEx", "url": "https://github.com/katjahahn/PortEx", "description": "Java library for static malware analysis of PE files with a focus on PE malformation robustness and anomaly detection.", "stars": "525"}, {"name": "PROTECTiON iD", "url": "https://web.archive.org/web/20210331144912/https://protectionid.net", "description": "PE file signature-based scanner."}, {"name": "ProTools", "url": "http://protools.narod.ru", "description": "Programmer's Tools, a web site dedicated for all kinds of tools and utilities for the true WinBloze programmer, including packers, crypters, etc."}, {"name": "PyPackerDetect", "url": "https://github.com/cylance/PyPackerDetect", "description": "Small Python script/library to detect whether an executable is packed.", "stars": "33"}, {"name": "PyPackerDetect (refactored)", "url": "https://github.com/dhondta/PyPackerDetect", "description": "A complete refactoring of the original project to a Python package with a console script to detect whether an executable is packed.", "stars": "27"}, {"name": "PyPeid", "url": "https://github.com/FFRI/pypeid", "description": "Yet another implementation of PEiD with yara-python.", "stars": "7"}, {"name": "Quick Unpack", "url": "https://web.archive.org/web/20220119142245/http://qunpack.ahteam.org/?p=458", "description": "Generic unpacker that facilitates the unpacking process."}, {"name": "RDG Packer Detector", "url": "https://web.archive.org/web/20220904151105/http://rdgsoft.net/", "description": "Packer detection tool."}, {"name": "Reko", "url": "https://github.com/uxmal/reko", "description": "Free decompiler for machine code binaries.", "stars": "2.5k"}, {"name": "REMINDer", "url": "https://github.com/packing-box/reminder", "description": "Packing detection tool based on the entropy value of the entry point section and the WRITE attribute.", "stars": "2"}, {"name": "REMnux", "url": "https://remnux.org", "description": "Linux toolkit for reverse-engineering and analyzing malicious software."}, {"name": "Renovo", "url": "https://dl.acm.org/doi/10.1145/1314389.1314399?tool", "description": "Detection tool built on top of TEMU (dynamic analysis component of BitBlaze) based on the execution of newly-generated code and monitoring memory writes after the program starts."}, {"name": "ResourceHacker", "url": "http://angusj.com/resourcehacker", "description": "Resource editor for 32bit and 64bit Windows applications."}, {"name": "RetDec", "url": "https://github.com/avast/retdec", "description": "Retargetable machine-code decompiler based on LLVM.", "stars": "8.5k"}, {"name": "RTD", "url": "https://www.sac.sk/download/pack/rtd_rp24.zip", "description": "Rose Patch - TinyProt/Rosetiny Unpacker."}, {"name": "RUPP", "url": "https://www.sac.sk/download/pack/rupp037.rar", "description": "ROSE SWE UnPaCKER PaCKaGE (for DOS executables only)."}, {"name": "SAFE", "url": "https://github.com/packing-box/awesome-executable-packing/blob/main/README.md/mailto:mihai@cs.wisc.edu", "description": "Static Analyzer For Executables (available on demand)."}, {"name": "SecML Malware", "url": "https://github.com/pralab/secml_malware", "description": "Create adversarial attacks against machine learning Windows malware detectors.", "stars": "242"}, {"name": "ShowStopper", "url": "https://github.com/CheckPointSW/showstopper", "description": "Tool to help malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.", "stars": "220"}, {"name": "StudPE", "url": "http://www.cgsoftlabs.ro/studpe.html", "description": "PE viewer and editor (32/64 bit)."}, {"name": "SymPack", "url": "https://www.amazon.com/Norton-AntiVirus-2007-Old-Version/dp/B000IAOIXW", "description": "Safe, portable, largely e\ufb00ective but not generic library for packing detection and unpacking ; part of the Norton Antivirus solution."}, {"name": "Titanium Platform", "url": "https://www.reversinglabs.com/products/malware-analysis-platform", "description": "Machine learning hybrid cloud platform that harvests thousands of file types at scale, speeds threat detection through machine learning binary analysis, and continuously monitors an index of over 10B files for future threats."}, {"name": "TrID", "url": "https://mark0.net/soft-trid-e.html", "description": "Utility for identifying file types from their binary signatures."}, {"name": "Triton", "url": "https://github.com/jonathansalwan/Triton", "description": "Dynamic binary analysis library.", "stars": "4k"}, {"name": "Tuts 4 You", "url": "https://tuts4you.com", "description": "Non-commercial, independent community dedicated to the sharing of knowledge and information on reverse code engineering."}, {"name": "Unipacker", "url": "https://github.com/unipacker/unipacker", "description": "Automatic and platform-independent unpacker for Windows binaries based on emulation.", "stars": "739"}, {"name": "UnpacMe", "url": "https://www.unpac.me", "description": "Automated malware unpacking service."}, {"name": "Unpckarc", "url": "https://web.archive.org/web/20191218043307/http://www.woodmann.com/crackz/Tools/", "description": "Packed executables detection tool relying on several heuristics."}, {"name": "UU", "url": "https://www.sac.sk/download/pack/uu215e.exe", "description": "Universal Unpacker."}, {"name": "Uundo", "url": "https://www.sac.sk/download/pack/uundo.zip", "description": "Universal Undo - Universal Unpacker."}, {"name": "Uunp (IDA Pro plugin)", "url": "https://www.hex-rays.com/blog/unpacking-mpressed-pe-dlls-with-the-bochs-plugin/", "description": "IDA Pro debugger plug-in module automating the analysis and unpacking of packed binaries."}, {"name": "UUP", "url": "https://www.sac.sk/download/pack/uup14.zip", "description": "Universal exe-file UnPacker."}, {"name": "VMHunt", "url": "https://github.com/s3team/VMHunt", "description": "Set of tools for analyzing virtualized binary code ; now only supports 32 bit traces.", "stars": "177"}, {"name": "VMUnpacker", "url": "https://web.archive.org/web/20241106123938/https://www.leechermods.com/2010/01/vmunpacker-16-latest-version.html", "description": "Unpacker based on the technology of virtual machine."}, {"name": "Winbindex", "url": "https://github.com/m417z/winbindex", "description": "An index of Windows binaries, including download links for executables such as EXE, DLL and SYS files.", "stars": "756"}, {"name": "yarGen", "url": "https://github.com/Neo23x0/yarGen", "description": "Generator for YARA rules - The main principle is the creation of yara rules from strings found in malware files while removing all strings that also appear in goodware files.", "stars": "1.8k"}], "notes": []}], "total_entries": 342}, {"name": "Keycloak", "subcategories": [{"name": "Keycloak", "entries": [{"name": "Awesome Keycloak", "url": "#awesome-keycloak-", "description": ""}, {"name": "Contributing", "url": "#contributing", "description": ""}, {"name": "Contents", "url": "#contents", "description": ""}, {"name": "General", "url": "#general", "description": ""}, {"name": "License", "url": "#license", "description": ""}, {"name": "Keycloak Website", "url": "http://www.keycloak.org/", "description": ""}, {"name": "Current Documentation", "url": "http://www.keycloak.org/documentation.html", "description": ""}, {"name": "Archived Documentation", "url": "http://www.keycloak.org/documentation-archive.html", "description": ""}, {"name": "Product Documentation for Red Hat Single Sign-On", "url": "https://access.redhat.com/documentation/en/red-hat-single-sign-on/", "description": ""}, {"name": "Keycloak Users Google Group", "url": "https://groups.google.com/forum/#!forum/keycloak-user", "description": ""}, {"name": "Keycloak Developers Google Group", "url": "https://groups.google.com/forum/#!forum/keycloak-dev", "description": ""}, {"name": "Keycloak Discourse Group", "url": "https://keycloak.discourse.group/", "description": ""}, {"name": "Inactive - Keycloak Developer Chat", "url": "https://keycloak.zulipchat.com", "description": ""}, {"name": "Inactive - User Mailing List", "url": "https://lists.jboss.org/mailman/listinfo/keycloak-user", "description": ""}, {"name": "Inactive - Developer Mailing List", "url": "https://lists.jboss.org/mailman/listinfo/keycloak-dev", "description": ""}, {"name": "Mailing List Search", "url": "http://www.keycloak.org/search", "description": ""}, {"name": "Keycloak Subreddit", "url": "https://www.reddit.com/r/keycloak", "description": ""}, {"name": "GitHub Discussions", "url": "https://github.com/keycloak/keycloak/discussions", "description": "", "stars": "33k"}, {"name": "CNCF Slack", "url": "https://slack.cncf.io/", "description": ""}, {"name": "Keycloak OAuth SIG", "url": "https://github.com/keycloak/kc-sig-fapi", "description": "", "stars": "96"}, {"name": "Keycloak SRE SIG", "url": "https://github.com/keycloak/keycloak-sre-sig", "description": "", "stars": "31"}, {"name": "Keycloak - Identity and Access Management for Modern Applications", "url": "https://www.packtpub.com/product/keycloak-identity-and-access-management-for-modern-applications/9781800562493", "description": ""}, {"name": "Keycloak - Identity and Access Management for Modern Applications - Second Edition", "url": "https://www.packtpub.com/product/keycloak-identity-and-access-management-for-modern-applications-second-edition/9781804616444", "description": ""}, {"name": "How to get Keycloak working with Docker", "url": "https://www.ivonet.nl/2015/05/23/Keycloak-Docker/", "description": ""}, {"name": "Single-Sign-On for Microservices and/or Java EE applications with Keycloak SSO", "url": "http://www.n-k.de/2016/06/keycloak-sso-for-microservices.html", "description": ""}, {"name": "Keycloak Admin Client(s) - multiple ways to manage your SSO system", "url": "http://www.n-k.de/2016/08/keycloak-admin-client.html", "description": ""}, {"name": "How to get the AccessToken of Keycloak in Spring Boot and/or Java EE", "url": "http://www.n-k.de/2016/05/how-to-get-accesstoken-from-keycloak-springboot-javaee.html", "description": ""}, {"name": "JWT authentication with Vert.x, Keycloak and Angular 2", "url": "http://paulbakker.io/java/jwt-keycloak-angular2/", "description": ""}, {"name": "Authenticating via Kerberos with Keycloak and Windows 2008 Active Directory", "url": "http://matthewcasperson.blogspot.de/2015/07/authenticating-via-kerberos-with.html", "description": ""}, {"name": "Deploying Keycloak with Ansible", "url": "https://adam.younglogic.com/2016/01/deploying-keycloak-via-ansible/", "description": ""}, {"name": "Easily secure your Spring Boot applications with Keycloak", "url": "https://developers.redhat.com/blog/2017/05/25/easily-secure-your-spring-boot-applications-with-keycloak/", "description": ""}, {"name": "How Red Hat re-designed its Single Sign On (SSO) architecture, and why", "url": "https://developers.redhat.com/blog/2016/10/04/how-red-hat-re-designed-its-single-sign-on-sso-architecture-and-why/", "description": ""}, {"name": "OAuth2, JWT, Open-ID Connect and other confusing things", "url": "http://giallone.blogspot.de/2017/06/oath2.html", "description": ""}, {"name": "X509 Authentication with Keycloak and JBoss Fuse", "url": "https://sjhiggs.github.io/fuse/sso/x509/smartcard/2017/03/29/fuse-hawtio-keycloak.html", "description": ""}, {"name": "Running Keycloak on OpenShift 3", "url": "https://medium.com/@sbose78/running-keycloak-on-openshift-3-8d195c0daaf6", "description": ""}, {"name": "Introducing Keycloak for Identity and Access Management", "url": "https://www.thomasvitale.com/introducing-keycloak-identity-access-management/", "description": ""}, {"name": "Keycloak Basic Configuration for Authentication and Authorisation", "url": "https://www.thomasvitale.com/keycloak-configuration-authentication-authorisation/", "description": ""}, {"name": "Keycloak on OpenShift Origin", "url": "https://medium.com/@james_devcomb/keycloak-on-openshift-origin-ee81d01dac97", "description": ""}, {"name": "Identity Management, One-Time-Passwords and Two-Factor-Auth with Spring Boot and Keycloak", "url": "http://www.hascode.com/2017/11/identity-management-one-time-passwords-and-two-factor-auth-with-spring-boot-and-keycloak/", "description": ""}, {"name": "Keycloak Identity Brokering with Openshift", "url": "https://developers.redhat.com/blog/2017/12/06/keycloak-identity-brokering-openshift/", "description": ""}, {"name": "OpenID Connect Identity Brokering with Red Hat Single Sign-On", "url": "https://developers.redhat.com/blog/2017/10/18/openid-connect-identity-brokering-red-hat-single-sign/", "description": ""}, {"name": "Authentication & user management is hard", "url": "https://eclipsesource.com/blogs/2018/01/11/authenticating-reverse-proxy-with-keycloak/", "description": ""}, {"name": "Securing Nginx with Keycloak", "url": "https://edhull.co.uk/blog/2018-06-06/keycloak-nginx", "description": ""}, {"name": "Secure kibana dashboards using keycloak", "url": "https://aboullaite.me/secure-kibana-keycloak/", "description": ""}, {"name": "Configuring NGINX for OAuth/OpenID Connect SSO with Keycloak/Red Hat SSO", "url": "https://developers.redhat.com/blog/2018/10/08/configuring-nginx-keycloak-oauth-oidc/", "description": ""}, {"name": "Keycloak Clustering Setup and Configuration Examples", "url": "https://github.com/fit2anything/keycloak-cluster-setup-and-configuration", "description": "", "stars": "50"}, {"name": "MicroProfile JWT with Keycloak", "url": "https://kodnito.com/posts/microprofile-jwt-with-keycloak/", "description": ""}, {"name": "Keycloak Essentials", "url": "https://medium.com/keycloak/keycloak-essentials-86254b2f1872", "description": ""}, {"name": "SSO-session failover with Keycloak and AWS S3", "url": "https://medium.com/@georgijsr/sso-session-failover-with-keycloak-and-aws-s3-e0b1db985e12", "description": ""}, {"name": "KTOR and Keycloak: authentication with OpenId", "url": "https://medium.com/slickteam/ktor-and-keycloak-authentication-with-openid-ecd415d7a62e", "description": ""}, {"name": "Keycloak: Core concepts of open source identity and access management", "url": "https://developers.redhat.com/blog/2019/12/11/keycloak-core-concepts-of-open-source-identity-and-access-management", "description": ""}, {"name": "Writing Keycloak Extensions: Key Concepts and Anti-Patterns", "url": "https://www.zone2.tech/blog/writing-keycloak-extensions-key-concepts-and-anti-patterns", "description": ""}, {"name": "Who am I? Keycloak Impersonation API", "url": "https://blog.softwaremill.com/who-am-i-keycloak-impersonation-api-bfe7acaf051a", "description": ""}, {"name": "Setup Keycloak Server on Ubuntu 18.04", "url": "https://medium.com/@hasnat.saeed/setup-keycloak-server-on-ubuntu-18-04-ed8c7c79a2d9", "description": ""}, {"name": "Getting started with Keycloak", "url": "https://rob-ferguson.me/getting-started-with-keycloak/", "description": ""}, {"name": "Angular, OpenID Connect and Keycloak", "url": "https://rob-ferguson.me/angular-openid-connect-keycloak/", "description": ""}, {"name": "Angular, OAuth 2.0 Scopes and Keycloak", "url": "https://rob-ferguson.me/angular-oauth2-keycloak/", "description": ""}, {"name": "Keycloak, Flowable and OpenLDAP", "url": "https://rob-ferguson.me/keycloak-flowable-and-openldap/", "description": ""}, {"name": "How to exchange token from an external provider to a keycloak token", "url": "https://www.mathieupassenaud.fr/token-exchange-keycloak/", "description": ""}, {"name": "How to Setup Role Based Access Control (RBAC) with Keycloak", "url": "https://www.permit.io/blog/implementing-dynamic-keycloak-rbac-with-permitio", "description": ""}, {"name": "Building an Event Listener SPI (Plugin) for Keycloak", "url": "https://dev.to/adwaitthattey/building-an-event-listener-spi-plugin-for-keycloak-2044", "description": ""}, {"name": "Keycloak user migration \u2013 connect your legacy authentication system to Keycloak", "url": "https://codesoapbox.dev/keycloak-user-migration/", "description": ""}, {"name": "Keycloak Authentication and Authorization in GraphQL", "url": "https://medium.com/@darahayes/keycloak-authentication-and-authorization-in-graphql-ad0a1685f7da", "description": ""}, {"name": "Kong / Konga / Keycloak: securing API through OIDC", "url": "https://github.com/d4rkstar/kong-konga-keycloak", "description": "", "stars": "298"}, {"name": "KeyCloak: Custom Login theme", "url": "https://codehumsafar.wordpress.com/2018/09/11/keycloak-custom-login-theme/", "description": ""}, {"name": "Keycloak: Use background color instead of background image in Custom Login theme", "url": "https://codehumsafar.wordpress.com/2018/09/21/keycloak-use-background-color-instead-of-background-image-in-custom-login-theme/", "description": ""}, {"name": "How to turn off the Keycloak theme cache", "url": "https://keycloakthemes.com/blog/how-to-turn-off-the-keycloak-theme-cache", "description": ""}, {"name": "How to add a custom field to the Keycloak registration page", "url": "https://keycloakthemes.com/blog/how-to-add-custom-field-keycloak-registration-page", "description": ""}, {"name": "How to setup Sign in with Google using Keycloak", "url": "https://keycloakthemes.com/blog/how-to-setup-sign-in-with-google-using-keycloak", "description": ""}, {"name": "How to sign in users on Keycloak using Github", "url": "https://keycloakthemes.com/blog/how-to-sign-in-users-on-keycloak-using-github", "description": ""}, {"name": "Extending Keycloak SSO Capabilities with IBM Security Verify", "url": "https://community.ibm.com/community/user/security/blogs/jason-choi1/2020/06/10/extending-keycloak-sso-capabilities-with-ibm-secur", "description": ""}, {"name": "AWS SAML based User Federation using Keycloak", "url": "https://medium.com/@karanbir.tech/aws-connect-saml-based-identity-provider-using-keycloak-9b3e6d0111e6", "description": ""}, {"name": "AWS user account OpenID federation using Keycloak", "url": "https://medium.com/@karanbir.tech/aws-account-openid-federation-using-keycloak-40d22b952a43", "description": ""}, {"name": "How to Run Keycloak in HA on Kubernetes", "url": "https://blog.sighup.io/keycloak-ha-on-kubernetes/", "description": ""}, {"name": "How to create a Keycloak authenticator as a microservice?", "url": "https://medium.com/application-security/how-to-create-a-keycloak-authenticator-as-a-microservice-ad332e287b58", "description": ""}, {"name": "keycloak.ch | Installing & Running Keycloak", "url": "https://keycloak.ch/keycloak-tutorials/tutorial-1-installing-and-running-keycloak/", "description": ""}, {"name": "keycloak.ch | Configuring Token Exchange using the CLI", "url": "https://keycloak.ch/keycloak-tutorials/tutorial-token-exchange/", "description": ""}, {"name": "keycloak.ch | Configuring WebAuthn", "url": "https://keycloak.ch/keycloak-tutorials/tutorial-webauthn/", "description": ""}, {"name": "keycloak.ch | Configuring a SwissID integration", "url": "https://keycloak.ch/keycloak-tutorials/tutorial-swissid/", "description": ""}, {"name": "Getting Started with Service Accounts in Keycloak", "url": "https://medium.com/@mihirrajdixit/getting-started-with-service-accounts-in-keycloak-c8f6798a0675", "description": ""}, {"name": "Building cloud native apps: Identity and Access Management", "url": "https://dev.to/lukaszbudnik/building-cloud-native-apps-identity-and-access-management-1e5m", "description": ""}, {"name": "X.509 user certificate authentication with Red Hat\u2019s single sign-on technology", "url": "https://developers.redhat.com/blog/2021/02/19/x-509-user-certificate-authentication-with-red-hats-single-sign-on-technology", "description": ""}, {"name": "Grafana OAuth with Keycloak and how to validate a JWT token", "url": "https://janikvonrotz.ch/2020/08/27/grafana-oauth-with-keycloak-and-how-to-validate-a-jwt-token/", "description": ""}, {"name": "How to setup a Keycloak server with external MySQL database on AWS ECS Fargate in clustered mode", "url": "https://jbjerksetmyr.medium.com/how-to-setup-a-keycloak-server-with-external-mysql-database-on-aws-ecs-fargate-in-clustered-mode-9775d01cd317", "description": ""}, {"name": "Extending Keycloak: adding API key authentication", "url": "http://www.zakariaamine.com/2019-06-14/extending-keycloak", "description": ""}, {"name": "Extending Keycloak: using a custom email sender", "url": "http://www.zakariaamine.com/2019-07-14/extending-keycloak2", "description": ""}, {"name": "Integrating Keycloak and OPA with Confluent", "url": "https://goraft.tech/2021/03/17/integrating-keycloak-and-opa-with-confluent.html", "description": ""}, {"name": "UMA 2.0 : User Managed Access - how to use it with bash", "url": "https://blog.please-open.it/uma/", "description": ""}, {"name": "Setting Up A Keycloak Server For Authenticating To FileMaker", "url": "https://soundsessential.medium.com/setting-up-a-keycloak-server-for-authenticating-to-filemaker-introduction-bfe8bba7a8b2", "description": ""}, {"name": "How to Make Keycloak Start Up Faster When There Are a Lot of Offline Sessions", "url": "https://medium.com/swlh/how-to-make-keycloak-start-up-faster-when-there-are-a-lot-of-offline-sessions-78ee49a907cb", "description": ""}, {"name": "Using Coder to Develop Keycloak Templates Live (almost)", "url": "https://dev.to/m8a-io/m8a-scenario-1-using-coder-to-develop-keycloak-templates-live-almost-26e2", "description": ""}, {"name": "Keycloak Passkeys tutorial", "url": "https://keycloak.ch/keycloak-tutorials/tutorial-passkey/", "description": ""}, {"name": "Keycloak as Authorization Server in .NET", "url": "https://nikiforovall.github.io/dotnet/keycloak/2022/12/28/keycloak-authorization-server.html", "description": ""}, {"name": "How to use Let's Encrypt certificates with Keycloak", "url": "https://kaeruct.github.io/posts/how-to-use-lets-encrypt-certificates-with-keycloak.html", "description": ""}, {"name": "Keycloak Multi-Tenancy and the Pulumi Automation API: Part 1", "url": "https://www.zone2.tech/blog/keycloak-multi-tenancy-and-the-pulumi-automation-api-part-1", "description": ""}, {"name": "Instant User Management, SSO, and Secure Pages for ReactJS", "url": "https://dev.to/phasetwo/instant-user-management-sso-and-secure-pages-for-reactjs-with-keycloak-4hej", "description": ""}, {"name": "Securing a Next.js Application with Keycloak", "url": "https://dev.to/phasetwo/securing-a-nextjs-application-with-keycloak-gm3", "description": ""}, {"name": "Django Web Authentication with Keycloak", "url": "https://dev.to/phasetwo/django-web-authentication-with-keycloak-3hl2", "description": ""}, {"name": "Keycloak Workshop for Step Up with MFA Biometrics Authentication (Passkeys) and Passwordless experience with Passkey autofill", "url": "https://embesozzi.medium.com/keycloak-workshop-for-step-up-with-mfa-biometrics-authentication-passkeys-b7020ea9ae1b", "description": ""}, {"name": "Migration from Spring Authorization Server to Keycloak Series' Articles", "url": "https://dev.to/mohammedalics/series/26952", "description": ""}, {"name": "Building Scalable Multi-Tenancy Authentication and Authorization using Open Standards and Open-Source Software", "url": "https://embesozzi.medium.com/building-scalable-multi-tenancy-authentication-and-authorization-using-open-standards-and-7341fcd87b64", "description": ""}, {"name": "Integrating LinkedIn with Keycloak", "url": "https://dev.to/aws-builders/enriching-keycloak-with-linkedin-vanityname-headline-profile-picture-via-custom-spi-g40", "description": ""}, {"name": "Authenticating MCP OAuth Clients With SPIFFE and SPIRE", "url": "https://blog.christianposta.com/authenticating-mcp-oauth-clients-with-spiffe/", "description": ""}, {"name": "Keycloak User Federation with LDAP and Active Directory", "url": "https://www.iamdevbox.com/posts/keycloak-user-federation-with-ldap-and-active-directory/", "description": ""}, {"name": "JDD2015 - Keycloak Open Source Identity and Access Management Solution", "url": "https://www.youtube.com/watch?v=TuEkj25lbd0", "description": ""}, {"name": "2015 Using Tomcat and Keycloak in an iFrame", "url": "https://www.youtube.com/watch?v=nF_lw7uIxao", "description": ""}, {"name": "2016 You've Got Microservices Now Secure Them", "url": "https://www.youtube.com/watch?v=SfVhqf-rMQY", "description": ""}, {"name": "2016 Keycloak: Open Source Single Sign On - Sebastian Rose - AOE conf (german)", "url": "https://www.youtube.com/watch?v=wbKw0Bwyne4", "description": ""}, {"name": "2016 S\u00e9curiser ses applications back et front facilement avec Keycloak (french)", "url": "https://www.youtube.com/watch?v=bVidgluUcg0", "description": ""}, {"name": "2016 Keycloak and Red Hat Mobile Application Platform", "url": "https://www.youtube.com/watch?v=4NBgiHM5aOA", "description": ""}, {"name": "2016 Easily secure your Front and back applications with KeyCloak", "url": "https://www.youtube.com/watch?v=RGp4HUKikts", "description": ""}, {"name": "2017 Easily secure your Spring Boot applications with Keycloak - Part 1", "url": "https://developers.redhat.com/video/youtube/vpgRTPFDHAw/", "description": ""}, {"name": "2017 Easily secure your Spring Boot applications with Keycloak - Part 2", "url": "https://developers.redhat.com/video/youtube/O5ePCWON08Y/", "description": ""}, {"name": "2018 How to secure your Spring Apps with Keycloak by Thomas Darimont @ Spring I/O 2018", "url": "https://www.youtube.com/watch?v=haHFoeWUj0w", "description": ""}, {"name": "2018 DevNation Live | A Deep Dive into Keycloak", "url": "https://www.youtube.com/watch?v=ZxpY_zZ52kU", "description": ""}, {"name": "2018 IDM Europe: WSO2 Identity Server vs. Keycloak (Dmitry Kann)", "url": "https://www.youtube.com/watch?v=hnjBiGsEDoU", "description": ""}, {"name": "2018 JPrime|Building an effective identity and access management architecture with Keycloak (Sebastien Blanc)", "url": "https://www.youtube.com/watch?v=bMqcGkCvUVQ", "description": ""}, {"name": "2018 WJAX| Sichere Spring-Anwendungen mit Keycloak", "url": "https://www.youtube.com/watch?v=6Z490EMcafs", "description": ""}, {"name": "2019 Spring I/O | Secure your Spring Apps with Keycloak", "url": "https://www.youtube.com/watch?v=KrOd5wIkqls", "description": ""}, {"name": "2019 DevoxxFR | Maitriser sa gestion de l'identit\u00e9 avec Keycloak (L. Benoit, T. Recloux, S. Blanc)", "url": "https://www.youtube.com/watch?v=0cziL__0-K8", "description": ""}, {"name": "2019 DevConf | Fine - Grained Authorization with Keycloak SSO (Marek Posolda)", "url": "https://www.youtube.com/watch?v=yosg4St0iUw", "description": ""}, {"name": "2019 VoxxedDays Minsk | Bilding an effective identity and access management architecture with Keycloak (Sebastien Blanc)", "url": "https://www.youtube.com/watch?v=RupQWmYhrLA", "description": ""}, {"name": "2019 Single-Sign-On Authentifizierung mit dem Keycloak Identity Provider | jambit CoffeeTalk", "url": "https://www.youtube.com/watch?v=dnY6ORaFNY8", "description": ""}, {"name": "2020 Keycloak Team | Keycloak Pitch", "url": "https://www.youtube.com/watch?v=GZTN_VXjoQw", "description": ""}, {"name": "2020 Keycloak Team | Keycloak Overview", "url": "https://www.youtube.com/watch?v=duawSV69LDI", "description": ""}, {"name": "2020 Please-open.it : oauth2 dans le monde des ops (french)", "url": "https://www.youtube.com/watch?v=S-9X50QajmY", "description": ""}, {"name": "2022 Secure digital transformation via keycloak's FAPI - DevConf.cz Mini | June 2022", "url": "https://www.youtube.com/watch?v=Ao15PH2BAw0", "description": ""}, {"name": "Example how to configure Keycloak fine grained admin permissions", "url": "https://www.youtube.com/watch?v=ZrWH9nuumbg", "description": ""}, {"name": "2025 FrosCon |\u00a0Delegate authentication and a lot more to Keycloak with OpenID Connect, Alexander Schwartz", "url": "https://media.ccc.de/v/froscon2025-3237-delegate_authentication_and_a_lot_more_to_keycloak_with_openid_connect", "description": ""}, {"name": "Keycloak IGA (Keycloak fork)", "url": "https://github.com/tide-foundation/keycloak-IGA", "description": "", "stars": "12"}, {"name": "Keycloak 101", "url": "https://stevenolen.github.io/kc101-talk/#1", "description": ""}, {"name": "Keycloak Identity and Access Management by \u0141ukasz Budnik", "url": "https://www.youtube.com/playlist?list=PLPZal7ksxNs0mgScrJxrggEayV-TPZ9sA", "description": ""}, {"name": "Keycloak by Niko K\u00f6bler", "url": "https://www.youtube.com/playlist?list=PLNn3plN7ZiaowUvKzKiJjYfWpp86u98iY", "description": ""}, {"name": "Keycloak Playlist by hexaDefence", "url": "https://youtu.be/35bflT_zxXA", "description": ""}, {"name": "Keycloak Tutorial Series by CodeLens", "url": "https://www.youtube.com/watch?v=Lr9WeIMtFow\\&list=PLeGNmkzI56BTjRxNGxUhh4k30FD_gy0pC", "description": ""}, {"name": "KeycloakDevDay 2024 by dasniko", "url": "https://www.youtube.com/watch?v=lQH-yNrF_As\\&list=PLNn3plN7ZiaqXjiDSB1KDaF3bCDuQmDgw", "description": ""}, {"name": "Official Keycloak Node.js Admin Client", "url": "https://github.com/keycloak/keycloak-admin-client/", "description": ""}, {"name": "Keycloak Node.js TypeScript Admin Client by Canner", "url": "https://github.com/Canner/keycloak-admin/", "description": "", "stars": "605"}, {"name": "Keycloak Go Client by Cloudtrust", "url": "https://github.com/cloudtrust/keycloak-client", "description": "", "stars": "25"}, {"name": "Keycloak Nest.js Admin Client by Relevant Fruit", "url": "https://github.com/relevantfruit/nestjs-keycloak-admin", "description": "", "stars": "192"}, {"name": "Keycloak Mock Library", "url": "https://github.com/TNG/keycloak-mock", "description": "", "stars": "133"}, {"name": ".NET / C# Keycloak.RestApiClient", "url": "https://github.com/fschick/Keycloak.RestApiClient", "description": "", "stars": "86"}, {"name": "ACKC: Python API Client for Keycloak", "url": "https://github.com/acie-io/ackc", "description": "", "stars": "0"}, {"name": "Keycloak Extensions List", "url": "https://www.keycloak.org/extensions.html", "description": ""}, {"name": "Keycloak Benchmark Project", "url": "https://github.com/keycloak/keycloak-benchmark", "description": "", "stars": "169"}, {"name": "Keycloak: Link IdP Login with User Provider", "url": "https://github.com/ohioit/keycloak-link-idp-with-user", "description": "", "stars": "25"}, {"name": "Client Owner Manager: Control who can edit a client", "url": "https://github.com/cyclone-project/cyclone-client-registration", "description": "", "stars": "6"}, {"name": "Keyloak Proxy written in Go", "url": "https://github.com/gambol99/keycloak-proxy", "description": "", "stars": "949"}, {"name": "Script based ProtocolMapper extension for SAML", "url": "https://github.com/cloudtrust/keycloak-client-mappers", "description": "", "stars": "8"}, {"name": "Realm export REST resource by Cloudtrust", "url": "https://github.com/cloudtrust/keycloak-export", "description": "", "stars": "51"}, {"name": "Keycloak JDBC Ping Setup by moremagic", "url": "https://github.com/moremagic/keycloak-jdbc-ping", "description": "", "stars": "12"}, {"name": "SMS 2 Factor Authentication for Keycloak via AWS SNS", "url": "https://github.com/nickpack/keycloak-sms-authenticator-sns", "description": "", "stars": "72"}, {"name": "SMS 2 Factor Authentiation for Keycloak via SMS by Alliander", "url": "https://github.com/Alliander/keycloak-sms-authenticator", "description": ""}, {"name": "Identity Provider for vk.com", "url": "https://github.com/mrk08/keycloak-vk", "description": ""}, {"name": "CAS Protocol Support", "url": "https://github.com/Doccrazy/keycloak-protocol-cas", "description": "", "stars": "67"}, {"name": "WS-FED Support", "url": "https://github.com/cloudtrust/keycloak-wsfed", "description": "", "stars": "38"}, {"name": "Keycloak Discord Support", "url": "https://github.com/wadahiro/keycloak-discord", "description": "", "stars": "159"}, {"name": "Keycloak Login with User Attribute", "url": "https://github.com/cnieg/keycloak-login-attribute", "description": "", "stars": "48"}, {"name": "zonaut/keycloak-extensions", "url": "https://github.com/zonaut/keycloak-extensions", "description": "", "stars": "228"}, {"name": "leroyguillaume/keycloak-bcrypt", "url": "https://github.com/leroyguillaume/keycloak-bcrypt", "description": "", "stars": "164"}, {"name": "SPI Authenticator in Nodejs", "url": "https://www.npmjs.com/package/keycloak-rest-authenticator", "description": ""}, {"name": "Have I Been Pwned? Keycloak Password Policy", "url": "https://github.com/alexashley/keycloak-password-policy-have-i-been-pwned", "description": "", "stars": "23"}, {"name": "Keycloak Eventlistener for Google Cloud Pub Sub", "url": "https://github.com/acesso-io/keycloak-event-listener-gcpubsub", "description": ""}, {"name": "Enforcing Password policy based on attributes of User Groups", "url": "https://github.com/sayedcsekuet/keycloak-user-group-based-password-policy", "description": "", "stars": "9"}, {"name": "Verify Email with Link or Code by hokumski", "url": "https://github.com/hokumski/keycloak-verifyemailwithcode", "description": "", "stars": "9"}, {"name": "Role-based Docker registry authentication", "url": "https://github.com/lifs-tools/keycloak-docker-role-mapper", "description": "", "stars": "12"}, {"name": "SCIM for keycloak", "url": "https://github.com/Captain-P-Goldfish/scim-for-keycloak", "description": "", "stars": "204"}, {"name": "Keycloak Kafka Module", "url": "https://github.com/SnuK87/keycloak-kafka", "description": "", "stars": "134"}, {"name": "Useful Keycloak EventListenerProvider implementations and utilities", "url": "https://github.com/p2-inc/keycloak-events", "description": "", "stars": "286"}, {"name": "Keycloak: Home IdP Discovery extension", "url": "https://github.com/sventorben/keycloak-home-idp-discovery", "description": "", "stars": "328"}, {"name": "Keycloak Metrics SPI", "url": "https://github.com/aerogear/keycloak-metrics-spi", "description": "", "stars": "616"}, {"name": "Organizations for Keycloak by Phase Two", "url": "https://github.com/p2-inc/keycloak-orgs", "description": "", "stars": "522"}, {"name": "Flexible IdP mapper for OIDC and SAML providers", "url": "https://github.com/LucaFilipozzi/keycloak-regex-mapper", "description": "", "stars": "20"}, {"name": "2FA with Code sent via Email", "url": "https://github.com/mesutpiskin/keycloak-2fa-email-authenticator", "description": "", "stars": "262"}, {"name": "Admin Portal for User and Organization management by Phase Two", "url": "https://github.com/p2-inc/phasetwo-admin-portal", "description": "", "stars": "31"}, {"name": "MagicLink Authenticator by Phase Two", "url": "https://github.com/p2-inc/keycloak-magic-link", "description": "", "stars": "388"}, {"name": "Keycloak Metrics based on Micrometer", "url": "https://github.com/kokuwaio/keycloak-event-metrics", "description": "", "stars": "40"}, {"name": "softwarefactory-project/keycloak-filter-provider-users", "url": "https://github.com/softwarefactory-project/keycloak-filter-provider-users", "description": "", "stars": "9"}, {"name": "rciam/keycloak-group-management", "url": "https://github.com/rciam/keycloak-group-management", "description": "", "stars": "19"}, {"name": "embesozzi/keycloak-webauthn-conditional-mediation WebAuthn Support for Passkeys", "url": "https://github.com/embesozzi/keycloak-webauthn-conditional-mediation", "description": "", "stars": "27"}, {"name": "Email Notifications when login from a new IP and Login History", "url": "https://github.com/eliskachylikova/keycloak-extensions", "description": "", "stars": "8"}, {"name": "Keycloak Authenticator for Duo's Universal Prompt", "url": "https://github.com/instipod/DuoUniversalKeycloakAuthenticator", "description": "", "stars": "60"}, {"name": "Keycloak extension for creating multi-tenant IAM for B2B SaaS applications", "url": "https://github.com/anarsultanov/keycloak-multi-tenancy", "description": "", "stars": "168"}, {"name": "OpenID Connect for Identity Assurance (OIDC4IDA) on Keycloak", "url": "https://github.com/Bredstone/Keycloak-Extension-OIDC4IDA", "description": "", "stars": "3"}, {"name": "Keycloak Testcontainer for Node.js", "url": "https://github.com/slemke/keycloak-testcontainer", "description": "", "stars": "4"}, {"name": "Keycloak GDPR Event Logger", "url": "https://github.com/slemke/keycloak-gdpr-event-logger", "description": "", "stars": "8"}, {"name": "Keycloak Backup Email Required Action", "url": "https://github.com/slemke/keycloak-backup-email", "description": "", "stars": "0"}, {"name": "Keycloak Terms Authenticator: Require Terms and Conditions on every login", "url": "https://github.com/slemke/keycloak-terms-authenticator", "description": "", "stars": "0"}, {"name": "Keycloak Adaptive Authentication Extension by @mabartos", "url": "https://github.com/mabartos/keycloak-adaptive-authn", "description": "", "stars": "64"}, {"name": "Keycloak GraphQL API by @blevine", "url": "https://github.com/blevine/keycloak-graphql", "description": "", "stars": "11"}, {"name": "Keycloak SCIM Federation Support", "url": "https://lab.libreho.st/libre.sh/scim/keycloak-scim", "description": ""}, {"name": "Keycloak Trusted Device Support by @wouterh-dev", "url": "https://github.com/wouterh-dev/keycloak-spi-trusted-device", "description": "", "stars": "52"}, {"name": "Keycloak MFA Plugins by @netzbegruenung", "url": "https://github.com/netzbegruenung/keycloak-mfa-plugins", "description": "", "stars": "252"}, {"name": "Keycloak OpenFGA Event Publisher by @embesozzi", "url": "https://github.com/embesozzi/keycloak-openfga-event-publisher", "description": "", "stars": "51"}, {"name": "JavaScript LDAP\\_ID ScriptMapper by @netzbegruenung", "url": "https://github.com/netzbegruenung/keycloak-scriptmapper-ldap-id", "description": "", "stars": "2"}, {"name": "evosec/keycloak-ipaddress-authenticator", "url": "https://github.com/evosec/keycloak-ipaddress-authenticator", "description": "", "stars": "48"}, {"name": "Identity provider for German eID L21s/keycloak-eid-identity-provider", "url": "https://github.com/L21s/keycloak-eid-identity-provider/tree/main", "description": "", "stars": "6"}, {"name": "Identity provider for German eID governikus/keycloak-eid-identity-provider", "url": "https://gitlab.opencode.de/governikus/keycloak-eid-identity-provider", "description": ""}, {"name": "ALTCHA Captcha Extension for Keycloak", "url": "https://git.lacontrevoie.fr/lacontrevoie/keycloak-altcha", "description": ""}, {"name": "Keycloak Webhooks from vymalo/keycloak-webhook", "url": "https://github.com/vymalo/keycloak-webhook", "description": "", "stars": "100"}, {"name": "Notification on Impersonation SebastEnn/impersonation-notification", "url": "https://github.com/SebastEnn/impersonation-notification", "description": "", "stars": "4"}, {"name": "SPIFFE SVID Client Authenticator for Keycloak", "url": "https://github.com/christian-posta/spiffe-svid-client-authenticator", "description": "", "stars": "5"}, {"name": "(Send) Email on user creation", "url": "https://github.com/stfc/keycloak-email-on-user-creation", "description": "", "stars": "5"}, {"name": "Keycloak Custom Modules for SRG hardening", "url": "https://github.com/mitre/keycloak-custom-policies", "description": "", "stars": "4"}, {"name": "tidecloak (Keycloak fork)", "url": "https://tide.org/tidecloak", "description": ""}, {"name": "Keycloak reCAPTCHA Password Defense", "url": "https://github.com/califio/keycloak-recaptcha-password-defense", "description": "", "stars": "13"}, {"name": "Keycloak Custom Attribute IDP Linking", "url": "https://github.com/sd-f/keycloak-custom-attribute-idp-linking", "description": "", "stars": "34"}, {"name": "KETE - Event forwarding", "url": "https://fortunen.github.io/kete", "description": ""}, {"name": "Keycloak Cookieless IDP Extension", "url": "https://github.com/dominikschlosser/keycloak-cookieless-idp-extension", "description": "", "stars": "1"}, {"name": "Pin Code Authenticator for Keycloak ACR/LOA", "url": "https://github.com/ldesroch/keycloak-pin-code-authenticator", "description": "", "stars": "0"}, {"name": "Keycloak-GeoAware is an extension for Keycloak that integrates geolocation and device monitoring", "url": "https://b2-code.github.io/Keycloak-GeoAware/", "description": ""}, {"name": "Keycloak HTTP/MQTT/CoAP IoT Brokers Adapter", "url": "https://github.com/authbroker/authbroker", "description": "", "stars": "8"}, {"name": "Official Keycloak Node.js Connect Adapter", "url": "https://github.com/keycloak/keycloak-nodejs-connect", "description": "", "stars": "735"}, {"name": "Keycloak support for Aurelia", "url": "https://github.com/waynepennington/aurelia-keycloak", "description": "", "stars": "4"}, {"name": "Keycloak OAuth2 Auth for PHP", "url": "https://github.com/stevenmaguire/oauth2-keycloak", "description": "", "stars": "227"}, {"name": "Jenkins Keycloak Authentication Plugin", "url": "https://github.com/jenkinsci/keycloak-plugin", "description": "", "stars": "41"}, {"name": "Meteor Keycloak Accounts", "url": "https://github.com/mxab/meteor-keycloak", "description": "", "stars": "6"}, {"name": "HapiJS Keycloak Auth", "url": "https://github.com/felixheck/hapi-auth-keycloak", "description": "", "stars": "36"}, {"name": "zmartzone mod\\_auth\\_openidc for Apache 2.x", "url": "https://github.com/zmartzone/mod_auth_openidc", "description": "", "stars": "1.1k"}, {"name": "Duo Security MFA Authentication for Keycloak", "url": "https://github.com/mulesoft-labs/keycloak-duo-spi", "description": ""}, {"name": "Extension Keycloak facilitant l'utilisation de FranceConnect", "url": "https://github.com/InseeFr/Keycloak-FranceConnect", "description": "", "stars": "102"}, {"name": "Ambassador Keycloak Support", "url": "https://www.getambassador.io/reference/idp-support/keycloak/", "description": ""}, {"name": "Keycloak Python Client", "url": "https://github.com/keycloak-client/keycloak-client", "description": "", "stars": "57"}, {"name": "Keycloak Terraform Provider", "url": "https://github.com/mrparkers/terraform-provider-keycloak", "description": "", "stars": "898"}, {"name": "Keycloak ADFS OpenID Connect", "url": "https://www.michaelboeynaems.com/keycloak-ADFS-OIDC.html", "description": ""}, {"name": "React/NextJS Keycloak Bindings", "url": "https://github.com/panz3r/react-keycloak", "description": "", "stars": "567"}, {"name": "NextJS + tailwind + keycloak integration", "url": "https://github.com/santiblanko/keycloak-nextjs-auth", "description": "", "stars": "9"}, {"name": "Keycloak Open-Shift integration", "url": "https://github.com/keycloak/openshift-integration", "description": "", "stars": "22"}, {"name": "Keycloak, Kong and Konga setup scripts (local development)", "url": "https://github.com/JaouherK/Kong-konga-Keycloak", "description": "", "stars": "14"}, {"name": "SSO for Keycloak and Nextcloud with SAML", "url": "https://stackoverflow.com/questions/48400812/sso-with-saml-keycloak-and-nextcloud", "description": ""}, {"name": "Keycloak Connect GraphQL Adapter for Node.js", "url": "https://github.com/aerogear/keycloak-connect-graphql", "description": "", "stars": "157"}, {"name": "python-keycloak", "url": "https://github.com/marcospereirampj/python-keycloak", "description": "", "stars": "865"}, {"name": "Keycloak and PrivacyId3a docker-compose (local development)", "url": "https://github.com/JaouherK/keycloak-privacyIdea", "description": "", "stars": "0"}, {"name": "Nerzal/gocloak Golang Keycloak API Package", "url": "https://github.com/Nerzal/gocloak", "description": "", "stars": "1.2k"}, {"name": "Apple Social Identity Provider for Keycloak", "url": "https://github.com/BenjaminFavre/keycloak-apple-social-identity-provider", "description": "", "stars": "116"}, {"name": "Micrometer Keycloak extension", "url": "https://github.com/micrometer-metrics/micrometer-keycloak", "description": "", "stars": "6"}, {"name": "Keycloak Provider for Laravel's Socialite Plugin", "url": "https://socialiteproviders.com/Keycloak/", "description": ""}, {"name": "Vault Keycloak Plugin", "url": "https://github.com/Serviceware/vault-plugin-secrets-keycloak", "description": "", "stars": "19"}, {"name": "mantelo (Python Admin Client)", "url": "https://github.com/derlin/mantelo", "description": "", "stars": "33"}, {"name": "Keyloak Integration for the German E-Health ID (GesundheitsID)", "url": "https://github.com/oviva-ag/ehealthid-relying-party", "description": "", "stars": "22"}, {"name": "Keycloak AuthServices .NET", "url": "https://nikiforovall.github.io/keycloak-authorization-services-dotnet/", "description": ""}, {"name": "KETE - Event forwarding", "url": "https://fortunen.github.io/kete", "description": ""}, {"name": "Keycloak with istio envoy jwt-auth proxy", "url": "https://www.youtube.com/watch?v=wscX7JMfuBI", "description": ""}, {"name": "Community Keycloak Ionic Theme", "url": "https://github.com/lfryc/keycloak-ionic-theme", "description": "", "stars": "21"}, {"name": "A Keycloak theme based on the AdminLTE UI library", "url": "https://github.com/MAXIMUS-DeltaWare/adminlte-keycloak-theme", "description": "", "stars": "91"}, {"name": "GOV.UK Theme", "url": "https://github.com/UKHomeOffice/keycloak-theme-govuk", "description": "", "stars": "144"}, {"name": "Carbon Design", "url": "https://github.com/httpsOmkar/carbon-keycloak-theme", "description": "", "stars": "27"}, {"name": "Modern", "url": "https://keycloakthemes.com/themes/modern", "description": ""}, {"name": "Adminlte", "url": "https://git.uptic.nl/uptic-public-projects/uptic-keyclock-theme-adminlte", "description": ""}, {"name": "keycloakify: Create Keycloak themes using React", "url": "https://github.com/InseeFrLab/keycloakify", "description": "", "stars": "2.4k"}, {"name": "Tailcloakify: Tailwind CSS Keycloakify Theme", "url": "https://github.com/ALMiG-Kompressoren-GmbH/tailcloakify", "description": "", "stars": "75"}, {"name": "Keywind: Component-based theme built with Tailwind CSS", "url": "https://github.com/lukin/keywind", "description": "", "stars": "896"}, {"name": "TailwindUI theme", "url": "https://github.com/santiblanko/tailwind-keycloak-theme", "description": "", "stars": "44"}, {"name": "Phase Two: Keycloak login theme template", "url": "https://github.com/p2-inc/keycloak-theme-template", "description": "", "stars": "47"}, {"name": "Phase Two: Extension for runtime loading of CSS themes", "url": "https://github.com/p2-inc/keycloak-themes", "description": "", "stars": "49"}, {"name": "Phase Two: 3 CSS-only Keycloak theme examples", "url": "https://github.com/p2-inc/keycloak-themes/tree/main/examples", "description": "", "stars": "49"}, {"name": "Official Keycloak Docker Images", "url": "https://github.com/jboss-dockerfiles/keycloak", "description": "", "stars": "1.5k"}, {"name": "Keycloak Examples as Docker Image", "url": "https://hub.docker.com/r/jboss/keycloak-examples", "description": ""}, {"name": "Keycloak Maven SDK for managing the entire lifecycle of your extensions with Docker", "url": "https://github.com/OpenPj/keycloak-docker-quickstart", "description": "", "stars": "33"}, {"name": "Keycloak with CRDB Support", "url": "https://quay.io/repository/phasetwo/keycloak-crdb", "description": ""}, {"name": "Deprecated Keycloak Helm Chart", "url": "https://github.com/codecentric/helm-charts/tree/master/charts/keycloak", "description": "", "stars": "714"}, {"name": "codecentric Keycloak Helm Chart", "url": "https://github.com/codecentric/helm-charts/tree/master/charts/keycloak", "description": "", "stars": "714"}, {"name": "Import / Export Keycloak Config", "url": "https://gist.github.com/unguiculus/19618ef57b1863145262191944565c9d", "description": ""}, {"name": "keycloak-operator", "url": "https://github.com/keycloak/keycloak-operator", "description": "", "stars": "433"}, {"name": "keycloakmigration: Manage your Keycloak configuration with code", "url": "https://github.com/klg71/keycloakmigration", "description": "", "stars": "126"}, {"name": "tool to autogenerate an OpenAPI Specification for Keycloak's Admin API", "url": "https://github.com/ccouzens/keycloak-openapi", "description": "", "stars": "183"}, {"name": "oidc-bash-client", "url": "https://github.com/please-openit/oidc-bash-client", "description": "", "stars": "120"}, {"name": "louketo-proxy (FKA Gatekeeper)", "url": "https://github.com/louketo/louketo-proxy", "description": "", "stars": "949"}, {"name": "keycloak-config-cli: Configuration as Code for Keycloak", "url": "https://github.com/adorsys/keycloak-config-cli", "description": "", "stars": "1.1k"}, {"name": "Keycloak Pulumi", "url": "https://github.com/pulumi/pulumi-keycloak", "description": "", "stars": "52"}, {"name": "Keycloak on AWS", "url": "https://github.com/aws-samples/keycloak-on-aws", "description": "", "stars": "198"}, {"name": "aws-cdk construct library that allows you to create KeyCloak on AWS in TypeScript or Python", "url": "https://github.com/aws-samples/cdk-keycloak", "description": "", "stars": "89"}, {"name": "keycloak-scanner Python CLI", "url": "https://github.com/NeuronAddict/keycloak-scanner", "description": "", "stars": "61"}, {"name": "Keycloak RestAPI Postman Collection", "url": "https://www.postman.com/mverma99/workspace/my-workspace/collection/25610427-e8685d30-4671-45fe-812e-ca10dba1df28", "description": ""}, {"name": "Keycloak Configurator", "url": "https://github.com/CycriLabs/keycloak-configurator", "description": "", "stars": "20"}, {"name": "kcwarden Config Auditor", "url": "https://github.com/iteratec/kcwarden", "description": "", "stars": "98"}, {"name": "Keycloak deployment with CDK on AWS with Fargate", "url": "https://github.com/aws-samples/cdk-keycloak", "description": "", "stars": "89"}, {"name": "Examples from Keycloak Book: Keycloak - Identity and Access Management for Modern Applications", "url": "https://github.com/PacktPublishing/Keycloak-Identity-and-Access-Management-for-Modern-Applications", "description": "", "stars": "274"}, {"name": "Official Examples", "url": "https://github.com/keycloak/keycloak/tree/master/examples", "description": "", "stars": "33k"}, {"name": "Keycloak Quickstarts", "url": "https://github.com/keycloak/keycloak-quickstarts", "description": "", "stars": "2.3k"}, {"name": "Drupal 7.0 with Keycloak", "url": "https://gist.github.com/thomasdarimont/17fa146c4fb5440d7fc2ee6322ec392d", "description": ""}, {"name": "Securing Realm Resources With Custom Roles", "url": "https://github.com/dteleguin/custom-admin-roles", "description": "", "stars": "15"}, {"name": "BeerCloak: a comprehensive KeyCloak extension example", "url": "https://github.com/dteleguin/beercloak", "description": "", "stars": "141"}, {"name": "KeyCloak Extensions: Securing Realm Resources With Custom Roles", "url": "https://github.com/dteleguin/custom-admin-roles", "description": "", "stars": "15"}, {"name": "Red Hat Single Sign-On Labs", "url": "https://github.com/RedHatWorkshops/red-hat-sso", "description": "", "stars": "13"}, {"name": "Spring Boot Keycloak Tutorial", "url": "https://github.com/sebastienblanc/spring-boot-keycloak-tutorial", "description": "", "stars": "204"}, {"name": "Custom Keycloak Docker Image of Computer Science House of RIT", "url": "https://github.com/ComputerScienceHouse/keycloak-docker", "description": "", "stars": "8"}, {"name": "Example of custom password hash SPI for Keycloak", "url": "https://github.com/pavelbogomolenko/keycloak-custom-password-hash", "description": "", "stars": "28"}, {"name": "Example for a custom http-client-provider with Proxy support", "url": "https://github.com/xiaoyvr/custom-http-client-provider", "description": "", "stars": "3"}, {"name": "Monitor your keycloak with prometheus", "url": "https://github.com/larscheid-schmitzhermes/keycloak-monitoring-prometheus", "description": "", "stars": "64"}, {"name": "Custom User Storage Provider .ear with jboss-cli setup", "url": "https://github.com/thomasdarimont/keycloak-user-storage-provider-demo", "description": "", "stars": "92"}, {"name": "Keycloak - Experimental extensions by Stian Thorgersen/Keycloak", "url": "https://github.com/stianst/keycloak-experimental", "description": "", "stars": "134"}, {"name": "Securing Spring Boot Admin & Actuator Endpoints with Keycloak", "url": "https://github.com/thomasdarimont/spring-boot-admin-keycloak-example", "description": "", "stars": "59"}, {"name": "A Keycloak Mobile Implementation using Angular v4 and Ionic v3", "url": "https://github.com/tomjackman/keyonic-v2", "description": "", "stars": "24"}, {"name": "Example for Securing Apps with Keycloak on Kubernetes", "url": "https://github.com/stianst/demo-kubernetes", "description": "", "stars": "55"}, {"name": "Example for Securing AspDotNet Core Apps with Keycloak", "url": "https://github.com/thomasdarimont/kc-dnc-demo", "description": "", "stars": "40"}, {"name": "Example for passing custom URL parameters to a Keycloak theme for dynamic branding", "url": "https://github.com/dteleguin/keycloak-dynamic-branding", "description": "", "stars": "33"}, {"name": "Angular Webapp secured with Keycloak", "url": "https://github.com/CodepediaOrg/bookmarks.dev", "description": "", "stars": "380"}, {"name": "Keycloak Theme Development Kit", "url": "https://github.com/anthonny/kit-keycloak-theme", "description": "", "stars": "51"}, {"name": "Keycloak Clustering examples", "url": "https://github.com/ivangfr/keycloak-clustered", "description": "", "stars": "197"}, {"name": "Keycloak Last Login Date Event Listener", "url": "https://github.com/ThoreKr/keycloak-last-login-event-listener", "description": "", "stars": "34"}, {"name": "Keycloak Project Example (Customizations, Extensions, Configuration)", "url": "https://github.com/thomasdarimont/keycloak-project-example", "description": "", "stars": "394"}, {"name": "Example of adding API Key authentication to Keycloak", "url": "https://github.com/zak905/keycloak-api-key-demo", "description": "", "stars": "151"}, {"name": "Example for using Keycloak Authorization with ASP.NET Core", "url": "https://github.com/NikiforovAll/keycloak-authorization-services-dotnet", "description": "", "stars": "658"}, {"name": "FAPI demo from DevConf.cz Mini: Secure digital transformation via keycloak's FAPI", "url": "https://github.com/mposolda/fapi-demo/tree/main", "description": "", "stars": "4"}, {"name": "Keycloak enviornment with WebAuthn Support for Stepup Auth with MFA Biometrics and Passkeys (by embesozzi)", "url": "https://github.com/embesozzi/keycloak-workshop-stepup-mfa-biometrics", "description": "", "stars": "58"}, {"name": "How to: Keycloak - ASP.NET Core - Angular", "url": "https://github.com/fschick/Keycloak.ASPNet.Angular", "description": "", "stars": "49"}, {"name": "Verifiable Credential Authentication with OpenID Connect (VC-AuthN OIDC)", "url": "https://github.com/bcgov/vc-authn-oidc", "description": "", "stars": "158"}, {"name": "FIDO2 with Keycloak for 1FA and 2FA christian-2/oidc-passkey", "url": "https://github.com/christian-2/oidc-passkey", "description": "", "stars": "3"}, {"name": "A simple Django app to use Keycloak over OIDC by Amsterdam/keycloak\\_oidc", "url": "https://github.com/Amsterdam/keycloak_oidc", "description": "", "stars": "28"}, {"name": "Keycloak as a Verifiable Credential Issuer with OID4VCI by Adorsys", "url": "https://github.com/adorsys/keycloak-ssi-deployment", "description": "", "stars": "15"}, {"name": "Keycloak and SPIRE for Agent Identity", "url": "https://github.com/christian-posta/keycloak-agent-identity", "description": "", "stars": "29"}, {"name": "Gatling based Benchmark by @rvansa", "url": "https://github.com/rvansa/keycloak-benchmark", "description": "", "stars": "34"}, {"name": "Keycloak on Stackoverflow", "url": "https://stackoverflow.com/questions/tagged/keycloak", "description": ""}, {"name": "Red Hat build of Keycloak", "url": "https://access.redhat.com/products/red-hat-build-of-keycloak", "description": ""}, {"name": "Red Hat Single Sign-On", "url": "https://access.redhat.com/products/red-hat-single-sign-on", "description": ""}, {"name": "INTEGSOFT UNIFIED USER CREDENTIALS WITH KEYCLOAK SSO", "url": "https://www.integsoft.cz/en/sso.html#what-is-sso", "description": ""}, {"name": "JIRA SSO Plugin by codecentric", "url": "https://marketplace.atlassian.com/plugins/de.codecentric.atlassian.oidc.jira-oidc-plugin/server/overview", "description": ""}, {"name": "Keycloak Competence Center by Inventage AG", "url": "https://keycloak.ch/", "description": ""}, {"name": "Keycloak as a Service", "url": "https://www.cloud-iam.com", "description": ""}, {"name": "Bare.Id - GDPR compliant Keycloak as a Service", "url": "https://bare.id/", "description": ""}, {"name": "Skycloak", "url": "https://skycloak.io/", "description": ""}, {"name": "loginfactor", "url": "https://www.loginfactor.com/", "description": ""}, {"name": "univention", "url": "https://www.univention.com/", "description": ""}, {"name": "Keymate", "url": "https://keymate.io", "description": ""}, {"name": "Find sites using Keycloak with google", "url": "https://www.google.de/search?q=inurl%3Aauth+inurl%3Arealms+inurl%3Aprotocol\\&oq=inurl%3A\\&client=ubuntu\\&sourceid=chrome\\&ie=UTF-8", "description": ""}, {"name": "Keycloak Dev Bookmarks", "url": "http://bookmarks.dev/search?q=keycloak", "description": "Use the tag [keycloak](https://www.bookmarks.dev/tagged/keycloak)"}, {"name": "Use fail2ban to block brute-force attacks to keycloak server", "url": "https://gist.github.com/drmalex07/3eba8b98d0ac4a1e821e8e721b3e1816", "description": ""}, {"name": "Pentest-Report Keycloak 8.0 Audit & Pentest 11.2019 by Cure53", "url": "https://cure53.de/pentest-report_keycloak.pdf", "description": ""}, {"name": "Keycloak - CNCF Security SIG - Self Assesment", "url": "https://docs.google.com/document/d/14IIGliP3BWjdS-0wfOk3l_1AU8kyoSiLUzpPImsz4R0/edit#", "description": ""}], "notes": []}], "total_entries": 330}, {"name": "Security", "subcategories": [{"name": "Security", "entries": [{"name": "Awesome Security", "url": "#awesome-security", "description": ""}], "notes": []}, {"name": "Security \u2014 Network architecture", "entries": [{"name": "Network-segmentation-cheat-sheet", "url": "https://github.com/sergiomarotco/Network-segmentation-cheat-sheet", "description": "This project was created to publish the best practices for segmentation of the corporate network of any company. In general, the schemes in this project are suitable for any company.", "stars": "3.4k"}], "notes": []}, {"name": "Security \u2014 Scanning / Pentesting", "entries": [{"name": "OpenVAS", "url": "http://www.openvas.org/", "description": "OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution."}, {"name": "Metasploit Framework", "url": "https://github.com/rapid7/metasploit-framework", "description": "A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.", "stars": "37k"}, {"name": "Kali", "url": "https://www.kali.org/", "description": "Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), and Aircrack-ng (a software suite for penetration-testing wireless LANs)."}, {"name": "tsurugi", "url": "https://tsurugi-linux.org/", "description": "heavily customized Linux distribution that designed to support DFIR investigations, malware analysis and OSINT activities. It is based on Ubuntu 20.04(64-bit with a 5.15.12 custom kernel)"}, {"name": "pig", "url": "https://github.com/rafael-santiago/pig", "description": "A Linux packet crafting tool.", "stars": "471"}, {"name": "scapy", "url": "https://github.com/gpotter2/awesome-scapy", "description": "Scapy: the python-based interactive packet manipulation program & library.", "stars": "330"}, {"name": "Pompem", "url": "https://github.com/rfunix/Pompem", "description": "Pompem is an open source tool, which is designed to automate the search for exploits in major databases. Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers. In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security...", "stars": "1k"}, {"name": "Nmap", "url": "https://nmap.org", "description": "Nmap is a free and open source utility for network discovery and security auditing."}, {"name": "Amass", "url": "https://github.com/owasp-amass/amass", "description": "Amass performs DNS subdomain enumeration by scraping the largest number of disparate data sources, recursive brute forcing, crawling of web archives, permuting and altering names, reverse DNS sweeping and other techniques.", "stars": "14k"}, {"name": "Anevicon", "url": "https://github.com/rozgo/anevicon", "description": "The most powerful UDP-based load generator, written in Rust."}, {"name": "Finshir", "url": "https://github.com/isgasho/finshir", "description": "A coroutines-driven Low & Slow traffic generator, written in Rust.", "stars": "33"}, {"name": "Legion", "url": "https://github.com/GoVanguard/legion", "description": "Open source semi-automated discovery and reconnaissance network penetration testing framework.", "stars": "1.1k"}, {"name": "Lonkero", "url": "https://github.com/bountyyfi/lonkero", "description": "Enterprise-grade web vulnerability scanner with 60+ attack modules, built in Rust for penetration testing and security assessments.", "stars": "896"}, {"name": "Sublist3r", "url": "https://github.com/aboul3la/Sublist3r", "description": "Fast subdomains enumeration tool for penetration testers", "stars": "11k"}, {"name": "RustScan", "url": "https://github.com/RustScan/RustScan", "description": "Faster Nmap scanning with Rust. Take a 17 minute Nmap scan down to 19 seconds.", "stars": "19k"}, {"name": "Boofuzz", "url": "https://github.com/jtpereyda/boofuzz", "description": "Fuzzing engine and fuzz testing framework.", "stars": "2.3k"}, {"name": "monsoon", "url": "https://github.com/RedTeamPentesting/monsoon", "description": "Very flexible and fast interactive HTTP enumeration/fuzzing.", "stars": "493"}, {"name": "Netz", "url": "https://github.com/spectralops/netz", "description": "Discover internet-wide misconfigurations, using zgrab2 and others.", "stars": "399"}, {"name": "Deepfence ThreatMapper", "url": "https://github.com/deepfence/ThreatMapper", "description": "Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.", "stars": "5.2k"}, {"name": "Deepfence SecretScanner", "url": "https://github.com/deepfence/SecretScanner", "description": "Find secrets and passwords in container images and file systems.", "stars": "3.3k"}, {"name": "Cognito Scanner", "url": "https://github.com/padok-team/cognito-scanner", "description": "CLI tool to pentest Cognito AWS instance. It implements three attacks: unwanted account creation, account oracle and identity pool escalation", "stars": "109"}], "notes": []}, {"name": "Security \u2014 Monitoring / Logging", "entries": [{"name": "BoxyHQ", "url": "https://github.com/retracedhq/retraced", "description": "Open source API for security and compliance audit logging.", "stars": "431"}, {"name": "justniffer", "url": "http://justniffer.sourceforge.net/", "description": "Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all \"intercepted\" files from the HTTP traffic."}, {"name": "httpry", "url": "http://dumpsterventures.com/jason/httpry/", "description": "httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the traffic as it is parsed, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications."}, {"name": "ngrep", "url": "http://ngrep.sourceforge.net/", "description": "ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop."}, {"name": "passivedns", "url": "https://github.com/gamelinux/passivedns", "description": "A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without loosing the essens in the DNS answer.", "stars": "1.7k"}, {"name": "sagan", "url": "http://sagan.quadrantsec.com/", "description": "Sagan uses a 'Snort like' engine and rules to analyze logs (syslog/event log/snmptrap/netflow/etc)."}, {"name": "ntopng", "url": "http://www.ntop.org/products/traffic-analysis/ntop/", "description": "Ntopng is a network traffic probe that shows the network usage, similar to what the popular top Unix command does."}, {"name": "Fibratus", "url": "https://github.com/rabbitstack/fibratus", "description": "Fibratus is a tool for exploration and tracing of the Windows kernel. It is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments.", "stars": "2.4k"}, {"name": "opensnitch", "url": "https://github.com/evilsocket/opensnitch", "description": "OpenSnitch is a GNU/Linux port of the Little Snitch application firewall", "stars": "13k"}, {"name": "wazuh", "url": "https://github.com/wazuh/wazuh", "description": "Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of monitoring file system  changes, system calls and inventory changes.", "stars": "15k"}, {"name": "Matano", "url": "https://github.com/matanolabs/matano", "description": "", "stars": "1.7k"}, {"name": "Falco", "url": "https://falco.org/", "description": "The cloud-native runtime security project and de facto Kubernetes threat detection engine now part of the CNCF."}, {"name": "VAST", "url": "https://github.com/tenzir/vast", "description": "Open source security data pipeline engine for structured event data, supporting high-volume telemetry ingestion, compaction, and retrieval; purpose-built for security content execution, guided threat hunting, and large-scale investigation.", "stars": "719"}, {"name": "Substation", "url": "https://github.com/brexhq/substation", "description": "Substation is a cloud native data pipeline and transformation toolkit written in Go.", "stars": "390"}, {"name": "Sigma2KQL", "url": "https://github.com/Khadinxc/Sigma2KQL", "description": "A repository of all SIGMA rules converted to KQL that runs on a weekly schedule to update the repository and align with the up to date version of the SIGMA rules repository.", "stars": "2"}, {"name": "Sigma2SPL", "url": "https://github.com/Khadinxc/Sigma2SPL", "description": "A repository of all SIGMA rules converted to SPL that runs on a weekly schedule to update the repository and align with the up to date version of the SIGMA rules repository.", "stars": "1"}, {"name": "TerraSigma", "url": "https://github.com/Khadinxc/TerraSigma", "description": "A repository of all SIGMA rules converted to Microsoft Sentinel Terraform Scheduled analytic resources. The repository runs on a weekly schedule to update the repository and align with the up to date version of the SIGMA rules repository. Proper entity mapping is completed for the rules to ensure the repo is plug-and-play.", "stars": "3"}], "notes": []}, {"name": "Security \u2014 IDS / IPS / Host IDS / Host IPS", "entries": [{"name": "Snort", "url": "https://www.snort.org/", "description": "Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS)created by Martin Roesch in 1998. Snort is now developed by Sourcefire, of which Roesch is the founder and CTO. In 2009, Snort entered InfoWorld's Open Source Hall of Fame as one of the \"greatest \\[pieces of] open source software of all time\"."}, {"name": "Zeek", "url": "https://zeek.org/", "description": "Zeek is a powerful network analysis framework that is much different from the typical IDS you may know."}, {"name": "DrKeithJones.com", "url": "https://drkeithjones.com", "description": "A blog on cyber security and network security monitoring."}, {"name": "OSSEC", "url": "https://ossec.github.io/", "description": "Comprehensive Open Source HIDS. Not for the faint of heart. Takes a bit to get your head around how it works. Performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. Plenty of reasonable documentation. Sweet spot is medium to large deployments."}, {"name": "Suricata", "url": "http://suricata-ids.org/", "description": "Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting vendors."}, {"name": "Security Onion", "url": "http://blog.securityonion.net/", "description": "Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Zeek, OSSEC, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!"}, {"name": "sshwatch", "url": "https://github.com/marshyski/sshwatch", "description": "IPS for SSH similar to DenyHosts written in Python.  It also can gather information about attacker during the attack in a log.", "stars": "54"}, {"name": "Stealth", "url": "https://fbb-git.gitlab.io/stealth/", "description": "File integrity checker that leaves virtually no sediment. Controller runs from another machine, which makes it hard for an attacker to know that the file system is being checked at defined pseudo random intervals over SSH. Highly recommended for small to medium deployments."}, {"name": "AIEngine", "url": "https://bitbucket.org/camp0/aiengine", "description": "AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua packet inspection engine with capabilities of learning without any human intervention, NIDS(Network Intrusion Detection System) functionality, DNS domain classification, network collector, network forensics and many others."}, {"name": "Denyhosts", "url": "http://denyhosts.sourceforge.net/", "description": "Thwart SSH dictionary based attacks and brute force attacks."}, {"name": "Fail2Ban", "url": "http://www.fail2ban.org/wiki/index.php/Main_Page", "description": "Scans log files and takes action on IPs that show malicious behavior."}, {"name": "SSHGuard", "url": "http://www.sshguard.net/", "description": "A software to protect services in addition to SSH, written in C"}, {"name": "Lynis", "url": "https://cisofy.com/lynis/", "description": "an open source security auditing tool for Linux/Unix."}, {"name": "CrowdSec", "url": "https://github.com/crowdsecurity/crowdsec", "description": "CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network. It stacks on Fail2Ban's philosophy but is IPV6 compatible and 60x faster (Go vs Python), uses Grok patterns to parse logs and YAML scenario to identify behaviors. CrowdSec is engineered for modern Cloud / Containers / VM based infrastructures (by decoupling detection and remediation). Once detected, you can remedy threats with various bouncers (firewall block, nginx http 403, Captchas, etc.) while the aggressive IPs can be sent to CrowdSec for curation before being shared among all users to further strengthen the community", "stars": "12k"}, {"name": "wazuh", "url": "https://github.com/wazuh/wazuh", "description": "Wazuh is a free and open source XDR platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. Great tool foor all kind of deployments, it includes SIEM capabitilies (indexing + searching + WUI).", "stars": "15k"}], "notes": []}, {"name": "Security \u2014 Honey Pot / Honey Net", "entries": [{"name": "awesome-honeypots", "url": "https://github.com/paralax/awesome-honeypots", "description": "The canonical awesome honeypot list.", "stars": "10k"}, {"name": "HoneyPy", "url": "https://github.com/foospidy/HoneyPy", "description": "HoneyPy is a low to medium interaction honeypot. It is intended to be easy to: deploy, extend functionality with plugins, and apply custom configurations.", "stars": "473"}, {"name": "Conpot", "url": "http://conpot.org/", "description": "ICS/SCADA Honeypot. Conpot is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify and extend. By providing a range of common industrial control protocols we created the basics to build your own system, capable to emulate complex infrastructures to convince an adversary that he just found a huge industrial complex. To improve the deceptive capabilities, we also provided the possibility to server a custom human machine interface to increase the honeypots attack surface. The response times of the services can be artificially delayed to mimic the behaviour of a system under constant load. Because we are providing complete stacks of the protocols, Conpot can be accessed with productive HMI's or extended with real hardware. Conpot is developed under the umbrella of the Honeynet Project and on the shoulders of a couple of very big giants."}, {"name": "Amun", "url": "https://github.com/zeroq/amun", "description": "Amun Python-based low-interaction Honeypot.", "stars": "63"}, {"name": "Glastopf", "url": "http://glastopf.org/", "description": "Glastopf is a Honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications. The principle behind it is very simple: Reply the correct response to the attacker exploiting the web application."}, {"name": "Kippo", "url": "https://github.com/desaster/kippo", "description": "Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.", "stars": "1.7k"}, {"name": "Kojoney", "url": "http://kojoney.sourceforge.net/", "description": "Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries."}, {"name": "HonSSH", "url": "https://github.com/tnich/honssh", "description": "HonSSH is a high-interaction Honey Pot solution. HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them.", "stars": "375"}, {"name": "Bifrozt", "url": "http://sourceforge.net/projects/bifrozt/", "description": "Bifrozt is a NAT device with a DHCP server that is usually deployed with one NIC connected directly to the Internet and one NIC connected to the internal network. What differentiates Bifrozt from other standard NAT devices is its ability to work as a transparent SSHv2 proxy between an attacker and your honeypot. If you deployed an SSH server on Bifrozt\u2019s internal network it would log all the interaction to a TTY file in plain text that could be viewed later and capture a copy of any files that were downloaded. You would not have to install any additional software, compile any kernel modules or use a specific version or type of operating system on the internal SSH server for this to work. It will limit outbound traffic to a set number of ports and will start to drop outbound packets on these ports when certain limits are exceeded."}, {"name": "HoneyDrive", "url": "http://bruteforce.gr/honeydrive", "description": "HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution."}, {"name": "Cuckoo Sandbox", "url": "http://www.cuckoosandbox.org/", "description": "Cuckoo Sandbox is an Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behavior of the malicious processes while running in an isolated environment."}, {"name": "T-Pot Honeypot Distro", "url": "http://dtag-dev-sec.github.io/mediator/feature/2017/11/07/t-pot-17.10.html", "description": "T-Pot is based on the network installer of Ubuntu Server 16/17.x LTS. The honeypot daemons as well as other support components being used have been containerized using docker. This allows us to run multiple honeypot daemons on the same network interface while maintaining a small footprint and constrain each honeypot within its own environment. Installation over vanilla Ubuntu - [T-Pot Autoinstall](https://github.com/dtag-dev-sec/t-pot-autoinstall) - This script will install T-Pot 16.04/17.10 on a fresh Ubuntu 16.04.x LTS (64bit). It is intended to be used on hosted servers, where an Ubuntu base image is given and there is no ability to install custom ISO images. Successfully tested on vanilla Ubuntu 16.04.3 in VMware."}], "notes": []}, {"name": "Security \u2014 Full Packet Capture / Forensic", "entries": [{"name": "tcpflow", "url": "https://github.com/simsong/tcpflow", "description": "tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored in two files, one for each direction. tcpflow can also process stored 'tcpdump' packet flows.", "stars": "1.8k"}, {"name": "Deepfence PacketStreamer", "url": "https://github.com/deepfence/PacketStreamer", "description": "High-performance remote packet capture and collection tool, distributed tcpdump for cloud native environments.", "stars": "1.9k"}, {"name": "Xplico", "url": "http://www.xplico.org/", "description": "The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn\u2019t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT)."}, {"name": "Moloch", "url": "https://github.com/aol/moloch", "description": "Moloch is an open source, large scale IPv4 packet capturing (PCAP), indexing and database system. A simple web interface is provided for PCAP browsing, searching, and exporting. APIs are exposed that allow PCAP data and JSON-formatted session data to be downloaded directly. Simple security is implemented by using HTTPS and HTTP digest password support or by using apache in front. Moloch is not meant to replace IDS engines but instead work along side them to store and index all the network traffic in standard PCAP format, providing fast access. Moloch is built to be deployed across many systems and can scale to handle multiple gigabits/sec of traffic.", "stars": "7.3k"}, {"name": "OpenFPC", "url": "http://www.openfpc.org", "description": "OpenFPC is a set of tools that combine to provide a lightweight full-packet network traffic recorder & buffering system. It's design goal is to allow non-expert users to deploy a distributed network traffic recorder on COTS hardware while integrating into existing alert and log management tools."}, {"name": "Dshell", "url": "https://github.com/USArmyResearchLab/Dshell", "description": "Dshell is a network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures.", "stars": "5.5k"}, {"name": "stenographer", "url": "https://github.com/google/stenographer", "description": "Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets.", "stars": "1.8k"}], "notes": []}, {"name": "Security \u2014 Sniffer", "entries": [{"name": "wireshark", "url": "https://www.wireshark.org", "description": "Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options."}, {"name": "netsniff-ng", "url": "http://netsniff-ng.org/", "description": "netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa."}, {"name": "Live HTTP headers", "url": "https://addons.mozilla.org/en-US/firefox/addon/http-header-live/", "description": "Live HTTP headers is a free firefox addon to see your browser requests in real time. It shows the entire headers of the requests and can be used to find the security loopholes in implementations."}], "notes": []}, {"name": "Security \u2014 Security Information & Event Management", "entries": [{"name": "Prelude", "url": "https://www.prelude-siem.org/", "description": "Prelude is a Universal \"Security Information & Event Management\" (SIEM) system. Prelude collects, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the product brand or license giving rise to such events; Prelude is \"agentless\"."}, {"name": "OSSIM", "url": "https://www.alienvault.com/open-threat-exchange/projects", "description": "OSSIM provides all of the features that a security professional needs from a SIEM offering \u2013 event collection, normalization, and correlation."}, {"name": "FIR", "url": "https://github.com/certsocietegenerale/FIR", "description": "Fast Incident Response, a cybersecurity incident management platform.", "stars": "2k"}, {"name": "LogESP", "url": "https://github.com/dogoncouch/LogESP", "description": "Open Source SIEM (Security Information and Event Management system).", "stars": "219"}, {"name": "wazuh", "url": "https://github.com/wazuh/wazuh", "description": "Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. It works with tons of data supported by an OpenSearch fork and custom WUI.", "stars": "15k"}, {"name": "VAST", "url": "https://github.com/tenzir/vast", "description": "Open source security data pipeline engine for structured event data, supporting high-volume telemetry ingestion, compaction, and retrieval; purpose-built for security content execution, guided threat hunting, and large-scale investigation.", "stars": "719"}, {"name": "Matano", "url": "https://github.com/matanolabs/matano", "description": "Open source serverless security lake platform on AWS that lets you ingest, store, and analyze petabytes of security data into an Apache Iceberg data lake and run realtime Python detections as code.", "stars": "1.7k"}], "notes": []}, {"name": "Security \u2014 VPN", "entries": [{"name": "OpenVPN", "url": "https://openvpn.net/", "description": "OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange."}, {"name": "Firezone", "url": "https://github.com/firezone/firezone", "description": "Open-source VPN server and egress firewall for Linux built on WireGuard that makes it simple to manage secure remote access to your company\u2019s private networks. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.", "stars": "8.4k"}, {"name": "TorForge", "url": "https://github.com/jery0843/torforge", "description": "Advanced transparent Tor proxy with kernel-level iptables routing, post-quantum encryption (Kyber768), kill switch, steganography mode, and AI-powered circuit selection.", "stars": "11"}], "notes": []}, {"name": "Security \u2014 Fast Packet Processing", "entries": [{"name": "DPDK", "url": "http://dpdk.org/", "description": "DPDK is a set of libraries and drivers for fast packet processing."}, {"name": "PFQ", "url": "https://github.com/pfq/PFQ", "description": "PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission (10G and beyond), in-kernel functional processing and packets steering across sockets/end-points.", "stars": "523"}, {"name": "PF\\_RING", "url": "http://www.ntop.org/products/packet-capture/pf_ring/", "description": "PF\\_RING is a new type of network socket that dramatically improves the packet capture speed."}, {"name": "PF\\_RING ZC (Zero Copy)", "url": "http://www.ntop.org/products/packet-capture/pf_ring/pf_ring-zc-zero-copy/", "description": "PF\\_RING ZC (Zero Copy) is a flexible packet processing framework that  allows you to achieve 1/10 Gbit line rate packet processing (both RX and TX) at any packet size. It implements zero copy operations including patterns for inter-process and inter-VM (KVM) communications."}, {"name": "PACKET\\_MMAP/TPACKET/AF\\_PACKET", "url": "https://elixir.bootlin.com/linux/latest/source/Documentation/networking/packet_mmap.rst", "description": "It's fine to use PACKET\\_MMAP to improve the performance of the capture and transmission process in Linux."}, {"name": "netmap", "url": "http://info.iet.unipi.it/~luigi/netmap/", "description": "netmap is a framework for high speed packet I/O. Together with its companion VALE software switch, it is implemented as a single kernel module and available for FreeBSD, Linux and now also Windows."}], "notes": []}, {"name": "Security \u2014 Firewall", "entries": [{"name": "pfSense", "url": "https://www.pfsense.org/", "description": "Firewall and Router FreeBSD distribution."}, {"name": "OPNsense", "url": "https://opnsense.org/", "description": "is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources."}, {"name": "fwknop", "url": "https://www.cipherdyne.org/fwknop/", "description": "Protects ports via Single Packet Authorization in your firewall."}], "notes": []}, {"name": "Security \u2014 Anti-Spam", "entries": [{"name": "Spam Scanner", "url": "https://github.com/spamscanner", "description": "Anti-Spam Scanning Service and Anti-Spam API by [@niftylettuce](https://github.com/niftylettuce)."}, {"name": "rspamd", "url": "https://github.com/rspamd/rspamd", "description": "Fast, free and open-source spam filtering system.", "stars": "2.4k"}, {"name": "SpamAssassin", "url": "https://spamassassin.apache.org/", "description": "A powerful and popular email spam filter employing a variety of detection technique."}, {"name": "Scammer-List", "url": "https://scammerlist.now.sh/", "description": "A free open source AI based Scam and Spam Finder with a free API"}], "notes": []}, {"name": "Security \u2014 Docker Images for Penetration Testing & Security", "entries": [], "notes": []}, {"name": "Security \u2014 Anti-Virus / Anti-Malware", "entries": [{"name": "Fastfinder", "url": "https://github.com/codeyourweb/fastfinder", "description": "Fast customisable cross-platform suspicious file finder. Supports md5/sha1/sha256 hashs, litteral/wildcard strings, regular expressions and YARA rules. Can easily be packed to be deployed on any windows / linux host.", "stars": "249"}, {"name": "Linux Malware Detect", "url": "https://www.rfxn.com/projects/linux-malware-detect/", "description": "A malware scanner for Linux designed around the threats faced in shared hosted environments."}, {"name": "LOKI", "url": "https://github.com/Neo23x0/Loki", "description": "Simple Indicators of Compromise and Incident Response Scanner", "stars": "3.7k"}, {"name": "rkhunter", "url": "http://rkhunter.sourceforge.net/", "description": "A Rootkit Hunter for Linux"}, {"name": "ClamAv", "url": "http://www.clamav.net/", "description": "ClamAV\u00ae is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats."}], "notes": []}, {"name": "Security \u2014 Content Disarm & Reconstruct", "entries": [{"name": "DocBleach", "url": "https://github.com/docbleach/DocBleach", "description": "An open-source Content Disarm & Reconstruct software sanitizing Office, PDF and RTF Documents.", "stars": "156"}], "notes": []}, {"name": "Security \u2014 Configuration Management", "entries": [{"name": "Fleet device management", "url": "https://github.com/fleetdm/fleet", "description": "Fleet is the lightweight, programmable telemetry platform for servers and workstations. Get comprehensive, customizable data from all your devices and operating systems.", "stars": "6k"}, {"name": "Rudder", "url": "http://www.rudder-project.org/", "description": "Rudder is an easy to use, web-driven, role-based solution for IT Infrastructure Automation & Compliance. Automate common system administration tasks (installation, configuration); Enforce configuration over time (configuring once is good, ensuring that configuration is valid and automatically fixing it is better); Inventory of all managed nodes; Web interface to configure and manage nodes and their configuration; Compliance reporting, by configuration and/or by node."}], "notes": []}, {"name": "Security \u2014 Authentication", "entries": [{"name": "google-authenticator", "url": "https://github.com/google/google-authenticator", "description": "The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. [Tutorials: How to set up two-factor authentication for SSH login on Linux](http://xmodulo.com/two-factor-authentication-ssh-login-linux.html)", "stars": "5.3k"}, {"name": "Stegcloak", "url": "https://github.com/kurolabs/stegcloak", "description": "Securely assign Digital Authenticity to any written text", "stars": "3.8k"}], "notes": []}, {"name": "Security \u2014 Mobile / Android / iOS", "entries": [{"name": "android-security-awesome", "url": "https://github.com/ashishb/android-security-awesome", "description": "A collection of android security related resources. A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps.", "stars": "9.2k"}, {"name": "SecMobi Wiki", "url": "http://wiki.secmobi.com/", "description": "A collection of mobile security resources which including articles, blogs, books, groups, projects, tools and conferences. \\*"}, {"name": "OWASP Mobile Security Testing Guide", "url": "https://github.com/OWASP/owasp-mstg", "description": "A comprehensive manual for mobile app security testing and reverse engineering.", "stars": "13k"}, {"name": "OSX Security Awesome", "url": "https://github.com/kai5263499/osx-security-awesome", "description": "A collection of OSX and iOS security resources", "stars": "774"}, {"name": "Themis", "url": "https://github.com/cossacklabs/themis", "description": "High-level multi-platform cryptographic framework for protecting sensitive data: secure messaging with forward secrecy and secure data storage (AES256GCM), suits for building end-to-end encrypted applications.", "stars": "1.9k"}, {"name": "Mobile Security Wiki", "url": "https://mobilesecuritywiki.com/", "description": "A collection of mobile security resources."}, {"name": "Apktool", "url": "https://github.com/iBotPeaches/Apktool", "description": "A tool for reverse engineering Android apk files.", "stars": "24k"}, {"name": "jadx", "url": "https://github.com/skylot/jadx", "description": "Command line and GUI tools for produce Java source code from Android Dex and Apk files.", "stars": "47k"}, {"name": "enjarify", "url": "https://github.com/Storyyeller/enjarify", "description": "A tool for translating Dalvik bytecode to equivalent Java bytecode.", "stars": "949"}, {"name": "Android Storage Extractor", "url": "https://github.com/51j0/Android-Storage-Extractor", "description": "A tool to extract local data storage of an Android application in one click.", "stars": "20"}, {"name": "Quark-Engine", "url": "https://github.com/quark-engine/quark-engine", "description": "An Obfuscation-Neglect Android Malware Scoring System.", "stars": "1.6k"}, {"name": "dotPeek", "url": "https://www.jetbrains.com/decompiler/", "description": "Free-of-charge standalone tool based on ReSharper's bundled decompiler."}, {"name": "hardened\\_malloc", "url": "https://github.com/GrapheneOS/hardened_malloc", "description": "Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.", "stars": "1.7k"}, {"name": "AMExtractor", "url": "https://github.com/ir193/AMExtractor", "description": "AMExtractor can dump out the physical content of your Android device even without kernel source code.", "stars": "13"}, {"name": "frida", "url": "https://github.com/frida/frida", "description": "Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.", "stars": "20k"}, {"name": "UDcide", "url": "https://github.com/UDcide/udcide", "description": "Android Malware Behavior Editor.", "stars": "37"}, {"name": "reFlutter", "url": "https://github.com/ptswarm/reFlutter", "description": "Flutter Reverse Engineering Framework", "stars": "1.4k"}], "notes": []}, {"name": "Security \u2014 Forensics", "entries": [{"name": "grr", "url": "https://github.com/google/grr", "description": "GRR Rapid Response is an incident response framework focused on remote live forensics.", "stars": "5k"}, {"name": "Volatility", "url": "https://github.com/volatilityfoundation/volatility", "description": "Python based memory extraction and analysis framework.", "stars": "8k"}, {"name": "mig", "url": "http://mig.mozilla.org/", "description": "MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security."}, {"name": "ir-rescue", "url": "https://github.com/diogo-fernan/ir-rescue", "description": "*ir-rescue* is a Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.", "stars": "487"}, {"name": "Logdissect", "url": "https://github.com/dogoncouch/logdissect", "description": "CLI utility and Python API for analyzing log files and other data.", "stars": "158"}, {"name": "Meerkat", "url": "https://github.com/TonyPhipps/Meerkat", "description": "PowerShell-based Windows artifact collection for threat hunting and incident response.", "stars": "481"}, {"name": "Rekall", "url": "https://github.com/google/rekall", "description": "The Rekall Framework is a completely open collection of tools, implemented in Python under the Apache and GNU General Public License, for the extraction and analysis of digital artifacts computer systems.", "stars": "2k"}, {"name": "LiME", "url": "https://github.com/504ensicsLabs/LiME.git", "description": "Linux Memory Extractor"}, {"name": "Maigret", "url": "https://github.com/soxoj/maigret", "description": "Maigret collect a dossier on a person by username only, checking for accounts on a huge number of sites and gathering all the available information from web pages.", "stars": "19k"}, {"name": "abuse.ch", "url": "https://www.abuse.ch/", "description": "ZeuS Tracker / SpyEye Tracker / Palevo Tracker / Feodo Tracker tracks Command\\&Control servers (hosts) around the world and provides you a domain- and an IP-blocklist."}, {"name": "Cyware Threat Intelligence Feeds", "url": "https://cyware.com/community/ctix-feeds", "description": "Cyware\u2019s Threat Intelligence feeds brings to you the valuable threat data from a wide range of open and trusted sources to deliver a consolidated stream of valuable and actionable threat intelligence. Our threat intel feeds are fully compatible with STIX 1.x and 2.0, giving you the latest information on malicious malware hashes, IPs and domains uncovered across the globe in real-time."}, {"name": "Emerging Threats - Open Source", "url": "http://doc.emergingthreats.net/bin/view/Main/EmergingFAQ", "description": "Emerging Threats began 10 years ago as an open source community for collecting Suricata and SNORT\u00ae rules, firewall rules, and other IDS rulesets. The open source community still plays an active role in Internet security, with more than 200,000 active users downloading the ruleset daily. The ETOpen Ruleset is open to any user or organization, as long as you follow some basic guidelines. Our ETOpen Ruleset is available for download any time."}, {"name": "PhishTank", "url": "http://www.phishtank.com/", "description": "PhishTank is a collaborative clearing house for data and information about phishing on the Internet. Also, PhishTank provides an open API for developers and researchers to integrate anti-phishing data into their applications at no charge."}, {"name": "SBL / XBL / PBL / DBL / DROP / ROKSO", "url": "http://www.spamhaus.org/", "description": "The Spamhaus Project is an international nonprofit organization whose mission is to track the Internet's spam operations and sources, to provide dependable realtime anti-spam protection for Internet networks, to work with Law Enforcement Agencies to identify and pursue spam and malware gangs worldwide, and to lobby governments for effective anti-spam legislation."}, {"name": "Internet Storm Center", "url": "https://www.dshield.org/reports.html", "description": "The ISC was created in 2001 following the successful detection, analysis, and widespread warning of the Li0n worm. Today, the ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers."}, {"name": "AutoShun", "url": "https://www.autoshun.org/", "description": "AutoShun is a Snort plugin that allows you to send your Snort IDS logs to a centralized server that will correlate attacks from your sensor logs with other snort sensors, honeypots, and mail filters from around the world."}, {"name": "DNS-BH", "url": "http://www.malwaredomains.com/", "description": "The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware. This project creates the Bind and Windows zone files required to serve fake replies to localhost for any requests to these, thus preventing many spyware installs and reporting."}, {"name": "AlienVault Open Threat Exchange", "url": "http://www.alienvault.com/open-threat-exchange/dashboard", "description": "AlienVault Open Threat Exchange (OTX), to help you secure your networks from data loss, service disruption and system compromise caused by malicious IP addresses."}, {"name": "Tor Bulk Exit List", "url": "https://metrics.torproject.org/collector.html", "description": "CollecTor, your friendly data-collecting service in the Tor network. CollecTor fetches data from various nodes and services in the public Tor network and makes it available to the world. If you're doing research on the Tor network, or if you're developing an application that uses Tor network data, this is your place to start. [TOR Node List](https://www.dan.me.uk/tornodes) /  [DNS Blacklists](https://www.dan.me.uk/dnsbl) / [Tor Node List](http://torstatus.blutmagie.de/)"}, {"name": "leakedin.com", "url": "http://www.leakedin.com/", "description": "The primary purpose of leakedin.com is to make visitors aware about the risks of loosing data. This blog just compiles samples of data lost or disclosed on sites like pastebin.com."}, {"name": "FireEye OpenIOCs", "url": "https://github.com/fireeye/iocs", "description": "FireEye Publicly Shared Indicators of Compromise (IOCs)", "stars": "473"}, {"name": "OpenVAS NVT Feed", "url": "http://www.openvas.org/openvas-nvt-feed.html", "description": "The public feed of Network Vulnerability Tests (NVTs). It contains more than 35,000 NVTs (as of April 2014), growing on a daily basis. This feed is configured as the default for OpenVAS."}, {"name": "Project Honey Pot", "url": "http://www.projecthoneypot.org/", "description": "Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it."}, {"name": "virustotal", "url": "https://www.virustotal.com/", "description": "VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners."}, {"name": "IntelMQ", "url": "https://github.com/certtools/intelmq/", "description": "IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets using a message queue protocol. It's a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs during several InfoSec events. Its main goal is to give to incident responders an easy way to collect & process threat intelligence thus improving the incident handling processes of CERTs. [ENSIA Homepage](https://www.enisa.europa.eu/activities/cert/support/incident-handling-automation).", "stars": "1.1k"}, {"name": "CIFv2", "url": "https://github.com/csirtgadgets/massive-octo-spice", "description": "CIF is a cyber threat intelligence management system. CIF allows you to combine known malicious threat information from many sources and use that information for identification (incident response), detection (IDS) and mitigation (null route).", "stars": "229"}, {"name": "MISP - Open Source Threat Intelligence Platform", "url": "https://www.misp-project.org/", "description": "MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.  A threat intelligence platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. The MISP project includes software, common libraries ([taxonomies](https://www.misp-project.org/taxonomies.html), [threat-actors and various malware](https://www.misp-project.org/galaxy.html)), an extensive data model to share new information using [objects](https://www.misp-project.org/objects.html) and default [feeds](https://www.misp-project.org/feeds/)."}, {"name": "PhishStats", "url": "https://phishstats.info/", "description": "Phishing Statistics with search for IP, domain and website title."}, {"name": "Threat Jammer", "url": "https://threatjammer.com", "description": "REST API service that allows developers, security engineers, and other IT professionals to access curated threat intelligence data from a variety of sources."}, {"name": "Cyberowl", "url": "https://github.com/karimhabush/cyberowl", "description": "A daily updated summary of the most frequent types of security incidents currently being reported from different sources.", "stars": "257"}, {"name": "Gophish", "url": "https://getgophish.com/", "description": "An Open-Source Phishing Framework."}], "notes": []}, {"name": "Security \u2014 Organization", "entries": [{"name": "OWASP", "url": "http://www.owasp.org", "description": "The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software."}, {"name": "Portswigger", "url": "https://portswigger.net", "description": "PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities."}], "notes": []}, {"name": "Security \u2014 Web Application Firewall", "entries": [{"name": "ModSecurity", "url": "http://www.modsecurity.org/", "description": "ModSecurity is a toolkit for real-time web application monitoring, logging, and access control."}, {"name": "BunkerWeb", "url": "https://github.com/bunkerity/bunkerweb", "description": "BunkerWeb is a full-featured open-source web server with ModeSecurity WAF, HTTPS with transparent Let's Encrypt renewal, automatic ban of strange behaviors based on HTTP codes, bot and bad IPs block, connection limits, state-of-the-art security presets, Web UI and much more.", "stars": "9.9k"}, {"name": "NAXSI", "url": "https://github.com/nbs-system/naxsi", "description": "NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX, NAXSI means Nginx Anti Xss & Sql Injection.", "stars": "4.8k"}, {"name": "sql\\_firewall", "url": "https://github.com/uptimejp/sql_firewall", "description": "", "stars": "177"}, {"name": "ironbee", "url": "https://github.com/ironbee/ironbee", "description": "IronBee is an open source project to build a universal web application security sensor. IronBee as a framework for developing a system for securing web applications - a framework for building a web application firewall (WAF).", "stars": "304"}, {"name": "Curiefense", "url": "https://github.com/curiefense/curiefense", "description": "Curiefense adds a broad set of automated web security tools, including a WAF to Envoy Proxy."}, {"name": "open-appsec", "url": "https://github.com/openappsec/openappsec", "description": "open-appsec is an open source machine-learning security engine that preemptively and automatically prevents threats against Web Application & APIs.", "stars": "1.5k"}], "notes": []}, {"name": "Security \u2014 Scanning / Pentesting", "entries": [{"name": "Spyse", "url": "https://spyse.com/", "description": "Spyse is an OSINT search engine that provides fresh data about the entire web. All the data is stored in its own DB for instant access and interconnected with each other for flexible search."}, {"name": "sqlmap", "url": "http://sqlmap.org/", "description": "sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."}, {"name": "ZAP", "url": "https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project", "description": "The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually."}, {"name": "OWASP Testing Checklist v4", "url": "https://www.owasp.org/index.php/Testing_Checklist", "description": "List of some controls to test during a web vulnerability assessment. Markdown version may be found [here (\u2b5014)](https://github.com/amocrenco/owasp-testing-checklist-v4-markdown/blob/master/README.md)."}, {"name": "w3af", "url": "http://w3af.org/", "description": "w3af is a Web Application Attack and Audit Framework. The project\u2019s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities."}, {"name": "Recon-ng", "url": "https://github.com/lanmaster53/recon-ng", "description": "Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework.", "stars": "5.3k"}, {"name": "PTF", "url": "https://github.com/trustedsec/ptf", "description": "The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.", "stars": "5.5k"}, {"name": "Infection Monkey", "url": "https://github.com/guardicore/monkey", "description": "A semi automatic pen testing tool for mapping/pen-testing networks. Simulates a human attacker.", "stars": "6.9k"}, {"name": "ACSTIS", "url": "https://github.com/tijme/angularjs-csti-scanner", "description": "ACSTIS helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.", "stars": "325"}, {"name": "padding-oracle-attacker", "url": "https://github.com/KishanBagaria/padding-oracle-attacker", "description": "padding-oracle-attacker is a CLI tool and library to execute padding oracle attacks (which decrypts data encrypted in CBC mode) easily, with support for concurrent network requests and an elegant UI.", "stars": "220"}, {"name": "is-website-vulnerable", "url": "https://github.com/lirantal/is-website-vulnerable", "description": "finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.", "stars": "2k"}, {"name": "PhpSploit", "url": "https://github.com/nil0x42/phpsploit", "description": "Full-featured C2 framework which silently persists on webserver via evil PHP oneliner. Built for stealth persistence, with many privilege-escalation & post-exploitation features.", "stars": "2.4k"}, {"name": "Keyscope", "url": "https://github.com/SpectralOps/keyscope", "description": "Keyscope is an extensible key and secret validation for checking active secrets against multiple SaaS vendors built in Rust", "stars": "409"}, {"name": "Cyclops", "url": "https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking", "description": "The Cyclops is a web browser with XSS detection feature, it is chromium-based xss detection that used to find the flows from a source to a sink.", "stars": "126"}, {"name": "Scanmycode CE (Community Edition)", "url": "https://github.com/marcinguy/scanmycode-ce", "description": "Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report. Currently supports: PHP, Java, Scala, Python, Ruby, Javascript, GO, Secret Scanning, Dependency Confusion, Trojan Source, Open Source and Proprietary Checks (total ca. 1000 checks)"}, {"name": "recon", "url": "https://github.com/rusty-ferris-club/recon", "description": "a fast Rust based CLI that uses SQL to query over files, code, or malware with content classification and processing for security experts", "stars": "37"}, {"name": "CakeFuzzer", "url": "https://github.com/Zigrin-Security/CakeFuzzer", "description": "The ultimate web application security testing tool for CakePHP-based web applications. CakeFuzzer employs a predefined set of attacks that are randomly modified before execution. Leveraging its deep understanding of the Cake PHP framework, Cake Fuzzer launches attacks on all potential application entry points.", "stars": "105"}, {"name": "Artemis", "url": "https://github.com/CERT-Polska/Artemis/", "description": "A modular vulnerability scanner with automatic report generation capabilities.", "stars": "1.1k"}, {"name": "Trust Scan", "url": "https://github.com/undeadlist/trust-scan", "description": "URL security scanner with WHOIS, SSL, threat intelligence (URLhaus, PhishTank, Spamhaus), and 40+ scam/phishing pattern detection. Includes optional AI analysis via Ollama. ([Demo](https://aibuilds.net))", "stars": "2"}, {"name": "react2shell-scanner", "url": "https://github.com/nxgn-kd01/react2shell-scanner", "description": "Detect CVE-2025-55182 (React2Shell) RCE vulnerability in React Server Components. Scans React 19.x and Next.js projects for critical remote code execution flaws.", "stars": "2"}, {"name": "shai-hulud-scanner", "url": "https://github.com/nxgn-kd01/shai-hulud-scanner", "description": "Detect indicators of compromise from the Shai Hulud 2.0 npm supply chain attack that compromised 796+ packages. Performs comprehensive security checks for malicious files, hashes, and patterns.", "stars": "2"}], "notes": []}, {"name": "Security \u2014 Runtime Application Self-Protection", "entries": [{"name": "Sqreen", "url": "https://www.sqreen.io/", "description": "Sqreen is a Runtime Application Self-Protection (RASP) solution for software teams. An in-app agent instruments and monitors the app. Suspicious user activities are reported and attacks are blocked at runtime without code modification or traffic redirection."}, {"name": "OpenRASP", "url": "https://github.com/baidu/openrasp", "description": "An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load.", "stars": "3k"}], "notes": []}, {"name": "Security \u2014 Development", "entries": [{"name": "API Security in Action", "url": "https://www.manning.com/books/api-security-in-action", "description": "Book covering API security including secure development, token-based authentication, JSON Web Tokens, OAuth 2, and Macaroons. (early access, published continuously, final release summer 2020)"}, {"name": "Secure by Design", "url": "https://www.manning.com/books/secure-by-design?a_aid=danbjson\\&a_bid=0b3fac80", "description": "Book that identifies design patterns and coding styles that make lots of security vulnerabilities less likely. (early access, published continuously, final release fall 2017)"}, {"name": "Understanding API Security", "url": "https://www.manning.com/books/understanding-api-security", "description": "Free eBook sampler that gives some context for how API security works in the real world by showing how APIs are put together and how the OAuth protocol can be used to protect them."}, {"name": "OAuth 2 in Action", "url": "https://www.manning.com/books/oauth-2-in-action", "description": "Book that teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server."}, {"name": "OWASP ZAP Node API", "url": "https://github.com/zaproxy/zap-api-nodejs", "description": "Leverage the OWASP Zed Attack Proxy (ZAP) within your NodeJS applications with this official API.", "stars": "57"}, {"name": "GuardRails", "url": "https://github.com/apps/guardrails", "description": "A GitHub App that provides security feedback in Pull Requests."}, {"name": "Bearer", "url": "https://github.com/Bearer/bearer", "description": "Scan code for security risks and vulnerabilities leading to sensitive data exposures.", "stars": "2.6k"}, {"name": "Checkov", "url": "https://github.com/bridgecrewio/checkov/", "description": "A static analysis tool for infrastucture as code (Terraform).", "stars": "8.4k"}, {"name": "TFSec", "url": "https://github.com/tfsec/tfsec/", "description": "A static analysis tool for infrastucture as code (Terraform).", "stars": "7k"}, {"name": "KICS", "url": "https://github.com/Checkmarx/kics", "description": "Scans IaC projects for security vulnerabilities, compliance issues, and infrastructure misconfiguration. Currently working with Terraform projects, Kubernetes manifests, Dockerfiles, AWS CloudFormation Templates, and Ansible playbooks.", "stars": "2.6k"}, {"name": "Insider CLI", "url": "https://github.com/insidersec/insider", "description": "A open source Static Application Security Testing tool (SAST) written in GoLang for Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C# and Javascript (Node.js).", "stars": "553"}, {"name": "Full Stack Python Security", "url": "https://www.manning.com/books/full-stack-python-security", "description": "A comprehensive look at cybersecurity for Python developers"}, {"name": "Making Sense of Cyber Security", "url": "https://www.manning.com/books/making-sense-of-cyber-security", "description": "A jargon-free, practical guide to the key concepts, terminology, and technologies of cybersecurity perfect for anyone planning or implementing a security strategy. (early access, published continuously, final release early 2022)"}, {"name": "Security Checklist by OWASP", "url": "https://owasp.org/www-project-application-security-verification-standard/", "description": "A checklist by OWASP for testing web applications based on assurance level. Covers multiple topics like Architecture, IAM, Sanitization, Cryptography and Secure Configuration."}, {"name": "Pompelmi", "url": "https://github.com/pompelmi/pompelmi", "description": "Node.js file-upload malware scanner with MIME sniffing, ZIP-bomb protection and optional YARA rules.", "stars": "464"}, {"name": "PayloadsAllTheThings", "url": "https://github.com/swisskyrepo/PayloadsAllTheThings", "description": "A list of useful payloads and bypass for Web Application Security and Pentest/CTF", "stars": "75k"}, {"name": "Redcloud", "url": "https://github.com/khast3x/Redcloud", "description": "A automated Red Team Infrastructure deployement using Docker.", "stars": "1.3k"}, {"name": "Axiom", "url": "https://github.com/pry0cc/axiom", "description": "Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security.", "stars": "4.3k"}, {"name": "MutableSecurity", "url": "https://github.com/MutableSecurity/mutablesecurity", "description": "CLI program for automating the setup, configuration, and use of cybersecurity solutions.", "stars": "50"}, {"name": "Usable Security Course", "url": "https://pt.coursera.org/learn/usable-security", "description": "Usable Security course at coursera. Quite good for those looking for how security and usability intersects."}, {"name": "data\\_hacking", "url": "https://github.com/ClickSecurity/data_hacking", "description": "Examples of using IPython, Pandas, and Scikit Learn to get the most out of your security data.", "stars": "784"}, {"name": "hadoop-pcap", "url": "https://github.com/RIPE-NCC/hadoop-pcap", "description": "Hadoop library to read packet capture (PCAP) files.", "stars": "212"}, {"name": "Workbench", "url": "http://workbench.readthedocs.org/", "description": "A scalable python framework for security research and development teams."}, {"name": "OpenSOC", "url": "https://github.com/OpenSOC/opensoc", "description": "OpenSOC integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis.", "stars": "582"}, {"name": "Apache Metron (incubating)", "url": "https://github.com/apache/incubator-metron", "description": "Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis.", "stars": "868"}, {"name": "Apache Spot (incubating)", "url": "https://github.com/apache/incubator-spot", "description": "Apache Spot is open source software for leveraging insights from flow and packet analysis.", "stars": "354"}, {"name": "binarypig", "url": "https://github.com/endgameinc/binarypig", "description": "Scalable Binary Data Extraction in Hadoop. Malware Processing and Analytics over Pig, Exploration through Django, Twitter Bootstrap, and Elasticsearch.", "stars": "144"}, {"name": "Matano", "url": "https://github.com/matanolabs/matano", "description": "Open source serverless security lake platform on AWS that lets you ingest, store, and analyze petabytes of security data into an Apache Iceberg data lake and run realtime Python detections as code.", "stars": "1.7k"}, {"name": "VAST", "url": "https://github.com/tenzir/vast", "description": "Open source security data pipeline engine for structured event data, supporting high-volume telemetry ingestion, compaction, and retrieval; purpose-built for security content execution, guided threat hunting, and large-scale investigation.", "stars": "719"}, {"name": "Securing DevOps", "url": "https://manning.com/books/securing-devops", "description": "A book on Security techniques for DevOps that reviews state of the art practices used in securing web applications and their infrastructure."}, {"name": "ansible-os-hardening", "url": "https://github.com/dev-sec/ansible-os-hardening", "description": "Ansible role for OS hardening", "stars": "5.2k"}, {"name": "Trivy", "url": "https://github.com/aquasecurity/trivy", "description": "A simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for CI.", "stars": "32k"}, {"name": "Preflight", "url": "https://github.com/spectralops/preflight", "description": "helps you verify scripts and executables to mitigate supply chain attacks in your CI and other systems.", "stars": "156"}, {"name": "Teller", "url": "https://github.com/spectralops/teller", "description": "a secrets management tool for devops and developers - manage secrets across multiple vaults and keystores from a single place.", "stars": "3.2k"}, {"name": "cve-ape", "url": "https://github.com/baalmor/cve-ape", "description": "A non-intrusive CVE scanner for embedding in test and CI environments that can scan package lists and individual packages for existing CVEs via locally stored CVE database. Can also be used as an offline CVE scanner for e.g. OT/ICS.", "stars": "5"}, {"name": "Selefra", "url": "https://github.com/selefra/selefra", "description": "An open-source policy-as-code software that provides analytics for multi-cloud and SaaS.", "stars": "544"}, {"name": "shellfirm", "url": "https://github.com/kaplanelad/shellfirm", "description": "It is a handy utility to help avoid running dangerous commands with an extra approval step. You will immediately get a small prompt challenge that will double verify your action when risky patterns are detected.", "stars": "879"}, {"name": "shellclear", "url": "https://github.com/rusty-ferris-club/shellclear", "description": "It helps you to Secure your shell history commands by finding sensitive commands in your all history commands and allowing you to clean them.", "stars": "226"}], "notes": []}, {"name": "Security \u2014 Privacy & Security", "entries": [{"name": "Qubes OS", "url": "https://www.qubes-os.org/", "description": "Qubes OS is a free and open-source security-oriented operating system meant for single-user desktop computing."}, {"name": "Whonix", "url": "https://www.whonix.org", "description": "Operating System designed for anonymity."}, {"name": "Tails OS", "url": "https://tails.boum.org/", "description": "Tails is a portable operating system that protects against surveillance and censorship."}], "notes": []}, {"name": "Security \u2014 Online resources", "entries": [{"name": "Security related Operating Systems @ Rawsec", "url": "https://inventory.raw.pm/operating_systems.html", "description": "Complete list of security related operating systems"}, {"name": "Best Linux Penetration Testing Distributions @ CyberPunk", "url": "https://www.cyberpunk.rs/category/pentest-linux-distros", "description": "Description of main penetration testing distributions"}, {"name": "Security @ Distrowatch", "url": "http://distrowatch.com/search.php?category=Security", "description": "Website dedicated to talking about, reviewing and keeping up to date with open source operating systems"}, {"name": "Hardening Windows 10", "url": "https://www.hardenwindows10forsecurity.com/", "description": "Guide for hardening Windows 10"}, {"name": "databunker", "url": "https://databunker.org/", "description": "Databunker is an address book on steroids for storing personal data. GDPR and encryption are out of the box."}, {"name": "acra", "url": "https://github.com/cossacklabs/acra", "description": "Database security suite: proxy for data protection with transparent \"on the fly\" data encryption, data masking and tokenization, SQL firewall (SQL injections prevention), intrusion detection system.", "stars": "1.5k"}, {"name": "blackbox", "url": "https://github.com/StackExchange/blackbox", "description": "Safely store secrets in a VCS repo using GPG", "stars": "6.8k"}, {"name": "confidant", "url": "https://github.com/lyft/confidant", "description": "Stores secrets in AWS DynamoDB, encrypted at rest and integrates with IAM", "stars": "1.9k"}, {"name": "dotgpg", "url": "https://github.com/ConradIrwin/dotgpg", "description": "A tool for backing up and versioning your production secrets or shared passwords securely and easily.", "stars": "168"}, {"name": "redoctober", "url": "https://github.com/cloudflare/redoctober", "description": "Server for two-man rule style file encryption and decryption.", "stars": "1.4k"}, {"name": "aws-vault", "url": "https://github.com/99designs/aws-vault", "description": "Store AWS credentials in the OSX Keychain or an encrypted file", "stars": "9k"}, {"name": "credstash", "url": "https://github.com/fugue/credstash", "description": "Store secrets using AWS KMS and DynamoDB", "stars": "2.1k"}, {"name": "chamber", "url": "https://github.com/segmentio/chamber", "description": "Store secrets using AWS KMS and SSM Parameter Store", "stars": "2.6k"}, {"name": "Safe", "url": "https://github.com/starkandwayne/safe", "description": "A Vault CLI that makes reading from and writing to the Vault easier to do.", "stars": "421"}, {"name": "Sops", "url": "https://github.com/mozilla/sops", "description": "An editor of encrypted files that supports YAML, JSON and BINARY formats and encrypts with AWS KMS and PGP.", "stars": "21k"}, {"name": "passbolt", "url": "https://www.passbolt.com/", "description": "The password manager your team was waiting for. Free, open source, extensible, based on OpenPGP."}, {"name": "passpie", "url": "https://github.com/marcwebbie/passpie", "description": "Multiplatform command-line password manager", "stars": "922"}, {"name": "Vault", "url": "https://www.vaultproject.io/", "description": "An encrypted datastore secure enough to hold environment and application secrets."}, {"name": "LunaSec", "url": "https://github.com/lunasec-io/lunasec", "description": "Database for PII with automatic encryption/tokenization, sandboxed components for handling data, and centralized authorization controls.", "stars": "1.5k"}, {"name": "FingerprintJS", "url": "https://github.com/fingerprintjs/fingerprintjs", "description": "Identifies browser and hybrid mobile application users even when they purge data storage. Allows you to detect account takeovers, account sharing and repeated malicious activity.", "stars": "26k"}, {"name": "FingerprintJS Android", "url": "https://github.com/fingerprintjs/fingerprint-android", "description": "Identifies Android application users even when they purge data storage. Allows you to detect account takeovers, account sharing and repeated malicious activity.", "stars": "677"}, {"name": "Holistic Info-Sec for Web Developers", "url": "https://holisticinfosecforwebdevelopers.com/", "description": "Free and downloadable book series with very broad and deep coverage of what Web Developers and DevOps Engineers need to know in order to create robust, reliable, maintainable and secure software, networks and other, that are delivered continuously, on time, with no nasty surprises"}, {"name": "Docker Security - Quick Reference: For DevOps Engineers", "url": "https://binarymist.io/publication/docker-security/", "description": "A book on understanding the Docker security defaults, how to improve them (theory and practical), along with many tools and techniques."}, {"name": "How to Hack Like a Pornstar", "url": "https://books2read.com/u/bWzdBx", "description": "A step by step process for breaking into a BANK, Sparc Flow, 2017"}, {"name": "How to Hack Like a Legend", "url": "https://amzn.to/2uWh1Up", "description": "A hacker\u2019s tale breaking into a secretive offshore company, Sparc Flow, 2018"}, {"name": "How to Investigate Like a Rockstar", "url": "https://books2read.com/u/4jDWoZ", "description": "Live a real crisis to master the secrets of forensic analysis, Sparc Flow, 2017"}, {"name": "Real World Cryptography", "url": "https://www.manning.com/books/real-world-cryptography", "description": "This early-access book teaches you applied cryptographic techniques to understand and apply security at every level of your systems and applications."}, {"name": "AWS Security", "url": "https://www.manning.com/books/aws-security?utm_source=github\\&utm_medium=organic\\&utm_campaign=book_shields_aws_1_31_20", "description": "This early-access book covers commong AWS security issues and best practices for access policies, data protection, auditing, continuous monitoring, and incident response."}, {"name": "The Art of Network Penetration Testing", "url": "https://www.manning.com/books/the-art-of-network-penetration-testing", "description": "Book that is a hands-on guide to running your own penetration test on an enterprise network. (early access, published continuously, final release December 2020)"}, {"name": "Spring Boot in Practice", "url": "https://www.manning.com/books/spring-boot-in-practice", "description": "Book that is a practical guide which presents dozens of relevant scenarios in a convenient problem-solution-discussion format.. (early access, published continuously, final release fall 2021)"}, {"name": "Self-Sovereign Identity", "url": "https://www.manning.com/books/self-sovereign-identity", "description": "A book about how SSI empowers us to receive digitally-signed credentials, store them in private wallets, and securely prove our online identities. (early access, published continuously, final release fall 2021)"}, {"name": "Data Privacy", "url": "https://www.manning.com/books/data-privacy", "description": "A book that teaches you to implement technical privacy solutions and tools at scale. (early access, published continuously, final release January 2022)"}, {"name": "Cyber Security Career Guide", "url": "https://www.manning.com/books/cyber-security-career-guide", "description": "Kickstart a career in cyber security by learning how to adapt your existing technical and non-technical skills. (early access, published continuously, final release Summer 2022)"}, {"name": "Secret Key Cryptography", "url": "https://www.manning.com/books/secret-key-cryptography", "description": "A book about cryptographic techniques and Secret Key methods. (early access, published continuously, final release Summer 2022)"}, {"name": "The Security Engineer Handbook", "url": "https://securityhandbook.io/", "description": "A short read that discusses the dos and dont's of working in a security team, and the many tricks and tips that can help you in your day-to-day as a security engineer."}, {"name": "Cyber Threat Hunting", "url": "https://www.manning.com/books/cyber-threat-hunting", "description": "Practical guide to cyber threat hunting."}, {"name": "Edge Computing Technology and Applications", "url": "https://www.manning.com/books/edge-computing-technology-and-applications", "description": "A book about the business and technical foundation you need to create your edge computing strategy."}, {"name": "Spring Security in Action, Second Edition", "url": "https://www.manning.com/books/spring-security-in-action-second-edition", "description": "A book about designing and developing Spring applications that are secure right from the start."}, {"name": "Azure Security", "url": "https://www.manning.com/books/azure-security-2", "description": "A practical guide to the native security services of Microsoft Azure."}, {"name": "Node.js Secure Coding: Defending Against Command Injection Vulnerabilities", "url": "https://www.nodejs-security.com", "description": "Learn secure coding conventions in Node.js by executing command injection attacks on real-world npm packages and analyzing vulnerable code."}, {"name": "Node.js Secure Coding: Prevention and Exploitation of Path Traversal Vulnerabilities", "url": "https://www.nodejs-security.com/book/path-traversal", "description": "Master secure coding in Node.js with real-world vulnerable dependencies and experience firsthand secure coding techniques against Path Traversal vulnerabilities."}, {"name": "Grokking Web Application Security", "url": "https://www.manning.com/books/grokking-web-application-security", "description": "A book about building web apps that are ready for and resilient to any attack."}], "notes": []}, {"name": "Security \u2014 Other Security Awesome Lists", "entries": [{"name": "Android Security Awesome", "url": "https://github.com/ashishb/android-security-awesome", "description": "A collection of android security related resources.", "stars": "9.2k"}, {"name": "Awesome ARM Exploitation", "url": "https://github.com/HenryHoggard/awesome-arm-exploitation", "description": "A curated list of ARM exploitation resources.", "stars": "357"}, {"name": "Awesome CTF", "url": "https://github.com/apsdehal/awesome-ctf", "description": "A curated list of CTF frameworks, libraries, resources and software.", "stars": "11k"}, {"name": "Awesome Cyber Skills", "url": "https://github.com/joe-shenouda/awesome-cyber-skills", "description": "A curated list of hacking environments where you can train your cyber skills legally and safely.", "stars": "4.2k"}, {"name": "Awesome Personal Security", "url": "https://github.com/Lissy93/personal-security-checklist", "description": "A curated list of digital security and privacy tips, with links to further resources.", "stars": "21k"}, {"name": "Awesome Hacking", "url": "https://github.com/carpedm20/awesome-hacking", "description": "A curated list of awesome Hacking tutorials, tools and resources.", "stars": "16k"}, {"name": "Awesome Honeypots", "url": "https://github.com/paralax/awesome-honeypots", "description": "An awesome list of honeypot resources.", "stars": "10k"}, {"name": "Awesome Malware Analysis", "url": "https://github.com/rshipp/awesome-malware-analysis", "description": "A curated list of awesome malware analysis tools and resources.", "stars": "13k"}, {"name": "Awesome Security Newsletters", "url": "https://github.com/TalEliyahu/awesome-security-newsletters", "description": "A curated list of awesome newsletters to keep up to date on security news via e-mail.", "stars": "1.2k"}, {"name": "Awesome PCAP Tools", "url": "https://github.com/caesar0301/awesome-pcaptools", "description": "A collection of tools developed by other researchers in the Computer Science area to process network traces.", "stars": "3.4k"}, {"name": "Awesome Pentest", "url": "https://github.com/enaqx/awesome-pentest", "description": "A collection of awesome penetration testing resources, tools and other shiny things.", "stars": "25k"}, {"name": "Awesome Privacy", "url": "https://github.com/lissy93/awesome-privacy", "description": "A curated list of privacy-respecting software and services.", "stars": "8.8k"}, {"name": "Awesome Linux Containers", "url": "https://github.com/Friz-zy/awesome-linux-containers", "description": "A curated list of awesome Linux Containers frameworks, libraries and software.", "stars": "2k"}, {"name": "Awesome Incident Response", "url": "https://github.com/meirwah/awesome-incident-response", "description": "A curated list of resources for incident response.", "stars": "8.8k"}, {"name": "Awesome Web Hacking", "url": "https://github.com/infoslack/awesome-web-hacking", "description": "This list is for anyone wishing to learn about web application security but do not have a starting point.", "stars": "6.8k"}, {"name": "Awesome Electron.js Hacking", "url": "https://github.com/doyensec/awesome-electronjs-hacking", "description": "A curated list of awesome resources about Electron.js (in)security", "stars": "657"}, {"name": "Awesome Threat Intelligence", "url": "https://github.com/hslatman/awesome-threat-intelligence", "description": "A curated list of threat intelligence resources.", "stars": "9.7k"}, {"name": "Awesome Threat Modeling", "url": "https://github.com/redshiftzero/awesome-threat-modeling", "description": "A curated list of Threat Modeling resources.", "stars": "144"}, {"name": "Awesome Pentest Cheat Sheets", "url": "https://github.com/coreb1t/awesome-pentest-cheat-sheets", "description": "Collection of the cheat sheets useful for pentesting", "stars": "4.3k"}, {"name": "Awesome Industrial Control System Security", "url": "https://github.com/mpesen/awesome-industrial-control-system-security", "description": "A curated list of resources related to Industrial Control System (ICS) security.", "stars": "32"}, {"name": "Awesome YARA", "url": "https://github.com/InQuest/awesome-yara", "description": "A curated list of awesome YARA rules, tools, and people.", "stars": "4.1k"}, {"name": "Awesome Threat Detection and Hunting", "url": "https://github.com/0x4D31/awesome-threat-detection", "description": "A curated list of awesome threat detection and hunting resources.", "stars": "4.5k"}, {"name": "Awesome Container Security", "url": "https://github.com/kai5263499/container-security-awesome", "description": "A curated list of awesome resources related to container building and runtime security", "stars": "17"}, {"name": "Awesome Crypto Papers", "url": "https://github.com/pFarb/awesome-crypto-papers", "description": "A curated list of cryptography papers, articles, tutorials and howtos.", "stars": "2k"}, {"name": "Awesome Shodan Search Queries", "url": "https://github.com/jakejarvis/awesome-shodan-queries", "description": "A collection of interesting, funny, and depressing search queries to plug into Shodan.io.", "stars": "7.2k"}, {"name": "Awesome Censys Queries", "url": "https://github.com/thehappydinoa/awesome-censys-queries", "description": "A collection of fascinating and bizarre Censys Search Queries.", "stars": "1.2k"}, {"name": "Awesome Anti Forensics", "url": "https://github.com/remiflavien1/awesome-anti-forensic", "description": "A collection of awesome tools used to counter forensics activities.", "stars": "969"}, {"name": "Awesome Security Talks & Videos", "url": "https://github.com/PaulSec/awesome-sec-talks", "description": "A curated list of awesome security talks, organized by year and then conference.", "stars": "4.2k"}, {"name": "Awesome Bluetooth Security", "url": "https://github.com/engn33r/awesome-bluetooth-security", "description": "A curated list of Bluetooth security resources.", "stars": "589"}, {"name": "Awesome WebSocket Security", "url": "https://github.com/PalindromeLabs/awesome-websocket-security", "description": "A curated list of WebSocket security resources.", "stars": "299"}, {"name": "Security Acronyms", "url": "https://github.com/cloudsecurelab/security-acronyms", "description": "A curated list of security related acronyms and concepts", "stars": "42"}, {"name": "Awesome SOAR", "url": "https://github.com/correlatedsecurity/Awesome-SOAR", "description": "A curated Cyber \"Security Orchestration, Automation and Response (SOAR)\" resources list.", "stars": "934"}, {"name": "Awesome Security Hardening", "url": "https://github.com/decalage2/awesome-security-hardening", "description": "A collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources.", "stars": "6.1k"}], "notes": []}, {"name": "Security \u2014 Other Common Awesome Lists", "entries": [{"name": "awesome-awesomeness", "url": "https://github.com/bayandin/awesome-awesomeness", "description": "awesome-\\* or \\*-awesome lists.", "stars": "33k"}, {"name": "lists", "url": "https://github.com/jnv/lists", "description": "The definitive list of (awesome) lists curated on GitHub.", "stars": "11k"}, {"name": "Movies For Hacker", "url": "https://github.com/k4m4/movies-for-hackers", "description": "A curated list of movies every hacker & cyberpunk must watch.", "stars": "12k"}, {"name": "Awesome Self-Hosted", "url": "https://github.com/awesome-selfhosted/awesome-selfhosted", "description": "", "stars": "270k"}, {"name": "Awesome Analytics", "url": "https://github.com/0xnr/awesome-analytics", "description": "", "stars": "4.2k"}, {"name": "Awesome Sysadmin", "url": "https://github.com/awesome-foss/awesome-sysadmin", "description": "", "stars": "33k"}], "notes": []}], "total_entries": 312}, {"name": "Cybersecurity Blueteam", "subcategories": [{"name": "Cybersecurity Blueteam", "entries": [{"name": "Automation and Convention", "url": "#automation-and-convention", "description": ""}, {"name": "Cloud platform security", "url": "#cloud-platform-security", "description": ""}, {"name": "Communications security (COMSEC)", "url": "#communications-security-comsec", "description": ""}, {"name": "DevSecOps", "url": "#devsecops", "description": ""}, {"name": "Honeypots", "url": "#honeypots", "description": ""}, {"name": "Host-based tools", "url": "#host-based-tools", "description": ""}, {"name": "Identity and AuthN/AuthZ", "url": "#identity-and-authnauthz", "description": ""}, {"name": "Incident Response tools", "url": "#incident-response-tools", "description": ""}, {"name": "Network perimeter defenses", "url": "#network-perimeter-defenses", "description": ""}, {"name": "Operating System distributions", "url": "#operating-system-distributions", "description": ""}, {"name": "Phishing awareness and reporting", "url": "#phishing-awareness-and-reporting", "description": ""}, {"name": "Preparedness training and wargaming", "url": "#preparedness-training-and-wargaming", "description": ""}, {"name": "Security configurations", "url": "#security-configurations", "description": ""}, {"name": "Security monitoring", "url": "#security-monitoring", "description": ""}, {"name": "Threat intelligence", "url": "#threat-intelligence", "description": ""}, {"name": "Tor Onion service defenses", "url": "#tor-onion-service-defenses", "description": ""}, {"name": "Transport-layer defenses", "url": "#transport-layer-defenses", "description": ""}, {"name": "macOS-based defenses", "url": "#macos-based-defenses", "description": ""}, {"name": "Windows-based defenses", "url": "#windows-based-defenses", "description": ""}, {"name": "Ansible Lockdown", "url": "https://ansiblelockdown.io/", "description": "Curated collection of information security themed Ansible roles that are both vetted and actively maintained."}, {"name": "Clevis", "url": "https://github.com/latchset/clevis", "description": "Plugable framework for automated decryption, often used as a Tang client.", "stars": "836"}, {"name": "DShell", "url": "https://github.com/USArmyResearchLab/Dshell", "description": "Extensible network forensic analysis framework written in Python that enables rapid development of plugins to support the dissection of network packet captures.", "stars": "5.4k"}, {"name": "Dev-Sec.io", "url": "https://dev-sec.io/", "description": "Server hardening framework providing Ansible, Chef, and Puppet implementations of various baseline security configurations."}, {"name": "Password Manager Resources", "url": "https://github.com/apple/password-manager-resources", "description": "Collaborative, crowd-sourced data and code to make password management better.", "stars": "4.1k"}, {"name": "peepdf", "url": "https://eternal-todo.com/tools/peepdf-pdf-analysis-tool", "description": "Scriptable PDF file analyzer."}, {"name": "PyREBox", "url": "https://talosintelligence.com/pyrebox", "description": "Python-scriptable reverse engineering sandbox, based on QEMU."}, {"name": "Watchtower", "url": "https://containrrr.dev/watchtower/", "description": "Container-based solution for automating Docker container base image updates, providing an unattended upgrade experience."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Code libraries and bindings", "entries": [{"name": "MultiScanner", "url": "https://github.com/mitre/multiscanner", "description": "File analysis framework written in Python that assists in evaluating a set of files by automatically running a suite of tools against them and aggregating the output.", "stars": "615"}, {"name": "Posh-VirusTotal", "url": "https://github.com/darkoperator/Posh-VirusTotal", "description": "PowerShell interface to VirusTotal.com APIs.", "stars": "113"}, {"name": "censys-python", "url": "https://github.com/censys/censys-python", "description": "Python wrapper to the Censys REST API.", "stars": "380"}, {"name": "libcrafter", "url": "https://github.com/pellegre/libcrafter", "description": "High level C++ network packet sniffing and crafting library.", "stars": "296"}, {"name": "python-dshield", "url": "https://github.com/rshipp/python-dshield", "description": "Pythonic interface to the Internet Storm Center/DShield API.", "stars": "24"}, {"name": "python-sandboxapi", "url": "https://github.com/InQuest/python-sandboxapi", "description": "Minimal, consistent Python API for building integrations with malware sandboxes.", "stars": "132"}, {"name": "python-stix2", "url": "https://github.com/oasis-open/cti-python-stix2", "description": "Python APIs for serializing and de-serializing Structured Threat Information eXpression (STIX) JSON content, plus higher-level APIs for common tasks.", "stars": "356"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Security Orchestration, Automation, and Response (SOAR)", "entries": [{"name": "Shuffle", "url": "https://shuffler.io/", "description": "Graphical generalized workflow (automation) builder for IT professionals and blue teamers."}, {"name": "Aaia", "url": "https://github.com/rams3sh/Aaia", "description": "Helps in visualizing AWS IAM and Organizations in a graph format with help of Neo4j.", "stars": "282"}, {"name": "Falco", "url": "https://falco.org/", "description": "Behavioral activity monitor designed to detect anomalous activity in containerized applications, hosts, and network packet flows by auditing the Linux kernel and enriched by runtime data such as Kubernetes metrics."}, {"name": "Kata Containers", "url": "https://katacontainers.io/", "description": "Secure container runtime with lightweight virtual machines that feel and perform like containers, but provide stronger workload isolation using hardware virtualization technology as a second layer of defense."}, {"name": "Principal Mapper (PMapper)", "url": "https://github.com/nccgroup/PMapper", "description": "Quickly evaluate IAM permissions in AWS via script and library capable of identifying risks in the configuration of AWS Identity and Access Management (IAM) for an AWS account or an AWS organization.", "stars": "1.4k"}, {"name": "Prowler", "url": "https://github.com/toniblyx/prowler", "description": "Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.", "stars": "10k"}, {"name": "Scout Suite", "url": "https://github.com/nccgroup/ScoutSuite", "description": "Open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments.", "stars": "6.3k"}, {"name": "gVisor", "url": "https://github.com/google/gvisor", "description": "Application kernel, written in Go, that implements a substantial portion of the Linux system surface to provide an isolation boundary between the application and the host kernel.", "stars": "15k"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Distributed monitoring", "entries": [{"name": "Cortex", "url": "https://cortexmetrics.io/", "description": "Provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus."}, {"name": "Jaeger", "url": "https://www.jaegertracing.io/", "description": "Distributed tracing platform backend used for monitoring and troubleshooting microservices-based distributed systems."}, {"name": "OpenTelemetry", "url": "https://opentelemetry.io/", "description": "Observability framework for cloud-native software, comprising a collection of tools, APIs, and SDKs for exporting application performance metrics to a tracing backend (formerly maintained by the OpenTracing and OpenCensus projects)."}, {"name": "Prometheus", "url": "https://prometheus.io/", "description": "Open-source systems monitoring and alerting toolkit originally built at SoundCloud."}, {"name": "Zipkin", "url": "https://zipkin.io/", "description": "Distributed tracing system backend that helps gather timing data needed to troubleshoot latency problems in service architectures."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Kubernetes", "entries": [{"name": "KubeSec", "url": "https://kubesec.io/", "description": "Static analyzer of Kubernetes manifests that can be run locally, as a Kuberenetes admission controller, or as its own cloud service."}, {"name": "Kyverno", "url": "https://kyverno.io/", "description": "Policy engine designed for Kubernetes."}, {"name": "Linkerd", "url": "https://linkerd.io/", "description": "Ultra light Kubernetes-specific service mesh that adds observability, reliability, and security to Kubernetes applications without requiring any modification of the application itself."}, {"name": "Managed Kubernetes Inspection Tool (MKIT)", "url": "https://github.com/darkbitio/mkit", "description": "Query and validate several common security-related configuration settings of managed Kubernetes cluster objects and the workloads/resources running inside the cluster.", "stars": "401"}, {"name": "Polaris", "url": "https://polaris.docs.fairwinds.com/", "description": "Validates Kubernetes best practices by running tests against code commits, a Kubernetes admission request, or live resources already running in a cluster."}, {"name": "Sealed Secrets", "url": "https://github.com/bitnami-labs/sealed-secrets", "description": "Kubernetes controller and tool for one-way encrypted Secrets.", "stars": "7.3k"}, {"name": "certificate-expiry-monitor", "url": "https://github.com/muxinc/certificate-expiry-monitor", "description": "Utility that exposes the expiry of TLS certificates as Prometheus metrics.", "stars": "159"}, {"name": "k-rail", "url": "https://github.com/cruise-automation/k-rail", "description": "Workload policy enforcement tool for Kubernetes.", "stars": "445"}, {"name": "kube-forensics", "url": "https://github.com/keikoproj/kube-forensics", "description": "Allows a cluster administrator to dump the current state of a running pod and all its containers so that security professionals can perform off-line forensic analysis.", "stars": "212"}, {"name": "kube-hunter", "url": "https://kube-hunter.aquasec.com/", "description": "Open-source tool that runs a set of tests (\"hunters\") for security issues in Kubernetes clusters from either outside (\"attacker's view\") or inside a cluster."}, {"name": "kubernetes-event-exporter", "url": "https://github.com/opsgenie/kubernetes-event-exporter", "description": "Allows exporting the often missed Kubernetes events to various outputs so that they can be used for observability or alerting purposes.", "stars": "1k"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Service meshes", "entries": [{"name": "Consul", "url": "https://consul.io/", "description": "Solution to connect and configure applications across dynamic, distributed infrastructure and, with Consul Connect, enabling secure service-to-service communication with automatic TLS encryption and identity-based authorization."}, {"name": "Istio", "url": "https://istio.io/", "description": "Open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data."}, {"name": "GPG Sync", "url": "https://github.com/firstlookmedia/gpgsync", "description": "Centralize and automate OpenPGP public key distribution, revocation, and updates amongst all members of an organization or team.", "stars": "344"}, {"name": "Geneva (Genetic Evasion)", "url": "https://censorship.ai/", "description": "Novel experimental genetic algorithm that evolves packet-manipulation-based censorship evasion strategies against nation-state level censors to increase availability of otherwise blocked content."}, {"name": "GlobaLeaks", "url": "https://www.globaleaks.org/", "description": "Free, open source software enabling anyone to easily set up and maintain a secure whistleblowing platform."}, {"name": "SecureDrop", "url": "https://securedrop.org/", "description": "Open source whistleblower submission system that media organizations and NGOs can install to securely accept documents from anonymous sources."}, {"name": "Teleport", "url": "https://goteleport.com/", "description": "Allows engineers and security professionals to unify access for SSH servers, Kubernetes clusters, web applications, and databases across all environments."}, {"name": "Bane", "url": "https://github.com/genuinetools/bane", "description": "Custom and better AppArmor profile generator for Docker containers.", "stars": "1.2k"}, {"name": "BlackBox", "url": "https://github.com/StackExchange/blackbox", "description": "Safely store secrets in Git/Mercurial/Subversion by encrypting them \"at rest\" using GnuPG.", "stars": "6.6k"}, {"name": "Checkov", "url": "https://www.checkov.io/", "description": "Static analysis for Terraform (infrastructure as code) to help detect CIS policy violations and prevent cloud security misconfiguration."}, {"name": "Cilium", "url": "https://cilium.io/", "description": "Open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes."}, {"name": "Clair", "url": "https://github.com/coreos/clair", "description": "Static analysis tool to probe for vulnerabilities introduced via application container (e.g., Docker) images.", "stars": "10k"}, {"name": "CodeQL", "url": "https://securitylab.github.com/tools/codeql", "description": "Discover vulnerabilities across a codebase by performing queries against code as though it were data."}, {"name": "DefectDojo", "url": "https://www.defectdojo.org/", "description": "Application vulnerability management tool built for DevOps and continuous security integration."}, {"name": "Gauntlt", "url": "http://gauntlt.org/", "description": "Pentest applications during routine continuous integration build pipelines."}, {"name": "Git Secrets", "url": "https://github.com/awslabs/git-secrets", "description": "Prevents you from committing passwords and other sensitive information to a git repository.", "stars": "12k"}, {"name": "SOPS", "url": "https://github.com/mozilla/sops", "description": "Editor of encrypted files that supports YAML, JSON, ENV, INI and binary formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, and PGP.", "stars": "16k"}, {"name": "Snyk", "url": "https://snyk.io/", "description": "Finds and fixes vulnerabilities and license violations in open source dependencies and container images."}, {"name": "SonarQube", "url": "https://sonarqube.org", "description": "Continuous inspection tool that provides detailed reports during automated testing and alerts on newly introduced security vulnerabilities."}, {"name": "Trivy", "url": "https://github.com/aquasecurity/trivy", "description": "Simple and comprehensive vulnerability scanner for containers and other artifacts, suitable for use in continuous integration pipelines.", "stars": "22k"}, {"name": "Vault", "url": "https://www.vaultproject.io/", "description": "Tool for securely accessing secrets such as API keys, passwords, or certificates through a unified interface."}, {"name": "git-crypt", "url": "https://www.agwa.name/projects/git-crypt/", "description": "Transparent file encryption in git; files which you choose to protect are encrypted when committed, and decrypted when checked out."}, {"name": "helm-secrets", "url": "https://github.com/jkroepke/helm-secrets", "description": "Helm plugin that helps manage secrets with Git workflow and stores them anywhere, backed by SOPS.", "stars": "1.4k"}, {"name": "terrascan", "url": "https://runterrascan.io/", "description": "Static code analyzer for Infrastructure as Code tools that helps detect compliance and security violations to mitigate risk before provisioning cloud native resources."}, {"name": "tfsec", "url": "https://aquasecurity.github.io/tfsec/", "description": "Static analysis security scanner for your Terraform code designed to run locally and in CI pipelines."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Application or Binary Hardening", "entries": [{"name": "DynInst", "url": "https://dyninst.org/dyninst", "description": "Tools for binary instrumentation, analysis, and modification, useful for binary patching."}, {"name": "DynamoRIO", "url": "https://dynamorio.org/", "description": "Runtime code manipulation system that supports code transformations on any part of a program, while it executes, implemented as a process-level virtual machine."}, {"name": "Egalito", "url": "https://egalito.org/", "description": "Binary recompiler and instrumentation framework that can fully disassemble, transform, and regenerate ordinary Linux binaries designed for binary hardening and security research."}, {"name": "Valgrind", "url": "https://www.valgrind.org/", "description": "Instrumentation framework for building dynamic analysis tools."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Compliance testing and reporting", "entries": [{"name": "Chef InSpec", "url": "https://www.chef.io/products/chef-inspec", "description": "Language for describing security and compliance rules, which become automated tests that can be run against IT infrastructures to discover and report on non-compliance."}, {"name": "OpenSCAP Base", "url": "https://www.open-scap.org/tools/openscap-base/", "description": "Both a library and a command line tool (`oscap`) used to evaluate a system against SCAP baseline profiles to report on the security posture of the scanned system(s)."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Dependency confusion", "entries": [{"name": "Dependency Combobulator", "url": "https://github.com/apiiro/combobulator", "description": "Open source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.", "stars": "85"}, {"name": "Confusion checker", "url": "https://github.com/sonatype-nexus-community/repo-diff", "description": "Script to check if you have artifacts containing the same name between your repositories.", "stars": "60"}, {"name": "snync", "url": "https://github.com/snyk-labs/snync", "description": "Prevent and detect if you're vulnerable to dependency confusion supply chain security attacks.", "stars": "36"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Fuzzing", "entries": [{"name": "Atheris", "url": "https://pypi.org/project/atheris/", "description": "Coverage-guided Python fuzzing engine based off of libFuzzer that supports fuzzing of Python code but also native extensions written for CPython."}, {"name": "FuzzBench", "url": "https://google.github.io/fuzzbench/", "description": "Free service that evaluates fuzzers on a wide variety of real-world benchmarks, at Google scale."}, {"name": "OneFuzz", "url": "https://github.com/microsoft/onefuzz", "description": "Self-hosted Fuzzing-as-a-Service (FaaS) platform.", "stars": "2.8k"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Policy enforcement", "entries": [{"name": "AllStar", "url": "https://github.com/ossf/allstar", "description": "GitHub App installed on organizations or repositories to set and enforce security policies.", "stars": "1.2k"}, {"name": "Conftest", "url": "https://conftest.dev/", "description": "Utility to help you write tests against structured configuration data."}, {"name": "Open Policy Agent (OPA)", "url": "https://www.openpolicyagent.org/", "description": "Unified toolset and framework for policy across the cloud native stack."}, {"name": "Regula", "url": "https://regula.dev/", "description": "Checks infrastructure as code templates (Terraform, CloudFormation, K8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego."}, {"name": "Tang", "url": "https://github.com/latchset/tang", "description": "Server for binding data to network presence; provides data to clients only when they are on a certain (secured) network.", "stars": "474"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Supply chain security", "entries": [{"name": "Grafeas", "url": "https://grafeas.io/", "description": "Open artifact metadata API to audit and govern your software supply chain."}, {"name": "Helm GPG (GnuPG) Plugin", "url": "https://github.com/technosophos/helm-gpg", "description": "Chart signing and verification with GnuPG for Helm.", "stars": "25"}, {"name": "Notary", "url": "https://github.com/theupdateframework/notary", "description": "Aims to make the internet more secure by making it easy for people to publish and verify content.", "stars": "3.2k"}, {"name": "in-toto", "url": "https://in-toto.io/", "description": "Framework to secure the integrity of software supply chains."}, {"name": "CanaryTokens", "url": "https://github.com/thinkst/canarytokens", "description": "Self-hostable honeytoken generator and reporting dashboard; demo version available at [CanaryTokens.org](https://canarytokens.org/).", "stars": "1.7k"}, {"name": "Kushtaka", "url": "https://kushtaka.org", "description": "Sustainable all-in-one honeypot and honeytoken orchestrator for under-resourced blue teams."}, {"name": "Manuka", "url": "https://github.com/spaceraccoon/manuka", "description": "Open-sources intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.", "stars": "321"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Tarpits", "entries": [{"name": "Endlessh", "url": "https://github.com/skeeto/endlessh", "description": "SSH tarpit that slowly sends an endless banner.", "stars": "7k"}, {"name": "LaBrea", "url": "http://labrea.sourceforge.net/labrea-info.html", "description": "Program that answers ARP requests for unused IP space, creating the appearance of fake machines that answer further requests very slowly in order to slow down scanners, worms, etcetera."}, {"name": "Artillery", "url": "https://github.com/BinaryDefense/artillery", "description": "Combination honeypot, filesystem monitor, and alerting system designed to protect Linux and Windows operating systems.", "stars": "991"}, {"name": "Crowd Inspect", "url": "https://www.crowdstrike.com/resources/community-tools/crowdinspect-tool/", "description": "Free tool for Windows systems aimed to alert you to the presence of malware that may be communicating over the network."}, {"name": "Fail2ban", "url": "https://www.fail2ban.org/", "description": "Intrusion prevention software framework that protects computer servers from brute-force attacks."}, {"name": "Open Source HIDS SECurity (OSSEC)", "url": "https://www.ossec.net/", "description": "Fully open source and free, feature-rich, Host-based Instrusion Detection System (HIDS)."}, {"name": "Rootkit Hunter (rkhunter)", "url": "http://rkhunter.sourceforge.net/", "description": "POSIX-compliant Bash script that scans a host for various signs of malware."}, {"name": "Shufflecake", "url": "https://shufflecake.net/", "description": "Plausible deniability for multiple hidden filesystems on Linux."}, {"name": "USB Keystroke Injection Protection", "url": "https://github.com/google/ukip", "description": "Daemon for blocking USB keystroke injection devices on Linux systems.", "stars": "499"}, {"name": "chkrootkit", "url": "http://chkrootkit.org/", "description": "Locally checks for signs of a rootkit on GNU/Linux systems."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Sandboxes", "entries": [{"name": "Bubblewrap", "url": "https://github.com/containers/bubblewrap", "description": "Sandboxing tool for use by unprivileged Linux users capable of restricting access to parts of the operating system or user data.", "stars": "3.8k"}, {"name": "Dangerzone", "url": "https://dangerzone.rocks/", "description": "Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF."}, {"name": "Firejail", "url": "https://firejail.wordpress.com/", "description": "SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf."}, {"name": "Gluu Server", "url": "https://gluu.org/", "description": "Central authentication and authorization for Web and mobile applications with a Free and Open Source Software cloud-native community distribution."}, {"name": "LogonTracer", "url": "https://github.com/JPCERTCC/LogonTracer", "description": "Investigate malicious Windows logon by visualizing and analyzing Windows event log.", "stars": "2.7k"}, {"name": "Volatility", "url": "https://www.volatilityfoundation.org/", "description": "Advanced memory forensics framework."}, {"name": "aws\\_ir", "url": "https://github.com/ThreatResponse/aws_ir", "description": "Automates your incident response with zero security preparedness assumptions.", "stars": "339"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 IR management consoles", "entries": [{"name": "CIRTKit", "url": "https://github.com/opensourcesec/CIRTKit", "description": "Scriptable Digital Forensics and Incident Response (DFIR) toolkit built on Viper.", "stars": "141"}, {"name": "Fast Incident Response (FIR)", "url": "https://github.com/certsocietegenerale/FIR", "description": "Cybersecurity incident management platform allowing for easy creation, tracking, and reporting of cybersecurity incidents.", "stars": "1.7k"}, {"name": "Rekall", "url": "http://www.rekall-forensic.com/", "description": "Advanced forensic and incident response framework."}, {"name": "TheHive", "url": "https://thehive-project.org/", "description": "Scalable, free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, and CERTs, featuring tight integration with MISP."}, {"name": "threat\\_note", "url": "https://github.com/defpoint/threat_note", "description": "Web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research.", "stars": "422"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Evidence collection", "entries": [{"name": "AutoMacTC", "url": "https://github.com/CrowdStrike/automactc", "description": "Modular, automated forensic triage collection framework designed to access various forensic artifacts on macOS, parse them, and present them in formats viable for analysis.", "stars": "515"}, {"name": "OSXAuditor", "url": "https://github.com/jipegit/OSXAuditor", "description": "Free macOS computer forensics tool.", "stars": "3.1k"}, {"name": "OSXCollector", "url": "https://github.com/Yelp/osxcollector", "description": "Forensic evidence collection & analysis toolkit for macOS.", "stars": "1.9k"}, {"name": "ir-rescue", "url": "https://github.com/diogo-fernan/ir-rescue", "description": "Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.", "stars": "456"}, {"name": "Margarita Shotgun", "url": "https://github.com/ThreatResponse/margaritashotgun", "description": "Command line utility (that works with or without Amazon EC2 instances) to parallelize remote memory acquisition.", "stars": "236"}, {"name": "Untitled Goose Tool", "url": "https://github.com/cisagov/untitledgoosetool", "description": "Assists incident response teams by exporting cloud artifacts from Azure/AzureAD/M365 environments in order to run a full investigation despite lacking in logs ingested by a SIEM.", "stars": "899"}, {"name": "Gatekeeper", "url": "https://github.com/AltraMayor/gatekeeper", "description": "First open source Distributed Denial of Service (DDoS) protection system.", "stars": "1.3k"}, {"name": "fwknop", "url": "https://www.cipherdyne.org/fwknop/", "description": "Protects ports via Single Packet Authorization in your firewall."}, {"name": "ssh-audit", "url": "https://github.com/jtesta/ssh-audit", "description": "Simple tool that makes quick recommendations for improving an SSH server's security posture.", "stars": "3.2k"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Firewall appliances or distributions", "entries": [{"name": "IPFire", "url": "https://www.ipfire.org/", "description": "Hardened GNU/Linux based router and firewall distribution forked from IPCop."}, {"name": "OPNsense", "url": "https://opnsense.org/", "description": "Hardened FreeBSD based firewall and routing platform forked from pfSense."}, {"name": "pfSense", "url": "https://www.pfsense.org/", "description": "FreeBSD firewall and router distribution forked from m0n0wall."}, {"name": "Computer Aided Investigative Environment (CAINE)", "url": "https://caine-live.net/", "description": "Italian GNU/Linux live distribution that pre-packages numerous digital forensics and evidence collection tools."}, {"name": "Security Onion", "url": "https://securityonionsolutions.com/", "description": "Free and open source GNU/Linux distribution for intrusion detection, enterprise security monitoring, and log management."}, {"name": "Qubes OS", "url": "https://qubes-os.org/", "description": "Desktop environment built atop the Xen hypervisor project that runs each end-user program in its own virtual machine intended to provide strict security controls to constrain the reach of any successful malware exploit."}, {"name": "CertSpotter", "url": "https://github.com/SSLMate/certspotter", "description": "Certificate Transparency log monitor from SSLMate that alerts you when a SSL/TLS certificate is issued for one of your domains.", "stars": "943"}, {"name": "Gophish", "url": "https://getgophish.com/", "description": "Powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing."}, {"name": "King Phisher", "url": "https://github.com/securestate/king-phisher", "description": "Tool for testing and promoting user awareness by simulating real world phishing attacks.", "stars": "2.2k"}, {"name": "NotifySecurity", "url": "https://github.com/certsocietegenerale/NotifySecurity", "description": "Outlook add-in used to help your users to report suspicious e-mails to security teams.", "stars": "127"}, {"name": "Phishing Intelligence Engine (PIE)", "url": "https://github.com/LogRhythm-Labs/PIE", "description": "Framework that will assist with the detection and response to phishing attacks.", "stars": "179"}, {"name": "Swordphish", "url": "https://github.com/certsocietegenerale/swordphish-awareness", "description": "Platform allowing to create and manage (fake) phishing campaigns intended to train people in identifying suspicious mails.", "stars": "216"}, {"name": "mailspoof", "url": "https://github.com/serain/mailspoof", "description": "Scans SPF and DMARC records for issues that could allow email spoofing.", "stars": "113"}, {"name": "phishing\\_catcher", "url": "https://github.com/x0rz/phishing_catcher", "description": "Configurable script to watch for issuances of suspicious TLS certificates by domain name in the Certificate Transparency Log (CTL) using the [CertStream](https://certstream.calidog.io/) service.", "stars": "1.7k"}, {"name": "APTSimulator", "url": "https://github.com/NextronSystems/APTSimulator", "description": "Toolset to make a system look as if it was the victim of an APT attack.", "stars": "2.4k"}, {"name": "Atomic Red Team", "url": "https://atomicredteam.io/", "description": "Library of simple, automatable tests to execute for testing security controls."}, {"name": "BadBlood", "url": "https://www.secframe.com/badblood/", "description": "Fills a test (non-production) Windows Domain with data that enables security analysts and engineers to practice using tools to gain an understanding and prescribe to securing Active Directory."}, {"name": "Caldera", "url": "https://caldera.mitre.org/", "description": "Scalable, automated, and extensible adversary emulation platform developed by MITRE."}, {"name": "Drool", "url": "https://www.dns-oarc.net/tools/drool", "description": "Replay DNS traffic from packet capture files and send it to a specified server, such as for simulating DDoS attacks on the DNS and measuring normal DNS querying."}, {"name": "DumpsterFire", "url": "https://github.com/TryCatchHCF/DumpsterFire", "description": "Modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events for Blue Team drills and sensor/alert mapping.", "stars": "976"}, {"name": "Infection Monkey", "url": "https://www.guardicore.com/infectionmonkey/", "description": "Open-source breach and attack simulation (BAS) platform that helps you validate existing controls and identify how attackers might exploit your current network security gaps."}, {"name": "Metta", "url": "https://github.com/uber-common/metta", "description": "Automated information security preparedness tool to do adversarial simulation.", "stars": "1.1k"}, {"name": "Network Flight Simulator (`flightsim`)", "url": "https://github.com/alphasoc/flightsim", "description": "Utility to generate malicious network traffic and help security teams evaluate security controls and audit their network visibility.", "stars": "1.2k"}, {"name": "RedHunt OS", "url": "https://github.com/redhuntlabs/RedHunt-OS", "description": "Ubuntu-based Open Virtual Appliance (`.ova`) preconfigured with several threat emulation tools as well as a defender's toolkit.", "stars": "1.2k"}, {"name": "Stratus Red Team", "url": "https://stratus-red-team.cloud/", "description": "Emulate offensive attack techniques in a granular and self-contained manner against a cloud environment; think \"Atomic Red Team\u2122 for the cloud.\""}, {"name": "tcpreplay", "url": "https://tcpreplay.appneta.com/", "description": "Suite of free Open Source utilities for editing and replaying previously captured network traffic originally designed to replay malicious traffic patterns to Intrusion Detection/Prevention Systems."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Post-engagement analysis and reporting", "entries": [{"name": "RedEye", "url": "https://cisagov.github.io/RedEye/", "description": "Analytic tool to assist both Red and Blue teams with visualizing and reporting command and control activities, replay and demonstrate attack paths, and more clearly communicate remediation recommendations to stakeholders."}, {"name": "Bunkerized-nginx", "url": "https://github.com/bunkerity/bunkerized-nginx", "description": "Docker image of an NginX configuration and scripts implementing many defensive techniques for Web sites.", "stars": "3.8k"}, {"name": "Crossfeed", "url": "https://docs.crossfeed.cyber.dhs.gov/", "description": "Continuously enumerates and monitors an organization\u2019s public-facing attack surface in order to discover assets and flag potential security flaws."}, {"name": "Starbase", "url": "https://github.com/JupiterOne/starbase", "description": "Collects assets and relationships from services and systems into an intuitive graph view to offer graph-based security analysis for everyone.", "stars": "333"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Endpoint Detection and Response (EDR)", "entries": [{"name": "Wazuh", "url": "https://wazuh.com/", "description": "Open source, multiplatform agent-based security monitoring based on a fork of OSSEC HIDS."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Network Security Monitoring (NSM)", "entries": [{"name": "Arkime", "url": "https://github.com/arkime/arkime", "description": "Augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.", "stars": "6.2k"}, {"name": "ChopShop", "url": "https://github.com/MITRECND/chopshop", "description": "Framework to aid analysts in the creation and execution of pynids-based decoders and detectors of APT tradecraft.", "stars": "487"}, {"name": "Maltrail", "url": "https://github.com/stamparm/maltrail", "description": "Malicious network traffic detection system.", "stars": "5.9k"}, {"name": "OwlH", "url": "https://www.owlh.net/", "description": "Helps manage network IDS at scale by visualizing Suricata, Zeek, and Moloch life cycles."}, {"name": "Real Intelligence Threat Analysis (RITA)", "url": "https://github.com/activecm/rita", "description": "Open source framework for network traffic analysis that ingests Zeek logs and detects beaconing, DNS tunneling, and more.", "stars": "7"}, {"name": "Respounder", "url": "https://github.com/codeexpress/respounder", "description": "Detects the presence of the Responder LLMNR/NBT-NS/MDNS poisoner on a network.", "stars": "312"}, {"name": "Snort", "url": "https://snort.org/", "description": "Widely-deployed, Free Software IPS capable of real-time packet analysis, traffic logging, and custom rule-based triggers."}, {"name": "SpoofSpotter", "url": "https://github.com/NetSPI/SpoofSpotter", "description": "Catch spoofed NetBIOS Name Service (NBNS) responses and alert to an email or log file.", "stars": "48"}, {"name": "Stenographer", "url": "https://github.com/google/stenographer", "description": "Full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes.", "stars": "1.8k"}, {"name": "Suricata", "url": "https://suricata-ids.org/", "description": "Free, cross-platform, IDS/IPS with on- and off-line analysis modes and deep packet inspection capabilities that is also scriptable with Lua."}, {"name": "Tsunami", "url": "https://github.com/google/tsunami-security-scanner", "description": "General purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.", "stars": "8.2k"}, {"name": "VAST", "url": "https://github.com/tenzir/vast", "description": "Free and open-source network telemetry engine for data-driven security investigations.", "stars": "622"}, {"name": "Wireshark", "url": "https://www.wireshark.org", "description": "Free and open-source packet analyzer useful for network troubleshooting or forensic netflow analysis."}, {"name": "Zeek", "url": "https://zeek.org/", "description": "Powerful network analysis framework focused on security monitoring, formerly known as Bro."}, {"name": "netsniff-ng", "url": "http://netsniff-ng.org/", "description": "Free and fast GNU/Linux networking toolkit with numerous utilities such as a connection tracking tool (`flowtop`), traffic generator (`trafgen`), and autonomous system (AS) trace route utility (`astraceroute`)."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Security Information and Event Management (SIEM)", "entries": [{"name": "AlienVault OSSIM", "url": "https://www.alienvault.com/open-threat-exchange/projects", "description": "Single-server open source SIEM platform featuring asset discovery, asset inventorying, behavioral monitoring, and event correlation, driven by AlienVault Open Threat Exchange (OTX)."}, {"name": "Prelude SIEM OSS", "url": "https://www.prelude-siem.org/", "description": "Open source, agentless SIEM with a long history and several commercial variants featuring security event collection, normalization, and alerting from arbitrary log input and numerous popular monitoring tools."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Service and performance monitoring", "entries": [{"name": "Icinga", "url": "https://icinga.com/", "description": "Modular redesign of Nagios with pluggable user interfaces and an expanded set of data connectors, collectors, and reporting tools."}, {"name": "Locust", "url": "https://locust.io/", "description": "Open source load testing tool in which you can define user behaviour with Python code and swarm your system with millions of simultaneous users."}, {"name": "Nagios", "url": "https://nagios.org", "description": "Popular network and service monitoring solution and reporting platform."}, {"name": "OpenNMS", "url": "https://opennms.org/", "description": "Free and feature-rich networking monitoring system supporting multiple configurations, a variety of alerting mechanisms (email, XMPP, SMS), and numerous data collection methods (SNMP, HTTP, JDBC, etc)."}, {"name": "osquery", "url": "https://github.com/facebook/osquery", "description": "Operating system instrumentation framework for macOS, Windows, and Linux, exposing the OS as a high-performance relational database that can be queried with a SQL-like syntax.", "stars": "22k"}, {"name": "Zabbix", "url": "https://www.zabbix.com/", "description": "Mature, enterprise-level platform to monitor large-scale IT environments."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Threat hunting", "entries": [{"name": "CimSweep", "url": "https://github.com/PowerShellMafia/CimSweep", "description": "Suite of CIM/WMI-based tools enabling remote incident response and hunting operations across all versions of Windows.", "stars": "636"}, {"name": "DeepBlueCLI", "url": "https://github.com/sans-blue-team/DeepBlueCLI", "description": "PowerShell module for hunt teaming via Windows Event logs.", "stars": "2.1k"}, {"name": "GRR Rapid Response", "url": "https://github.com/google/grr", "description": "Incident response framework focused on remote live forensics consisting of a Python agent installed on assets and Python-based server infrastructure enabling analysts to quickly triage attacks and perform analysis remotely.", "stars": "4.7k"}, {"name": "Hunting ELK (HELK)", "url": "https://github.com/Cyb3rWard0g/HELK", "description": "All-in-one Free Software threat hunting stack based on Elasticsearch, Logstash, Kafka, and Kibana with various built-in integrations for analytics including Jupyter Notebook.", "stars": "3.7k"}, {"name": "Logging Made Easy (LME)", "url": "https://www.cisa.gov/resources-tools/services/logging-made-easy", "description": "Free and open logging and protective monitoring solution serving."}, {"name": "MozDef", "url": "https://github.com/mozilla/MozDef", "description": "Automate the security incident handling process and facilitate the real-time activities of incident handlers.", "stars": "2.2k"}, {"name": "PSHunt", "url": "https://github.com/Infocyte/PSHunt", "description": "PowerShell module designed to scan remote endpoints for indicators of compromise or survey them for more comprehensive information related to state of those systems.", "stars": "276"}, {"name": "PSRecon", "url": "https://github.com/gfoss/PSRecon", "description": "PSHunt-like tool for analyzing remote Windows systems that also produces a self-contained HTML report of its findings.", "stars": "474"}, {"name": "PowerForensics", "url": "https://github.com/Invoke-IR/PowerForensics", "description": "All in one PowerShell-based platform to perform live hard disk forensic analysis.", "stars": "1.4k"}, {"name": "Redline", "url": "https://www.fireeye.com/services/freeware/redline.html", "description": "Freeware endpoint auditing and analysis tool that provides host-based investigative capabilities, offered by FireEye, Inc."}, {"name": "rastrea2r", "url": "https://github.com/rastrea2r/rastrea2r", "description": "Multi-platform tool for triaging suspected IOCs on many endpoints simultaneously and that integrates with antivirus consoles.", "stars": "235"}, {"name": "AttackerKB", "url": "https://attackerkb.com/", "description": "Free and public crowdsourced vulnerability assessment platform to help prioritize high-risk patch application and combat vulnerability fatigue."}, {"name": "DATA", "url": "https://github.com/hadojae/DATA", "description": "Credential phish analysis and automation tool that can accept suspected phishing URLs directly or trigger on observed network traffic containing such a URL.", "stars": "94"}, {"name": "Forager", "url": "https://github.com/opensourcesec/Forager", "description": "Multi-threaded threat intelligence gathering built with Python3 featuring simple text-based configuration and data storage for ease of use and data portability.", "stars": "167"}, {"name": "GRASSMARLIN", "url": "https://github.com/nsacyber/GRASSMARLIN", "description": "Provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by passively mapping, accounting for, and reporting on your ICS/SCADA network topology and endpoints.", "stars": "911"}, {"name": "MLSec Combine", "url": "https://github.com/mlsecproject/combine", "description": "Gather and combine multiple threat intelligence feed sources into one customizable, standardized CSV-based format.", "stars": "650"}, {"name": "Malware Information Sharing Platform and Threat Sharing (MISP)", "url": "https://misp-project.org/", "description": "Open source software solution for collecting, storing, distributing and sharing cyber security indicators."}, {"name": "Open Source Vulnerabilities (OSV)", "url": "https://osv.dev/", "description": "Vulnerability database and triage infrastructure for open source projects aimed at helping both open source maintainers and consumers of open source."}, {"name": "Sigma", "url": "https://github.com/Neo23x0/sigma", "description": "Generic signature format for SIEM systems, offering an open signature format that allows you to describe relevant log events in a straightforward manner.", "stars": "7.9k"}, {"name": "Threat Bus", "url": "https://github.com/tenzir/threatbus", "description": "Threat intelligence dissemination layer to connect security tools through a distributed publish/subscribe message broker.", "stars": "258"}, {"name": "ThreatIngestor", "url": "https://github.com/InQuest/ThreatIngestor", "description": "Extendable tool to extract and aggregate IOCs from threat feeds including Twitter, RSS feeds, or other sources.", "stars": "801"}, {"name": "Unfetter", "url": "https://nsacyber.github.io/unfetter/", "description": "Identifies defensive gaps in security posture by leveraging Mitre's ATT\\&CK framework."}, {"name": "Viper", "url": "https://github.com/viper-framework/viper", "description": "Binary analysis and management framework enabling easy organization of malware and exploit samples.", "stars": "1.5k"}, {"name": "YARA", "url": "https://github.com/VirusTotal/yara", "description": "Tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples, described as \"the pattern matching swiss army knife\" for file patterns and signatures.", "stars": "7.9k"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Fingerprinting", "entries": [{"name": "HASSH", "url": "https://github.com/salesforce/hassh", "description": "Network fingerprinting standard which can be used to identify specific client and server SSH implementations.", "stars": "531"}, {"name": "JA3", "url": "https://ja3er.com/", "description": "Extracts SSL/TLS handshake settings for fingerprinting and communicating about a given TLS implementation."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Threat signature packages and collections", "entries": [{"name": "ESET's Malware IoCs", "url": "https://github.com/eset/malware-ioc", "description": "Indicators of Compromises (IOCs) derived from ESET's various investigations.", "stars": "1.6k"}, {"name": "FireEye's Red Team Tool Countermeasures", "url": "https://github.com/fireeye/red_team_tool_countermeasures", "description": "Collection of Snort and YARA rules to detect attacks carried out with FireEye's own Red Team tools, first released after FireEye disclosed a breach in December 2020.", "stars": "2.6k"}, {"name": "FireEye's Sunburst Countermeasures", "url": "https://github.com/fireeye/sunburst_countermeasures", "description": "Collection of IoC in various languages for detecting backdoored SolarWinds Orion NMS activities and related vulnerabilities.", "stars": "560"}, {"name": "YARA Rules", "url": "https://github.com/Yara-Rules/rules", "description": "Project covering the need for IT security researchers to have a single repository where different Yara signatures are compiled, classified and kept as up to date as possible.", "stars": "4k"}, {"name": "OnionBalance", "url": "https://onionbalance.readthedocs.io/", "description": "Provides load-balancing while also making Onion services more resilient and reliable by eliminating single points-of-failure."}, {"name": "Vanguards", "url": "https://github.com/mikeperry-tor/vanguards", "description": "Version 3 Onion service guard discovery attack mitigation script (intended for eventual inclusion in Tor core).", "stars": "197"}, {"name": "Certbot", "url": "https://certbot.eff.org/", "description": "Free tool to automate the issuance and renewal of TLS certificates from the [LetsEncrypt Root CA](https://letsencrypt.org/) with plugins that configure various Web and e-mail server software."}, {"name": "MITMEngine", "url": "https://github.com/cloudflare/mitmengine", "description": "Golang library for server-side detection of TLS interception events.", "stars": "799"}, {"name": "Tor", "url": "https://torproject.org/", "description": "Censorship circumvention and anonymizing overlay network providing distributed, cryptographically verified name services (`.onion` domains) to enhance publisher privacy and service availability."}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Overlay and Virtual Private Networks (VPNs)", "entries": [{"name": "Firezone", "url": "https://www.firezone.dev/", "description": "Self-hosted VPN server built on WireGuard that supports MFA and SSO."}, {"name": "Headscale", "url": "https://github.com/juanfont/headscale", "description": "Open source, self-hosted implementation of the Tailscale control server.", "stars": "21k"}, {"name": "IPsec VPN Server Auto Setup Scripts", "url": "https://github.com/hwdsl2/setup-ipsec-vpn", "description": "Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2.", "stars": "24k"}, {"name": "Innernet", "url": "https://github.com/tonarino/innernet", "description": "Free Software private network system that uses WireGuard under the hood, made to be self-hosted.", "stars": "4.9k"}, {"name": "Nebula", "url": "https://github.com/slackhq/nebula", "description": "Completely open source and self-hosted, scalable overlay networking tool with a focus on performance, simplicity, and security, inspired by tinc.", "stars": "14k"}, {"name": "OpenVPN", "url": "https://openvpn.net/", "description": "Longstanding Free Software traditional SSL/TLS-based virtual private network."}, {"name": "OpenZITI", "url": "https://openziti.github.io/", "description": "Open source initiative focused on bringing Zero Trust to any application via an overlay network, tunelling applications, and numerous SDKs."}, {"name": "Tailscale", "url": "https://tailscale.com/", "description": "Managed freemium mesh VPN service built on top of WireGuard."}, {"name": "WireGuard", "url": "https://www.wireguard.com/", "description": "Extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography."}, {"name": "tinc", "url": "https://tinc-vpn.org/", "description": "Free Software mesh VPN implemented entirely in userspace that supports expandable network space, bridged ethernet segments, and more."}, {"name": "BlockBlock", "url": "https://objective-see.com/products/blockblock.html", "description": "Monitors common persistence locations and alerts whenever a persistent component is added, which helps to detect and prevent malware installation."}, {"name": "LuLu", "url": "https://objective-see.com/products/lulu.html", "description": "Free macOS firewall."}, {"name": "Santa", "url": "https://github.com/google/santa", "description": "Keep track of binaries that are naughty or nice in an allow/deny-listing system for macOS.", "stars": "4.4k"}, {"name": "Stronghold", "url": "https://github.com/alichtman/stronghold", "description": "Easily configure macOS security settings from the terminal.", "stars": "1.1k"}, {"name": "macOS Fortress", "url": "https://github.com/essandess/macOS-Fortress", "description": "Automated configuration of kernel-level, OS-level, and client-level security features including privatizing proxying and anti-virus scanning for macOS.", "stars": "407"}, {"name": "CobaltStrikeScan", "url": "https://github.com/Apr4h/CobaltStrikeScan", "description": "Scan files or process memory for Cobalt Strike beacons and parse their configuration.", "stars": "879"}, {"name": "HardenTools", "url": "https://github.com/securitywithoutborders/hardentools", "description": "Utility that disables a number of risky Windows features.", "stars": "2.9k"}, {"name": "NotRuler", "url": "https://github.com/sensepost/notruler", "description": "Detect both client-side rules and VBScript enabled forms used by the [Ruler (\u2b502.1k)](https://github.com/sensepost/ruler) attack tool when attempting to compromise a Microsoft Exchange server.", "stars": "91"}, {"name": "Sandboxie", "url": "https://www.sandboxie.com/", "description": "Free and open source general purpose Windows application sandboxing utility."}, {"name": "Sigcheck", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck", "description": "Audit a Windows host's root certificate store against Microsoft's [Certificate Trust List (CTL)](https://docs.microsoft.com/en-us/windows/desktop/SecCrypto/certificate-trust-list-overview)."}, {"name": "Sticky Keys Slayer", "url": "https://github.com/linuz/Sticky-Keys-Slayer", "description": "Establishes a Windows RDP session from a list of hostnames and scans for accessibility tools backdoors, alerting if one is discovered.", "stars": "324"}, {"name": "Windows Secure Host Baseline", "url": "https://github.com/nsacyber/Windows-Secure-Host-Baseline", "description": "Group Policy objects, compliance checks, and configuration tools that provide an automated and flexible approach for securely deploying and maintaining the latest releases of Windows 10.", "stars": "1.5k"}, {"name": "WMI Monitor", "url": "https://github.com/realparisi/WMI_Monitor", "description": "Log newly created WMI consumers and processes to the Windows Application event log.", "stars": "122"}], "notes": []}, {"name": "Cybersecurity Blueteam \u2014 Active Directory", "entries": [{"name": "Active Directory Control Paths", "url": "https://github.com/ANSSI-FR/AD-control-paths", "description": "Visualize and graph Active Directory permission configs (\"control relations\") to audit questions such as \"Who can read the CEO's email?\" and similar.", "stars": "649"}, {"name": "PingCastle", "url": "https://www.pingcastle.com/", "description": "Active Directory vulnerability detection and reporting tool."}, {"name": "PlumHound", "url": "https://github.com/PlumHound/PlumHound", "description": "More effectively use BloodHoundAD in continual security life-cycles by utilizing its pathfinding engine to identify Active Directory security vulnerabilities.", "stars": "1.1k"}], "notes": []}], "total_entries": 253}, {"name": "Incident Response", "subcategories": [{"name": "Incident Response", "entries": [{"name": "Adversary Emulation", "url": "#adversary-emulation", "description": ""}, {"name": "All-In-One Tools", "url": "#all-in-one-tools", "description": ""}, {"name": "Books", "url": "#books", "description": ""}, {"name": "Communities", "url": "#communities", "description": ""}, {"name": "Disk Image Creation Tools", "url": "#disk-image-creation-tools", "description": ""}, {"name": "Evidence Collection", "url": "#evidence-collection", "description": ""}, {"name": "Incident Management", "url": "#incident-management", "description": ""}, {"name": "Knowledge Bases", "url": "#knowledge-bases", "description": ""}, {"name": "Linux Distributions", "url": "#linux-distributions", "description": ""}, {"name": "Linux Evidence Collection", "url": "#linux-evidence-collection", "description": ""}, {"name": "Log Analysis Tools", "url": "#log-analysis-tools", "description": ""}, {"name": "Memory Analysis Tools", "url": "#memory-analysis-tools", "description": ""}, {"name": "Memory Imaging Tools", "url": "#memory-imaging-tools", "description": ""}, {"name": "OSX Evidence Collection", "url": "#osx-evidence-collection", "description": ""}, {"name": "Other Lists", "url": "#other-lists", "description": ""}, {"name": "Other Tools", "url": "#other-tools", "description": ""}, {"name": "Playbooks", "url": "#playbooks", "description": ""}, {"name": "Process Dump Tools", "url": "#process-dump-tools", "description": ""}, {"name": "Sandboxing/Reversing Tools", "url": "#sandboxingreversing-tools", "description": ""}, {"name": "Scanner Tools", "url": "#scanner-tools", "description": ""}, {"name": "Timeline Tools", "url": "#timeline-tools", "description": ""}, {"name": "Videos", "url": "#videos", "description": ""}, {"name": "Windows Evidence Collection", "url": "#windows-evidence-collection", "description": ""}], "notes": []}, {"name": "Incident Response \u2014 Adversary Emulation", "entries": [{"name": "APTSimulator", "url": "https://github.com/NextronSystems/APTSimulator", "description": "Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised.", "stars": "2.3k"}, {"name": "Atomic Red Team (ART)", "url": "https://github.com/redcanaryco/atomic-red-team", "description": "Small and highly portable detection tests mapped to the MITRE ATT\\&CK Framework.", "stars": "8.9k"}, {"name": "AutoTTP", "url": "https://github.com/jymcheong/AutoTTP", "description": "Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers.", "stars": "244"}, {"name": "Caldera", "url": "https://github.com/mitre/caldera", "description": "Automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT\\&CK\u2122) project.", "stars": "5.1k"}, {"name": "DumpsterFire", "url": "https://github.com/TryCatchHCF/DumpsterFire", "description": "Modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor /   alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations.", "stars": "962"}, {"name": "Metta", "url": "https://github.com/uber-common/metta", "description": "Information security preparedness tool to do adversarial simulation.", "stars": "1.1k"}, {"name": "Network Flight Simulator", "url": "https://github.com/alphasoc/flightsim", "description": "Lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility.", "stars": "1.2k"}, {"name": "Red Team Automation (RTA)", "url": "https://github.com/endgameinc/RTA", "description": "RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT\\&CK.", "stars": "1k"}, {"name": "RedHunt-OS", "url": "https://github.com/redhuntlabs/RedHunt-OS", "description": "Virtual machine for adversary emulation and threat hunting.", "stars": "1.2k"}], "notes": []}, {"name": "Incident Response \u2014 All-In-One Tools", "entries": [{"name": "Belkasoft Evidence Center", "url": "https://belkasoft.com/ec", "description": "The toolkit will quickly extract digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, JTAG and chip-off dumps."}, {"name": "CimSweep", "url": "https://github.com/PowerShellMafia/CimSweep", "description": "Suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.", "stars": "634"}, {"name": "CIRTkit", "url": "https://github.com/byt3smith/CIRTKit", "description": "CIRTKit is not just a collection of tools, but also a framework to aid in the ongoing unification of Incident Response and Forensics investigation processes.", "stars": "140"}, {"name": "Cyber Triage", "url": "http://www.cybertriage.com", "description": "Cyber Triage collects and analyzes host data to determine if it is compromised. It's scoring system and recommendation engine allow you to quickly focus on the important artifacts. It can import data from its collection tool, disk images, and other collectors (such as KAPE). It can run on an examiner's desktop or in a server model. Developed by Sleuth Kit Labs, which also makes Autopsy."}, {"name": "Dissect", "url": "https://github.com/fox-it/dissect", "description": "Dissect\u00a0is\u00a0a\u00a0digital\u00a0forensics\u00a0&\u00a0incident\u00a0response\u00a0framework\u00a0and\u00a0toolset\u00a0that\u00a0allows\u00a0you\u00a0to\u00a0quickly\u00a0access\u00a0and\u00a0analyse\u00a0forensic\u00a0artefacts\u00a0from\u00a0various\u00a0disk and file\u00a0formats,\u00a0developed\u00a0by\u00a0Fox-IT (part of NCC Group).", "stars": "841"}, {"name": "Doorman", "url": "https://github.com/mwielgoszewski/doorman", "description": "osquery fleet manager that allows remote management of osquery configurations retrieved by nodes. It takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness.", "stars": "616"}, {"name": "Falcon Orchestrator", "url": "https://github.com/CrowdStrike/falcon-orchestrator", "description": "Extendable Windows-based application that provides workflow automation, case management and security response functionality.", "stars": "183"}, {"name": "Flare", "url": "https://github.com/fireeye/flare-vm", "description": "A fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing.", "stars": "5.8k"}, {"name": "Fleetdm", "url": "https://github.com/fleetdm/fleet", "description": "State of the art host monitoring platform tailored for security experts. Leveraging Facebook's battle-tested osquery project, Fleetdm delivers continuous updates, features and fast answers to big questions.", "stars": "2k"}, {"name": "GRR Rapid Response", "url": "https://github.com/google/grr", "description": "Incident response framework focused on remote live forensics. It consists of a python agent (client) that is installed on target systems, and a python server infrastructure that can manage and talk to the agent. Besides the included Python API client, [PowerGRR (\u2b5056)](https://github.com/swisscom/PowerGRR) provides an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.", "stars": "4.6k"}, {"name": "IRIS", "url": "https://github.com/dfir-iris/iris-web", "description": "IRIS is a web collaborative platform for incident response analysts allowing to share investigations at a technical level.", "stars": "911"}, {"name": "Kuiper", "url": "https://github.com/DFIRKuiper/Kuiper", "description": "Digital Forensics Investigation Platform", "stars": "713"}, {"name": "Limacharlie", "url": "https://www.limacharlie.io/", "description": "Endpoint security platform composed of a collection of small projects all working together that gives you a cross-platform (Windows, OSX, Linux, Android and iOS) low-level environment for managing and pushing additional modules into memory to extend its functionality."}, {"name": "Matano", "url": "https://github.com/matanolabs/matano", "description": "", "stars": "1.3k"}, {"name": "MozDef", "url": "https://github.com/mozilla/MozDef", "description": "Automates the security incident handling process and facilitate the real-time activities of incident handlers.", "stars": "2.2k"}, {"name": "MutableSecurity", "url": "https://github.com/MutableSecurity/mutablesecurity", "description": "CLI program for automating the setup, configuration, and use of cybersecurity solutions.", "stars": "39"}, {"name": "nightHawk", "url": "https://github.com/biggiesmallsAG/nightHawkResponse", "description": "Application built for asynchronous forensic data presentation using ElasticSearch as the backend. It's designed to ingest Redline collections.", "stars": "596"}, {"name": "Open Computer Forensics Architecture", "url": "http://sourceforge.net/projects/ocfa/", "description": "Another popular distributed open-source computer forensics framework. This framework was built on Linux platform and uses postgreSQL database for storing data."}, {"name": "osquery", "url": "https://osquery.io/", "description": "Easily ask questions about your Linux and macOS infrastructure using a SQL-like query language; the provided *incident-response pack* helps you detect and respond to breaches."}, {"name": "Redline", "url": "https://www.fireeye.com/services/freeware/redline.html", "description": "Provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile."}, {"name": "SOC Multi-tool", "url": "https://github.com/zdhenard42/SOC-Multitool", "description": "A powerful and user-friendly browser extension that streamlines investigations for security professionals.", "stars": "307"}, {"name": "The Sleuth Kit & Autopsy", "url": "http://www.sleuthkit.org", "description": "Unix and Windows based tool which helps in forensic analysis of computers. It comes with various tools which helps in digital forensics. These tools help in analyzing disk images, performing in-depth analysis of file systems, and various other things."}, {"name": "TheHive", "url": "https://thehive-project.org/", "description": "Scalable 3-in-1 open source and free solution designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly."}, {"name": "Velociraptor", "url": "https://github.com/Velocidex/velociraptor", "description": "Endpoint visibility and collection tool", "stars": "2.6k"}, {"name": "X-Ways Forensics", "url": "http://www.x-ways.net/forensics/", "description": "Forensics tool for Disk cloning and imaging. It can be used to find deleted files and disk analysis."}, {"name": "Zentral", "url": "https://github.com/zentralopensource/zentral", "description": "Combines osquery's powerful endpoint inventory features with a flexible notification and action framework. This enables one to identify and react to changes on OS X and Linux clients.", "stars": "716"}], "notes": []}, {"name": "Incident Response \u2014 Books", "entries": [{"name": "Applied Incident Response", "url": "https://www.amazon.com/Applied-Incident-Response-Steve-Anson/dp/1119560268/", "description": "Steve Anson's book on Incident Response."}, {"name": "Art of Memory Forensics", "url": "https://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/", "description": "Detecting Malware and Threats in Windows, Linux, and Mac Memory."}, {"name": "Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan", "url": "https://www.amazon.com/Crafting-InfoSec-Playbook-Security-Monitoring/dp/1491949406", "description": "by Jeff Bollinger, Brandon Enright and Matthew Valites."}, {"name": "Digital Forensics and Incident Response: Incident response techniques and procedures to respond to modern cyber threats", "url": "https://www.amazon.com/Digital-Forensics-Incident-Response-techniques/dp/183864900X", "description": "by Gerard Johansen."}, {"name": "Introduction to DFIR", "url": "https://medium.com/@sroberts/introduction-to-dfir-d35d5de4c180/", "description": "By Scott J. Roberts."}, {"name": "Incident Response & Computer Forensics, Third Edition", "url": "https://www.amazon.com/Incident-Response-Computer-Forensics-Third/dp/0071798684/", "description": "The definitive guide to incident response."}, {"name": "Incident Response Techniques for Ransomware Attacks", "url": "https://www.amazon.com/Incident-Response-Techniques-Ransomware-Attacks/dp/180324044X", "description": "A great guide to build an incident response strategy for ransomware attacks. By Oleg Skulkin."}, {"name": "Incident Response with Threat Intelligence", "url": "https://www.amazon.com/Incident-response-Threat-Intelligence-intelligence-based/dp/1801072957", "description": "Great reference to build an incident response plan based also on Threat Intelligence. By Roberto Martinez."}, {"name": "Intelligence-Driven Incident Response", "url": "https://www.amazon.com/Intelligence-Driven-Incident-Response-Outwitting-Adversary-ebook-dp-B074ZRN5T7/dp/B074ZRN5T7", "description": "By Scott J. Roberts, Rebekah Brown."}, {"name": "Operator Handbook: Red Team + OSINT + Blue Team Reference", "url": "https://www.amazon.com/Operator-Handbook-Team-OSINT-Reference/dp/B085RR67H5/", "description": "Great reference for incident responders."}, {"name": "Practical Memory Forensics", "url": "https://www.amazon.com/Practical-Memory-Forensics-Jumpstart-effective/dp/1801070334", "description": "The definitive guide to practice memory forensics. By Svetlana Ostrovskaya and Oleg Skulkin."}, {"name": "The Practice of Network Security Monitoring: Understanding Incident Detection and Response", "url": "http://www.amazon.com/gp/product/1593275099", "description": "Richard Bejtlich's book on IR."}], "notes": []}, {"name": "Incident Response \u2014 Communities", "entries": [{"name": "Digital Forensics Discord Server", "url": "https://discordapp.com/invite/JUqe9Ek", "description": "Community of 8,000+ working professionals from Law Enforcement, Private Sector, and Forensic Vendors. Additionally, plenty of students and hobbyists! Guide [here](https://aboutdfir.com/a-beginners-guide-to-the-digital-forensics-discord-server/)."}, {"name": "Slack DFIR channel", "url": "https://dfircommunity.slack.com", "description": "Slack DFIR Communitiy channel - [Signup here](https://start.paloaltonetworks.com/join-our-slack-community)."}], "notes": []}, {"name": "Incident Response \u2014 Disk Image Creation Tools", "entries": [{"name": "AccessData FTK Imager", "url": "http://accessdata.com/product-download/?/support/adownloads#FTKImager", "description": "Forensics tool whose main purpose is to preview recoverable data from a disk of any kind. FTK Imager can also acquire live memory and paging file on 32bit and 64bit systems."}, {"name": "Bitscout", "url": "https://github.com/vitaly-kamluk/bitscout", "description": "Bitscout by Vitaly Kamluk helps you build your fully-trusted customizable LiveCD/LiveUSB image to be used for remote digital forensics (or perhaps any other task of your choice). It is meant to be transparent and monitorable by the owner of the system, forensically sound, customizable and compact.", "stars": "435"}, {"name": "GetData Forensic Imager", "url": "http://www.forensicimager.com/", "description": "Windows based program that will acquire, convert, or verify a forensic image in one of the following common forensic file formats."}, {"name": "Guymager", "url": "http://guymager.sourceforge.net", "description": "Free forensic imager for media acquisition on Linux."}, {"name": "Magnet ACQUIRE", "url": "https://www.magnetforensics.com/magnet-acquire/", "description": "ACQUIRE by Magnet Forensics allows various types of disk acquisitions to be performed on Windows, Linux, and OS X as well as mobile operating systems."}], "notes": []}, {"name": "Incident Response \u2014 Evidence Collection", "entries": [{"name": "Acquire", "url": "https://github.com/fox-it/acquire", "description": "Acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container. This makes Acquire an excellent tool to, among others, speedup the process of digital forensic triage. It uses [Dissect (\u2b50841)](https://github.com/fox-it/dissect) to gather that information from the raw disk, if possible.", "stars": "71"}, {"name": "artifactcollector", "url": "https://github.com/forensicanalysis/artifactcollector", "description": "The artifactcollector project provides a software that collects forensic artifacts on systems.", "stars": "234"}, {"name": "bulk\\_extractor", "url": "https://github.com/simsong/bulk_extractor", "description": "Computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. Because of ignoring the file system structure, the program distinguishes itself in terms of speed and thoroughness.", "stars": "987"}, {"name": "Cold Disk Quick Response", "url": "https://github.com/rough007/CDQR", "description": "Streamlined list of parsers to quickly analyze a forensic image file (`dd`, E01, `.vmdk`, etc) and output nine reports.", "stars": "326"}, {"name": "CyLR", "url": "https://github.com/orlikoski/CyLR", "description": "The CyLR tool collects forensic artifacts from hosts with NTFS file systems quickly, securely and minimizes impact to the host.", "stars": "598"}, {"name": "Forensic Artifacts", "url": "https://github.com/ForensicArtifacts/artifacts", "description": "Digital Forensics Artifact Repository", "stars": "966"}, {"name": "ir-rescue", "url": "https://github.com/diogo-fernan/ir-rescue", "description": "Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.", "stars": "447"}, {"name": "Live Response Collection", "url": "https://www.brimorlabs.com/tools/", "description": "Automated tool that collects volatile data from Windows, OSX, and \\*nix based operating systems."}, {"name": "Margarita Shotgun", "url": "https://github.com/ThreatResponse/margaritashotgun", "description": "Command line utility (that works with or without Amazon EC2 instances) to parallelize remote memory acquisition.", "stars": "236"}, {"name": "SPECTR3", "url": "https://github.com/alpine-sec/SPECTR3", "description": "Acquire, triage and investigate remote evidence via portable iSCSI readonly access", "stars": "30"}, {"name": "UAC", "url": "https://github.com/tclahr/uac", "description": "UAC (Unix-like Artifacts Collector) is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.", "stars": "590"}], "notes": []}, {"name": "Incident Response \u2014 Incident Management", "entries": [{"name": "Catalyst", "url": "https://github.com/SecurityBrewery/catalyst", "description": "A free SOAR system that helps to automate alert handling and incident response processes.", "stars": "265"}, {"name": "CyberCPR", "url": "https://www.cybercpr.com", "description": "Community and commercial incident management tool with Need-to-Know built in to support GDPR compliance while handling sensitive incidents."}, {"name": "Cyphon", "url": "https://medevel.com/cyphon/", "description": "Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow \u2014 aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents."}, {"name": "CORTEX XSOAR", "url": "https://www.paloaltonetworks.com/cortex/xsoar", "description": "Paloalto security orchestration, automation and response platform with full Incident lifecycle management and many integrations to enhance automations."}, {"name": "DFTimewolf", "url": "https://github.com/log2timeline/dftimewolf", "description": "A framework for orchestrating forensic collection, processing and data export.", "stars": "271"}, {"name": "DFIRTrack", "url": "https://github.com/dfirtrack/dfirtrack", "description": "Incident Response tracking application handling one or more incidents via cases and tasks with a lot of affected systems and artifacts.", "stars": "464"}, {"name": "Fast Incident Response (FIR)", "url": "https://github.com/certsocietegenerale/FIR/", "description": "Cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike.", "stars": "1.7k"}, {"name": "RTIR", "url": "https://www.bestpractical.com/rtir/", "description": "Request Tracker for Incident Response (RTIR) is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker."}, {"name": "Sandia Cyber Omni Tracker (SCOT)", "url": "https://github.com/sandialabs/scot", "description": "Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user.", "stars": "241"}, {"name": "Shuffle", "url": "https://github.com/frikky/Shuffle", "description": "A general purpose security automation platform focused on accessibility.", "stars": "1.2k"}, {"name": "threat\\_note", "url": "https://github.com/defpoint/threat_note", "description": "Lightweight investigation notebook that allows security researchers the ability to register and retrieve indicators related to their research.", "stars": "422"}, {"name": "Zenduty", "url": "https://www.zenduty.com", "description": "Zenduty is a novel incident management platform providing end-to-end incident alerting, on-call management and response orchestration, giving teams greater control and automation over the incident management lifecycle."}], "notes": []}, {"name": "Incident Response \u2014 Knowledge Bases", "entries": [{"name": "Digital Forensics Artifact Knowledge Base", "url": "https://github.com/ForensicArtifacts/artifacts-kb", "description": "Digital Forensics Artifact Knowledge Base", "stars": "68"}, {"name": "Windows Events Attack Samples", "url": "https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES", "description": "Windows Events Attack Samples", "stars": "2.1k"}, {"name": "Windows Registry Knowledge Base", "url": "https://github.com/libyal/winreg-kb", "description": "Windows Registry Knowledge Base", "stars": "150"}], "notes": []}, {"name": "Incident Response \u2014 Linux Distributions", "entries": [{"name": "The Appliance for Digital Investigation and Analysis (ADIA)", "url": "https://forensics.cert.org/#ADIA", "description": "VMware-based appliance used for digital investigation and acquisition and is built entirely from public domain software. Among the tools contained in ADIA are Autopsy, the Sleuth Kit, the Digital Forensics Framework, log2timeline, Xplico, and Wireshark. Most of the system maintenance uses Webmin. It is designed for small-to-medium sized digital investigations and acquisitions. The appliance runs under Linux, Windows, and Mac OS. Both i386 (32-bit) and x86\\_64 (64-bit) versions are available."}, {"name": "Computer Aided Investigative Environment (CAINE)", "url": "http://www.caine-live.net/index.html", "description": "Contains numerous tools that help investigators during their analysis, including forensic evidence collection."}, {"name": "CCF-VM", "url": "https://github.com/rough007/CCF-VM", "description": "CyLR CDQR Forensics Virtual Machine (CCF-VM): An all-in-one solution to parsing collected data, making it easily searchable with built-in common searches, enable searching of single and multiple hosts simultaneously.", "stars": "479"}, {"name": "NST - Network Security Toolkit", "url": "https://sourceforge.net/projects/nst/files/latest/download?source=files", "description": "Linux distribution that includes a vast collection of best-of-breed open source network security applications useful to the network security professional."}, {"name": "PALADIN", "url": "https://sumuri.com/software/paladin/", "description": "Modified Linux distribution to perform various forensics task in a forensically sound manner. It comes with many open source forensics tools included."}, {"name": "Security Onion", "url": "https://github.com/Security-Onion-Solutions/security-onion", "description": "Special Linux distro aimed at network security monitoring featuring advanced analysis tools.", "stars": "3.1k"}, {"name": "SANS Investigative Forensic Toolkit (SIFT) Workstation", "url": "http://digital-forensics.sans.org/community/downloads", "description": "Demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated."}], "notes": []}, {"name": "Incident Response \u2014 Linux Evidence Collection", "entries": [{"name": "FastIR Collector Linux", "url": "https://github.com/SekoiaLab/Fastir_Collector_Linux", "description": "FastIR for Linux collects different artifacts on live Linux and records the results in CSV files.", "stars": "165"}, {"name": "MAGNET DumpIt", "url": "https://github.com/MagnetForensics/dumpit-linux", "description": "Fast memory acquisition open source tool for Linux written in Rust. Generate full memory crash dumps of Linux machines.", "stars": "122"}], "notes": []}, {"name": "Incident Response \u2014 Log Analysis Tools", "entries": [{"name": "AppCompatProcessor", "url": "https://github.com/mbevilacqua/appcompatprocessor", "description": "AppCompatProcessor has been designed to extract additional value from enterprise-wide AppCompat / AmCache data beyond the classic stacking and grepping techniques.", "stars": "188"}, {"name": "APT Hunter", "url": "https://github.com/ahmedkhlief/APT-Hunter", "description": "APT-Hunter is Threat Hunting tool for windows event logs.", "stars": "1.1k"}, {"name": "Chainsaw", "url": "https://github.com/countercept/chainsaw", "description": "Chainsaw provides a powerful \u2018first-response\u2019 capability to quickly identify threats within Windows event logs.", "stars": "2.5k"}, {"name": "Event Log Explorer", "url": "https://eventlogxp.com/", "description": "Tool developed to quickly analyze log files and other data."}, {"name": "Event Log Observer", "url": "https://lizard-labs.com/event_log_observer.aspx", "description": "View, analyze and monitor events recorded in Microsoft Windows event logs with this GUI tool."}, {"name": "Hayabusa", "url": "https://github.com/Yamato-Security/hayabusa", "description": "Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool created by the Yamato Security group in Japan.", "stars": "1.9k"}, {"name": "Kaspersky CyberTrace", "url": "https://support.kaspersky.com/13850", "description": "Threat intelligence fusion and analysis tool that integrates threat data feeds with SIEM solutions. Users can immediately leverage threat intelligence for security monitoring and incident report (IR) activities in the workflow of their existing security operations."}, {"name": "Log Parser Lizard", "url": "https://lizard-labs.com/log_parser_lizard.aspx", "description": "Execute SQL queries against structured log data: server logs, Windows Events, file system, Active Directory, log4net logs, comma/tab separated text, XML or JSON files. Also provides a GUI to Microsoft LogParser 2.2 with powerful UI elements: syntax editor, data grid, chart, pivot table, dashboard, query manager and more."}, {"name": "Lorg", "url": "https://github.com/jensvoid/lorg", "description": "Tool for advanced HTTPD logfile security analysis and forensics.", "stars": "207"}, {"name": "Logdissect", "url": "https://github.com/dogoncouch/logdissect", "description": "CLI utility and Python API for analyzing log files and other data.", "stars": "137"}, {"name": "LogonTracer", "url": "https://github.com/JPCERTCC/LogonTracer", "description": "Tool to investigate malicious Windows logon by visualizing and analyzing Windows event log.", "stars": "2.6k"}, {"name": "Sigma", "url": "https://github.com/SigmaHQ/sigma", "description": "Generic signature format for SIEM systems already containing an extensive ruleset.", "stars": "7.5k"}, {"name": "StreamAlert", "url": "https://github.com/airbnb/streamalert", "description": "Serverless, real-time log data analysis framework, capable of ingesting custom data sources and triggering alerts using user-defined logic.", "stars": "2.8k"}, {"name": "SysmonSearch", "url": "https://github.com/JPCERTCC/SysmonSearch", "description": "SysmonSearch makes Windows event log analysis more effective and less time consuming by aggregation of event logs.", "stars": "408"}, {"name": "WELA", "url": "https://github.com/Yamato-Security/WELA", "description": "Windows Event Log Analyzer aims to be the Swiss Army knife for Windows event logs.", "stars": "672"}, {"name": "Zircolite", "url": "https://github.com/wagga40/Zircolite", "description": "A standalone and fast SIGMA-based detection tool for EVTX or JSON.", "stars": "584"}], "notes": []}, {"name": "Incident Response \u2014 Memory Analysis Tools", "entries": [{"name": "AVML", "url": "https://github.com/microsoft/avml", "description": "A portable volatile memory acquisition tool for Linux.", "stars": "799"}, {"name": "Evolve", "url": "https://github.com/JamesHabben/evolve", "description": "Web interface for the Volatility Memory Forensics Framework.", "stars": "258"}, {"name": "inVtero.net", "url": "https://github.com/ShaneK2/inVtero.net", "description": "Advanced memory analysis for Windows x64 with nested hypervisor support.", "stars": "276"}, {"name": "LiME", "url": "https://github.com/504ensicsLabs/LiME", "description": "Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, formerly called DMD.", "stars": "1.6k"}, {"name": "MalConfScan", "url": "https://github.com/JPCERTCC/MalConfScan", "description": "MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function to list strings to which malicious code refers.", "stars": "466"}, {"name": "Memoryze", "url": "https://www.fireeye.com/services/freeware/memoryze.html", "description": "Free memory forensic software that helps incident responders find evil in live memory. Memoryze can acquire and/or analyze memory images, and on live systems, can include the paging file in its analysis."}, {"name": "Memoryze for Mac", "url": "https://www.fireeye.com/services/freeware/memoryze.html", "description": "Memoryze for Mac is Memoryze but then for Macs. A lower number of features, however."}, {"name": "Orochi", "url": "https://github.com/LDO-CERT/orochi", "description": "Orochi is an open source framework for collaborative forensic memory dump analysis.", "stars": "186"}, {"name": "Rekall", "url": "http://www.rekall-forensic.com/", "description": "Open source tool (and library) for the extraction of digital artifacts from volatile memory (RAM) samples."}, {"name": "Volatility", "url": "https://github.com/volatilityfoundation/volatility", "description": "Advanced memory forensics framework.", "stars": "6.9k"}, {"name": "Volatility 3", "url": "https://github.com/volatilityfoundation/volatility3", "description": "The volatile memory extraction framework (successor of Volatility)", "stars": "2.2k"}, {"name": "VolatilityBot", "url": "https://github.com/mkorman90/VolatilityBot", "description": "Automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation.", "stars": "260"}, {"name": "VolDiff", "url": "https://github.com/aim4r/VolDiff", "description": "Malware Memory Footprint Analysis based on Volatility.", "stars": "192"}, {"name": "WindowsSCOPE", "url": "http://www.windowsscope.com/windowsscope-cyber-forensics/", "description": "Memory forensics and reverse engineering tool used for analyzing volatile memory offering the capability of analyzing the Windows kernel, drivers, DLLs, and virtual and physical memory."}], "notes": []}, {"name": "Incident Response \u2014 Memory Imaging Tools", "entries": [{"name": "Belkasoft Live RAM Capturer", "url": "http://belkasoft.com/ram-capturer", "description": "Tiny free forensic tool to reliably extract the entire content of the computer\u2019s volatile memory \u2013 even if protected by an active anti-debugging or anti-dumping system."}, {"name": "Linux Memory Grabber", "url": "https://github.com/halpomeranz/lmg/", "description": "Script for dumping Linux memory and creating Volatility profiles.", "stars": "258"}, {"name": "MAGNET DumpIt", "url": "https://www.magnetforensics.com/resources/magnet-dumpit-for-windows", "description": "Fast memory acquisition tool for Windows (x86, x64, ARM64). Generate full memory crash dumps of Windows machines."}, {"name": "Magnet RAM Capture", "url": "https://www.magnetforensics.com/free-tool-magnet-ram-capture/", "description": "Free imaging tool designed to capture the physical memory of a suspect\u2019s computer. Supports recent versions of Windows."}, {"name": "OSForensics", "url": "http://www.osforensics.com/", "description": "Tool to acquire live memory on 32-bit and 64-bit systems. A dump of an individual process\u2019s memory space or physical memory dump can be done."}], "notes": []}, {"name": "Incident Response \u2014 OSX Evidence Collection", "entries": [{"name": "Knockknock", "url": "https://objective-see.com/products/knockknock.html", "description": "Displays persistent items(scripts, commands, binaries, etc.) that are set to execute automatically on OSX."}, {"name": "macOS Artifact Parsing Tool (mac\\_apt)", "url": "https://github.com/ydkhatri/mac_apt", "description": "Plugin based forensics framework for quick mac triage that works on live machines, disk images or individual artifact files.", "stars": "702"}, {"name": "OSX Auditor", "url": "https://github.com/jipegit/OSXAuditor", "description": "Free Mac OS X computer forensics tool.", "stars": "3.1k"}, {"name": "OSX Collector", "url": "https://github.com/yelp/osxcollector", "description": "OSX Auditor offshoot for live response.", "stars": "1.9k"}, {"name": "The ESF Playground", "url": "https://themittenmac.com/the-esf-playground/", "description": "A tool to view the events in Apple Endpoint Security Framework (ESF) in real time."}], "notes": []}, {"name": "Incident Response \u2014 Other Lists", "entries": [{"name": "Awesome Event IDs", "url": "https://github.com/stuhli/awesome-event-ids", "description": "Collection of Event ID resources useful for Digital Forensics and Incident Response.", "stars": "535"}, {"name": "Awesome Forensics", "url": "https://github.com/cugu/awesome-forensics", "description": "A curated list of awesome forensic analysis tools and resources.", "stars": "3.5k"}, {"name": "Didier Stevens Suite", "url": "https://github.com/DidierStevens/DidierStevensSuite", "description": "Tool collection", "stars": "1.8k"}, {"name": "Eric Zimmerman Tools", "url": "https://ericzimmerman.github.io/", "description": "An updated list of forensic tools created by Eric Zimmerman, an instructor for SANS institute."}, {"name": "List of various Security APIs", "url": "https://github.com/deralexxx/security-apis", "description": "Collective list of public JSON APIs for use in security.", "stars": "834"}], "notes": []}, {"name": "Incident Response \u2014 Other Tools", "entries": [{"name": "Cortex", "url": "https://thehive-project.org", "description": "Cortex allows you to analyze observables such as IP and email addresses, URLs, domain names, files or hashes one by one or in bulk mode using a Web interface. Analysts can also automate these operations using its REST API."}, {"name": "Crits", "url": "https://crits.github.io/", "description": "Web-based tool which combines an analytic engine with a cyber threat database."}, {"name": "Diffy", "url": "https://github.com/Netflix-Skunkworks/diffy", "description": "DFIR tool developed by Netflix's SIRT that allows an investigator to quickly scope a compromise across cloud instances (Linux instances on AWS, currently) during an incident and efficiently triaging those instances for followup actions by showing differences against a baseline.", "stars": "634"}, {"name": "domfind", "url": "https://github.com/diogo-fernan/domfind", "description": "Python DNS crawler for finding identical domain names under different TLDs.", "stars": "20"}, {"name": "Fileintel", "url": "https://github.com/keithjjones/fileintel", "description": "Pull intelligence per file hash.", "stars": "113"}, {"name": "HELK", "url": "https://github.com/Cyb3rWard0g/HELK", "description": "Threat Hunting platform.", "stars": "3.7k"}, {"name": "Hindsight", "url": "https://github.com/obsidianforensics/hindsight", "description": "Internet history forensics for Google Chrome/Chromium.", "stars": "1k"}, {"name": "Hostintel", "url": "https://github.com/keithjjones/hostintel", "description": "Pull intelligence per host.", "stars": "258"}, {"name": "imagemounter", "url": "https://github.com/ralphje/imagemounter", "description": "Command line utility and Python package to ease the (un)mounting of forensic disk images.", "stars": "111"}, {"name": "Kansa", "url": "https://github.com/davehull/Kansa/", "description": "Modular incident response framework in PowerShell.", "stars": "1.5k"}, {"name": "MFT Browser", "url": "https://github.com/kacos2000/MFT_Browser", "description": "MFT directory tree reconstruction & record info.", "stars": "274"}, {"name": "Munin", "url": "https://github.com/Neo23x0/munin", "description": "Online hash checker for VirusTotal and other services.", "stars": "793"}, {"name": "PowerSponse", "url": "https://github.com/swisscom/PowerSponse", "description": "PowerSponse is a PowerShell module focused on targeted containment and remediation during security incident response.", "stars": "36"}, {"name": "PyaraScanner", "url": "https://github.com/nogoodconfig/pyarascanner", "description": "Very simple multi-threaded many-rules to many-files YARA scanning Python script for malware zoos and IR.", "stars": "25"}, {"name": "rastrea2r", "url": "https://github.com/rastrea2r/rastrea2r", "description": "Allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X.", "stars": "231"}, {"name": "RaQet", "url": "https://raqet.github.io/", "description": "Unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system."}, {"name": "Raccine", "url": "https://github.com/Neo23x0/Raccine", "description": "A Simple Ransomware Protection", "stars": "930"}, {"name": "Stalk", "url": "https://www.percona.com/doc/percona-toolkit/2.2/pt-stalk.html", "description": "Collect forensic data about MySQL when problems occur."}, {"name": "Scout2", "url": "https://nccgroup.github.io/Scout2/", "description": "Security tool that lets Amazon Web Services administrators assess their environment's security posture."}, {"name": "Stenographer", "url": "https://github.com/google/stenographer", "description": "Packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. It stores as much history as it possible, managing disk usage, and deleting when disk limits are hit. It's ideal for capturing the traffic just before and during an incident, without the need explicit need to store all of the network traffic.", "stars": "1.8k"}, {"name": "sqhunter", "url": "https://github.com/0x4d31/sqhunter", "description": "Threat hunter based on osquery and Salt Open (SaltStack) that can issue ad-hoc or distributed queries without the need for osquery's tls plugin. sqhunter allows you to query open network sockets and check them against threat intelligence sources.", "stars": "65"}, {"name": "sysmon-config", "url": "https://github.com/SwiftOnSecurity/sysmon-config", "description": "Sysmon configuration file template with default high-quality event tracing", "stars": "4.5k"}, {"name": "sysmon-modular", "url": "https://github.com/olafhartong/sysmon-modular", "description": "A repository of sysmon configuration modules", "stars": "2.5k"}, {"name": "traceroute-circl", "url": "https://github.com/CIRCL/traceroute-circl", "description": "Extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Response Center Luxembourg.", "stars": "36"}, {"name": "X-Ray 2.0", "url": "https://www.raymond.cc/blog/xray/", "description": "Windows utility (poorly maintained or no longer maintained) to submit virus samples to AV vendors."}], "notes": []}, {"name": "Incident Response \u2014 Playbooks", "entries": [{"name": "AWS Incident Response Runbook Samples", "url": "https://github.com/aws-samples/aws-incident-response-runbooks/tree/0d9a1c0f7ad68fb2c1b2d86be8914f2069492e21", "description": "AWS IR Runbook Samples meant to be customized per each entity using them. The three samples are: \"DoS or DDoS attack\", \"credential leakage\", and \"unintended access to an Amazon S3 bucket\".", "stars": "873"}, {"name": "Counteractive Playbooks", "url": "https://github.com/counteractive/incident-response-plan-template/tree/master/playbooks", "description": "Counteractive PLaybooks collection.", "stars": "544"}, {"name": "GuardSIght Playbook Battle Cards", "url": "https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards", "description": "A collection of Cyber Incident Response Playbook Battle Cards", "stars": "324"}, {"name": "IRM", "url": "https://github.com/certsocietegenerale/IRM", "description": "Incident Response Methodologies by CERT Societe Generale.", "stars": "865"}, {"name": "PagerDuty Incident Response Documentation", "url": "https://response.pagerduty.com/", "description": "Documents that describe parts of the PagerDuty Incident Response process. It provides information not only on preparing for an incident, but also what to do during and after. Source is available on [GitHub (\u2b501k)](https://github.com/PagerDuty/incident-response-docs)."}, {"name": "Phantom Community Playbooks", "url": "https://github.com/phantomcyber/playbooks", "description": "Phantom Community Playbooks for Splunk but also customizable for other use.", "stars": "448"}, {"name": "ThreatHunter-Playbook", "url": "https://github.com/OTRF/ThreatHunter-Playbook", "description": "Playbook to aid the development of techniques and hypothesis for hunting campaigns.", "stars": "3.8k"}], "notes": []}, {"name": "Incident Response \u2014 Process Dump Tools", "entries": [{"name": "Microsoft ProcDump", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/procdump", "description": "Dumps any running Win32 processes memory image on the fly."}, {"name": "PMDump", "url": "http://www.ntsecurity.nu/toolbox/pmdump/", "description": "Tool that lets you dump the memory contents of a process to a file without stopping the process."}], "notes": []}, {"name": "Incident Response \u2014 Sandboxing/Reversing Tools", "entries": [{"name": "Any Run", "url": "https://app.any.run/", "description": "Interactive online malware analysis service for dynamic and static research of most types of threats using any environment."}, {"name": "CAPA", "url": "https://github.com/mandiant/capa", "description": "detects capabilities in executable files. You run it against a PE, ELF, .NET module, or shellcode file and it tells you what it thinks the program can do.", "stars": "3.8k"}, {"name": "CAPEv2", "url": "https://github.com/kevoreilly/CAPEv2", "description": "Malware Configuration And Payload Extraction.", "stars": "1.6k"}, {"name": "Cuckoo", "url": "https://github.com/cuckoosandbox/cuckoo", "description": "Open Source Highly configurable sandboxing tool.", "stars": "5.4k"}, {"name": "Cuckoo-modified", "url": "https://github.com/spender-sandbox/cuckoo-modified", "description": "Heavily modified Cuckoo fork developed by community.", "stars": "388"}, {"name": "Cuckoo-modified-api", "url": "https://github.com/keithjjones/cuckoo-modified-api", "description": "Python library to control a cuckoo-modified sandbox.", "stars": "18"}, {"name": "Cutter", "url": "https://github.com/rizinorg/cutter", "description": "Free and Open Source Reverse Engineering Platform powered by rizin.", "stars": "15k"}, {"name": "Ghidra", "url": "https://github.com/NationalSecurityAgency/ghidra", "description": "Software Reverse Engineering Framework.", "stars": "47k"}, {"name": "Hybrid-Analysis", "url": "https://www.hybrid-analysis.com/", "description": "Free powerful online sandbox by CrowdStrike."}, {"name": "Intezer", "url": "https://analyze.intezer.com/#/", "description": "Intezer Analyze dives into Windows binaries to detect micro-code similarities to known threats, in order to provide accurate yet easy-to-understand results."}, {"name": "Joe Sandbox (Community)", "url": "https://www.joesandbox.com/", "description": "Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux, and iOS for suspicious activities; providing comprehensive and detailed analysis reports."}, {"name": "Mastiff", "url": "https://github.com/KoreLogicSecurity/mastiff", "description": "Static analysis framework that automates the process of extracting key characteristics from a number of different file formats.", "stars": "171"}, {"name": "Metadefender Cloud", "url": "https://www.metadefender.com", "description": "Free threat intelligence platform providing multiscanning, data sanitization and vulnerability assessment of files."}, {"name": "Radare2", "url": "https://github.com/radareorg/radare2", "description": "Reverse engineering framework and command-line toolset.", "stars": "19k"}, {"name": "Reverse.IT", "url": "https://www.reverse.it/", "description": "Alternative domain for the Hybrid-Analysis tool provided by CrowdStrike."}, {"name": "Rizin", "url": "https://github.com/rizinorg/rizin", "description": "UNIX-like reverse engineering framework and command-line toolset", "stars": "2.4k"}, {"name": "StringSifter", "url": "https://github.com/fireeye/stringsifter", "description": "A machine learning tool that ranks strings based on their relevance for malware analysis.", "stars": "638"}, {"name": "Threat.Zone", "url": "https://app.threat.zone", "description": "Cloud based threat analysis platform which include sandbox, CDR and interactive analysis for researchers."}, {"name": "Valkyrie Comodo", "url": "https://valkyrie.comodo.com", "description": "Valkyrie uses run-time behavior and hundreds of features from a file to perform analysis."}, {"name": "Viper", "url": "https://github.com/viper-framework/viper", "description": "Python based binary analysis and management framework, that works well with Cuckoo and YARA.", "stars": "1.5k"}, {"name": "Virustotal", "url": "https://www.virustotal.com", "description": "Free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners."}, {"name": "Visualize\\_Logs", "url": "https://github.com/keithjjones/visualize_logs", "description": "Open source visualization library and command line tools for logs (Cuckoo, Procmon, more to come).", "stars": "134"}, {"name": "Yomi", "url": "https://yomi.yoroi.company", "description": "Free MultiSandbox managed and hosted by Yoroi."}], "notes": []}, {"name": "Incident Response \u2014 Scanner Tools", "entries": [{"name": "Fenrir", "url": "https://github.com/Neo23x0/Fenrir", "description": "Simple IOC scanner. It allows scanning any Linux/Unix/OSX system for IOCs in plain bash. Created by the creators of THOR and LOKI.", "stars": "657"}, {"name": "LOKI", "url": "https://github.com/Neo23x0/Loki", "description": "Free IR scanner for scanning endpoint with yara rules and other indicators(IOCs).", "stars": "3.2k"}, {"name": "Spyre", "url": "https://github.com/spyre-project/spyre", "description": "Simple YARA-based IOC scanner written in Go", "stars": "157"}], "notes": []}, {"name": "Incident Response \u2014 Timeline Tools", "entries": [{"name": "Aurora Incident Response", "url": "https://github.com/cyb3rfox/Aurora-Incident-Response", "description": "Platform developed to build easily a detailed timeline of an incident.", "stars": "720"}, {"name": "Highlighter", "url": "https://www.fireeye.com/services/freeware/highlighter.html", "description": "Free Tool available from Fire/Mandiant that will depict log/text file that can highlight areas on the graphic, that corresponded to a key word or phrase. Good for time lining an infection and what was done post compromise."}, {"name": "Morgue", "url": "https://github.com/etsy/morgue", "description": "PHP Web app by Etsy for managing postmortems.", "stars": "1k"}, {"name": "Plaso", "url": "https://github.com/log2timeline/plaso", "description": "a Python-based backend engine for the tool log2timeline.", "stars": "1.6k"}, {"name": "Timesketch", "url": "https://github.com/google/timesketch", "description": "Open source tool for collaborative forensic timeline analysis.", "stars": "2.5k"}], "notes": []}, {"name": "Incident Response \u2014 Videos", "entries": [{"name": "The Future of Incident Response", "url": "https://www.youtube.com/watch?v=bDcx4UNpKNc", "description": "Presented by Bruce Schneier at OWASP AppSecUSA 2015."}], "notes": []}, {"name": "Incident Response \u2014 Windows Evidence Collection", "entries": [{"name": "AChoir", "url": "https://github.com/OMENScan/AChoir", "description": "Framework/scripting tool to standardize and simplify the process of scripting live acquisition utilities for Windows.", "stars": "176"}, {"name": "Crowd Response", "url": "http://www.crowdstrike.com/community-tools/", "description": "Lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. It features numerous modules and output formats."}, {"name": "Cyber Triage", "url": "http://www.cybertriage.com", "description": "Cyber Triage has a lightweight collection tool that is free to use. It collects source files (such as registry hives and event logs), but also parses them on the live host so that it can also collect the executables that the startup items, scheduled, tasks, etc. refer to. It's output is a JSON file that can be imported into the free version of Cyber Triage. Cyber Triage is made by Sleuth Kit Labs, which also makes Autopsy."}, {"name": "DFIR ORC", "url": "https://dfir-orc.github.io/", "description": "DFIR ORC is a collection of specialized tools dedicated to reliably parse and collect critical artifacts such as the MFT, registry hives or event logs. DFIR ORC collects data, but does not analyze it: it is not meant to triage machines. It provides a forensically relevant snapshot of machines running Microsoft Windows. The code can be found on [GitHub (\u2b50355)](https://github.com/DFIR-ORC/dfir-orc)."}, {"name": "FastIR Collector", "url": "https://github.com/SekoiaLab/Fastir_Collector", "description": "Tool that collects different artifacts on live Windows systems and records the results in csv files. With the analyses of these artifacts, an early compromise can be detected.", "stars": "500"}, {"name": "Fibratus", "url": "https://github.com/rabbitstack/fibratus", "description": "Tool for exploration and tracing of the Windows kernel.", "stars": "2.1k"}, {"name": "Hoarder", "url": "https://github.com/muteb/Hoarder", "description": "Collecting the most valuable artifacts for forensics or incident response investigations.", "stars": "186"}, {"name": "IREC", "url": "https://binalyze.com/products/irec-free/", "description": "All-in-one IR Evidence Collector which captures RAM Image, $MFT, EventLogs, WMI Scripts, Registry Hives, System Restore Points and much more. It is FREE, lightning fast and easy to use."}, {"name": "Invoke-LiveResponse", "url": "https://github.com/mgreen27/Invoke-LiveResponse", "description": "Invoke-LiveResponse is a live response tool for targeted collection.", "stars": "141"}, {"name": "IOC Finder", "url": "https://www.fireeye.com/services/freeware/ioc-finder.html", "description": "Free tool from Mandiant for collecting host system data and reporting the presence of Indicators of Compromise (IOCs). Support for Windows only. No longer maintained. Only fully supported up to Windows 7 / Windows Server 2008 R2."}, {"name": "IRTriage", "url": "https://github.com/AJMartel/IRTriage", "description": "Incident Response Triage - Windows Evidence Collection for Forensic Analysis.", "stars": "123"}, {"name": "KAPE", "url": "https://www.kroll.com/en/services/cyber-risk/incident-response-litigation-support/kroll-artifact-parser-extractor-kape", "description": "Kroll Artifact Parser and Extractor (KAPE) by Eric Zimmerman. A triage tool that finds the most prevalent digital artifacts and then parses them quickly. Great and thorough when time is of the essence."}, {"name": "LOKI", "url": "https://github.com/Neo23x0/Loki", "description": "Free IR scanner for scanning endpoint with yara rules and other indicators(IOCs).", "stars": "3.2k"}, {"name": "MEERKAT", "url": "https://github.com/TonyPhipps/Meerkat", "description": "PowerShell-based triage and threat hunting for Windows.", "stars": "417"}, {"name": "Panorama", "url": "https://github.com/AlmCo/Panorama", "description": "Fast incident overview on live Windows systems.", "stars": "38"}, {"name": "PowerForensics", "url": "https://github.com/Invoke-IR/PowerForensics", "description": "Live disk forensics platform, using PowerShell.", "stars": "1.4k"}, {"name": "PSRecon", "url": "https://github.com/gfoss/PSRecon/", "description": "PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.", "stars": "470"}, {"name": "RegRipper", "url": "https://github.com/keydet89/RegRipper3.0", "description": "Open source tool, written in Perl, for extracting/parsing information (keys, values, data) from the Registry and presenting it for analysis.", "stars": "477"}], "notes": []}], "total_entries": 241}, {"name": "Ctf", "subcategories": [{"name": "Ctf \u2014 Contributing", "entries": [], "notes": []}, {"name": "Ctf \u2014 Why?", "entries": [], "notes": []}, {"name": "Ctf \u2014 Contents", "entries": [{"name": "Awesome CTF", "url": "#awesome-ctf", "description": ""}, {"name": "Resources", "url": "#resources", "description": ""}, {"name": "Kali Linux CTF Blueprints", "url": "https://www.packtpub.com/eu/networking-and-servers/kali-linux-ctf-blueprints", "description": "Online book on building, testing, and customizing your own Capture the Flag challenges."}, {"name": "Dnscat2", "url": "https://github.com/iagox86/dnscat2", "description": "Hosts communication through DNS.", "stars": "2.8k"}, {"name": "Kroll Artifact Parser and Extractor (KAPE)", "url": "https://learn.duffandphelps.com/kape", "description": "Triage program."}, {"name": "Magnet AXIOM", "url": "https://www.magnetforensics.com/downloadaxiom", "description": "Artifact-centric DFIR tool."}, {"name": "Registry Dumper", "url": "http://www.kahusecurity.com/posts/registry_dumper_find_and_dump_hidden_registry_keys.html", "description": "Dump your registry."}, {"name": "CTFd", "url": "https://github.com/isislab/CTFd", "description": "Platform to host jeopardy style CTFs from ISISLab, NYU Tandon.", "stars": "4.3k"}, {"name": "echoCTF.RED", "url": "https://github.com/echoCTF/echoCTF.RED", "description": "Develop, deploy and maintain your own CTF infrastructure.", "stars": "40"}, {"name": "FBCTF", "url": "https://github.com/facebook/fbctf", "description": "Platform to host Capture the Flag competitions from Facebook.", "stars": "6.5k"}, {"name": "Haaukins", "url": "https://github.com/aau-network-security/haaukins", "description": "A Highly Accessible and Automated Virtualization Platform for Security Education.", "stars": "146"}, {"name": "HackTheArch", "url": "https://github.com/mcpa-stlouis/hack-the-arch", "description": "CTF scoring platform.", "stars": "62"}, {"name": "Mellivora", "url": "https://github.com/Nakiami/mellivora", "description": "A CTF engine written in PHP.", "stars": "405"}, {"name": "MotherFucking-CTF", "url": "https://github.com/andreafioraldi/motherfucking-ctf", "description": "Badass lightweight plaform to host CTFs. No JS involved.", "stars": "42"}, {"name": "NightShade", "url": "https://github.com/UnrealAkama/NightShade", "description": "A simple security CTF framework.", "stars": "104"}, {"name": "OpenCTF", "url": "https://github.com/easyctf/openctf", "description": "CTF in a box. Minimal setup required.", "stars": "78"}, {"name": "PicoCTF", "url": "https://github.com/picoCTF/picoCTF", "description": "The platform used to run picoCTF. A great framework to host any CTF.", "stars": "265"}, {"name": "PyChallFactory", "url": "https://github.com/pdautry/py_chall_factory", "description": "Small framework to create/manage/package jeopardy CTF challenges.", "stars": "83"}, {"name": "RootTheBox", "url": "https://github.com/moloch--/RootTheBox", "description": "A Game of Hackers (CTF Scoreboard & Game Manager).", "stars": "691"}, {"name": "Scorebot", "url": "https://github.com/legitbs/scorebot", "description": "Platform for CTFs by Legitbs (Defcon).", "stars": "46"}, {"name": "SecGen", "url": "https://github.com/cliffe/SecGen", "description": "Security Scenario Generator. Creates randomly vulnerable virtual machines.", "stars": "2.4k"}, {"name": "Metasploit JavaScript Obfuscator", "url": "https://github.com/rapid7/metasploit-framework/wiki/How-to-obfuscate-JavaScript-in-Metasploit", "description": "", "stars": "29k"}, {"name": "Uglify", "url": "https://github.com/mishoo/UglifyJS", "description": "", "stars": "12k"}, {"name": "Bettercap", "url": "https://github.com/bettercap/bettercap", "description": "Framework to perform MITM (Man in the Middle) attacks.", "stars": "12k"}, {"name": "Yersinia", "url": "https://github.com/tomac/yersinia", "description": "Attack various protocols on layer 2.", "stars": "548"}, {"name": "CyberChef", "url": "https://gchq.github.io/CyberChef", "description": "Web app for analysing and decoding data."}, {"name": "FeatherDuster", "url": "https://github.com/nccgroup/featherduster", "description": "An automated, modular cryptanalysis tool.", "stars": "989"}, {"name": "Hash Extender", "url": "https://github.com/iagox86/hash_extender", "description": "A utility tool for performing hash length extension attacks.", "stars": "888"}, {"name": "padding-oracle-attacker", "url": "https://github.com/KishanBagaria/padding-oracle-attacker", "description": "A CLI tool to execute padding oracle attacks.", "stars": "154"}, {"name": "PkCrack", "url": "https://www.unix-ag.uni-kl.de/\\~conrad/krypto/pkcrack.html", "description": "A tool for Breaking PkZip-encryption."}, {"name": "QuipQuip", "url": "https://quipqiup.com", "description": "An online tool for breaking substitution ciphers or vigenere ciphers (without key)."}, {"name": "RSACTFTool", "url": "https://github.com/Ganapati/RsaCtfTool", "description": "A tool for recovering RSA private key with various attack.", "stars": "3.9k"}, {"name": "RSATool", "url": "https://github.com/ius/rsatool", "description": "Generate private key with knowledge of p and q.", "stars": "851"}, {"name": "XORTool", "url": "https://github.com/hellman/xortool", "description": "A tool to analyze multi-byte xor cipher.", "stars": "1.2k"}, {"name": "Hashcat", "url": "https://hashcat.net/hashcat/", "description": "Password Cracker"}, {"name": "Hydra", "url": "https://tools.kali.org/password-attacks/hydra", "description": "A parallelized login cracker which supports numerous protocols to attack"}, {"name": "John The Jumbo", "url": "https://github.com/magnumripper/JohnTheRipper", "description": "Community enhanced version of John the Ripper.", "stars": "6.9k"}, {"name": "John The Ripper", "url": "http://www.openwall.com/john/", "description": "Password Cracker."}, {"name": "Nozzlr", "url": "https://github.com/intrd/nozzlr", "description": "Nozzlr is a bruteforce framework, trully modular and script-friendly.", "stars": "61"}, {"name": "Ophcrack", "url": "http://ophcrack.sourceforge.net/", "description": "Windows password cracker based on rainbow tables."}, {"name": "Patator", "url": "https://github.com/lanjelot/patator", "description": "Patator is a multi-purpose brute-forcer, with a modular design.", "stars": "3k"}, {"name": "Turbo Intruder", "url": "https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack", "description": "Burp Suite extension for sending large numbers of HTTP requests"}, {"name": "DLLInjector", "url": "https://github.com/OpenSecurityResearch/dllinjector", "description": "Inject dlls in processes.", "stars": "453"}, {"name": "libformatstr", "url": "https://github.com/hellman/libformatstr", "description": "Simplify format string exploitation.", "stars": "332"}, {"name": "Metasploit", "url": "http://www.metasploit.com/", "description": "Penetration testing software."}, {"name": "one\\_gadget", "url": "https://github.com/david942j/one_gadget", "description": "A tool to find the one gadget `execve('/bin/sh', NULL, NULL)` call.", "stars": "1.7k"}, {"name": "Pwntools", "url": "https://github.com/Gallopsled/pwntools", "description": "CTF Framework for writing exploits.", "stars": "9.5k"}, {"name": "Qira", "url": "https://github.com/BinaryAnalysisPlatform/qira", "description": "QEMU Interactive Runtime Analyser.", "stars": "3.6k"}, {"name": "ROP Gadget", "url": "https://github.com/JonathanSalwan/ROPgadget", "description": "Framework for ROP exploitation.", "stars": "3.2k"}, {"name": "V0lt", "url": "https://github.com/P1kachu/v0lt", "description": "Security CTF Toolkit.", "stars": "358"}, {"name": "Aircrack-Ng", "url": "http://www.aircrack-ng.org/", "description": "Crack 802.11 WEP and WPA-PSK keys."}, {"name": "Audacity", "url": "http://sourceforge.net/projects/audacity/", "description": "Analyze sound files (mp3, m4a, whatever)."}, {"name": "Bkhive and Samdump2", "url": "http://sourceforge.net/projects/ophcrack/files/samdump2/", "description": "Dump SYSTEM and SAM files."}, {"name": "CFF Explorer", "url": "http://www.ntcore.com/exsuite.php", "description": "PE Editor."}, {"name": "Creddump", "url": "https://github.com/moyix/creddump", "description": "Dump windows credentials.", "stars": "219"}, {"name": "DVCS Ripper", "url": "https://github.com/kost/dvcs-ripper", "description": "Rips web accessible (distributed) version control systems.", "stars": "1.5k"}, {"name": "Exif Tool", "url": "http://www.sno.phy.queensu.ca/\\~phil/exiftool/", "description": "Read, write and edit file metadata."}, {"name": "Extundelete", "url": "http://extundelete.sourceforge.net/", "description": "Used for recovering lost data from mountable images."}, {"name": "Fibratus", "url": "https://github.com/rabbitstack/fibratus", "description": "Tool for exploration and tracing of the Windows kernel.", "stars": "1.7k"}, {"name": "Foremost", "url": "http://foremost.sourceforge.net/", "description": "Extract particular kind of files using headers."}, {"name": "Fsck.ext4", "url": "http://linux.die.net/man/8/fsck.ext3", "description": "Used to fix corrupt filesystems."}, {"name": "Malzilla", "url": "http://malzilla.sourceforge.net/", "description": "Malware hunting tool."}, {"name": "NetworkMiner", "url": "http://www.netresec.com/?page=NetworkMiner", "description": "Network Forensic Analysis Tool."}, {"name": "PDF Streams Inflater", "url": "http://malzilla.sourceforge.net/downloads.html", "description": "Find and extract zlib files compressed in PDF files."}, {"name": "Pngcheck", "url": "http://www.libpng.org/pub/png/apps/pngcheck.html", "description": "Verifies the integrity of PNG and dump all of the chunk-level information in human-readable form."}, {"name": "ResourcesExtract", "url": "http://www.nirsoft.net/utils/resources_extract.html", "description": "Extract various filetypes from exes."}, {"name": "Shellbags", "url": "https://github.com/williballenthin/shellbags", "description": "Investigate NT\\_USER.dat files.", "stars": "139"}, {"name": "Snow", "url": "https://sbmlabs.com/notes/snow_whitespace_steganography_tool", "description": "A Whitespace Steganography Tool."}, {"name": "USBRip", "url": "https://github.com/snovvcrash/usbrip", "description": "Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux.", "stars": "1.1k"}, {"name": "Volatility", "url": "https://github.com/volatilityfoundation/volatility", "description": "To investigate memory dumps.", "stars": "5.7k"}, {"name": "Wireshark", "url": "https://www.wireshark.org", "description": "Used to analyze pcap or pcapng files"}, {"name": "OfflineRegistryView", "url": "https://www.nirsoft.net/utils/offline_registry_view.html", "description": "Simple tool for Windows that allows you to read offline Registry files from external drive and view the desired Registry key in .reg file format."}, {"name": "Registry Viewer\u00ae", "url": "https://accessdata.com/product-download/registry-viewer-2-0-0", "description": "Used to view Windows registries."}, {"name": "Masscan", "url": "https://github.com/robertdavidgraham/masscan", "description": "Mass IP port scanner, TCP port scanner.", "stars": "20k"}, {"name": "Monit", "url": "https://linoxide.com/monitoring-2/monit-linux/", "description": "A linux tool to check a host on the network (and other non-network activities)."}, {"name": "Nipe", "url": "https://github.com/GouveaHeitor/nipe", "description": "Nipe is a script to make Tor Network your default gateway.", "stars": "1.5k"}, {"name": "Nmap", "url": "https://nmap.org/", "description": "An open source utility for network discovery and security auditing."}, {"name": "Wireshark", "url": "https://www.wireshark.org/", "description": "Analyze the network dumps."}, {"name": "Zeek", "url": "https://www.zeek.org", "description": "An open-source network security monitor."}, {"name": "Zmap", "url": "https://zmap.io/", "description": "An open-source network scanner."}, {"name": "Androguard", "url": "https://github.com/androguard/androguard", "description": "Reverse engineer Android applications.", "stars": "4.1k"}, {"name": "Angr", "url": "https://github.com/angr/angr", "description": "platform-agnostic binary analysis framework.", "stars": "6.2k"}, {"name": "Apk2Gold", "url": "https://github.com/lxdvs/apk2gold", "description": "Yet another Android decompiler.", "stars": "616"}, {"name": "ApkTool", "url": "http://ibotpeaches.github.io/Apktool/", "description": "Android Decompiler."}, {"name": "Barf", "url": "https://github.com/programa-stic/barf-project", "description": "Binary Analysis and Reverse engineering Framework.", "stars": "1.3k"}, {"name": "Binary Ninja", "url": "https://binary.ninja/", "description": "Binary analysis framework."}, {"name": "BinUtils", "url": "http://www.gnu.org/software/binutils/binutils.html", "description": "Collection of binary tools."}, {"name": "BinWalk", "url": "https://github.com/devttys0/binwalk", "description": "Analyze, reverse engineer, and extract firmware images.", "stars": "8.6k"}, {"name": "Boomerang", "url": "https://github.com/BoomerangDecompiler/boomerang", "description": "Decompile x86/SPARC/PowerPC/ST-20 binaries to C.", "stars": "322"}, {"name": "ctf\\_import", "url": "https://github.com/docileninja/ctf_import", "description": "run basic functions from stripped binaries cross platform.", "stars": "100"}, {"name": "cwe\\_checker", "url": "https://github.com/fkie-cad/cwe_checker", "description": "cwe\\_checker finds vulnerable patterns in binary executables.", "stars": "741"}, {"name": "demovfuscator", "url": "https://github.com/kirschju/demovfuscator", "description": "A work-in-progress deobfuscator for movfuscated binaries.", "stars": "597"}, {"name": "Frida", "url": "https://github.com/frida/", "description": "Dynamic Code Injection."}, {"name": "GDB", "url": "https://www.gnu.org/software/gdb/", "description": "The GNU project debugger."}, {"name": "GEF", "url": "https://github.com/hugsy/gef", "description": "GDB plugin.", "stars": "5.1k"}, {"name": "Ghidra", "url": "https://ghidra-sre.org/", "description": "Open Source suite of reverse engineering tools.  Similar to IDA Pro."}, {"name": "Hopper", "url": "http://www.hopperapp.com/", "description": "Reverse engineering tool (disassembler) for OSX and Linux."}, {"name": "IDA Pro", "url": "https://www.hex-rays.com/products/ida/", "description": "Most used Reversing software."}, {"name": "Jadx", "url": "https://github.com/skylot/jadx", "description": "Decompile Android files.", "stars": "32k"}, {"name": "Java Decompilers", "url": "http://www.javadecompilers.com", "description": "An online decompiler for Java and Android APKs."}, {"name": "Krakatau", "url": "https://github.com/Storyyeller/Krakatau", "description": "Java decompiler and disassembler.", "stars": "1.6k"}, {"name": "Objection", "url": "https://github.com/sensepost/objection", "description": "Runtime Mobile Exploration.", "stars": "5.4k"}, {"name": "PEDA", "url": "https://github.com/longld/peda", "description": "GDB plugin (only python2.7).", "stars": "5.2k"}, {"name": "Pin", "url": "https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool", "description": "A dynamic binary instrumentaion tool by Intel."}, {"name": "PINCE", "url": "https://github.com/korcankaraokcu/PINCE", "description": "GDB front-end/reverse engineering tool, focused on game-hacking and automation.", "stars": "1.5k"}, {"name": "PinCTF", "url": "https://github.com/ChrisTheCoolHut/PinCTF", "description": "A tool which uses intel pin for Side Channel Analysis.", "stars": "449"}, {"name": "Plasma", "url": "https://github.com/joelpx/plasma", "description": "An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.", "stars": "3k"}, {"name": "Pwndbg", "url": "https://github.com/pwndbg/pwndbg", "description": "A GDB plugin that provides a suite of utilities to hack around GDB easily.", "stars": "5k"}, {"name": "radare2", "url": "https://github.com/radare/radare2", "description": "A portable reversing framework.", "stars": "17k"}, {"name": "Triton", "url": "https://github.com/JonathanSalwan/Triton/", "description": "Dynamic Binary Analysis (DBA) framework.", "stars": "2.6k"}, {"name": "Uncompyle", "url": "https://github.com/gstarnberger/uncompyle", "description": "Decompile Python 2.7 binaries (.pyc).", "stars": "410"}, {"name": "WinDbg", "url": "http://www.windbg.org/", "description": "Windows debugger distributed by Microsoft."}, {"name": "Xocopy", "url": "http://reverse.lostrealm.com/tools/xocopy.html", "description": "Program that can copy executables with execute, but no read permission."}, {"name": "Z3", "url": "https://github.com/Z3Prover/z3", "description": "A theorem prover from Microsoft Research.", "stars": "8.1k"}, {"name": "Detox", "url": "http://relentless-coding.org/projects/jsdetox/install", "description": "A Javascript malware analysis tool."}, {"name": "Revelo", "url": "http://www.kahusecurity.com/posts/revelo_javascript_deobfuscator.html", "description": "Analyze obfuscated Javascript code."}, {"name": "RABCDAsm", "url": "https://github.com/CyberShadow/RABCDAsm", "description": "Collection of utilities including an ActionScript 3 assembler/disassembler.", "stars": "402"}, {"name": "Swftools", "url": "http://www.swftools.org/", "description": "Collection of utilities to work with SWF files."}, {"name": "Xxxswf", "url": "https://bitbucket.org/Alexander_Hanel/xxxswf", "description": "A Python script for analyzing Flash files."}, {"name": "CSWSH", "url": "http://cow.cat/cswsh.html", "description": "Cross-Site WebSocket Hijacking Tester."}, {"name": "Request Bin", "url": "https://requestbin.com/", "description": "Lets you inspect http requests to a particular url."}, {"name": "AperiSolve", "url": "https://aperisolve.fr/", "description": "Aperi'Solve is a platform which performs layer analysis on image (open-source)."}, {"name": "Convert", "url": "http://www.imagemagick.org/script/convert.php", "description": "Convert images b/w formats and apply filters."}, {"name": "Exif", "url": "http://manpages.ubuntu.com/manpages/trusty/man1/exif.1.html", "description": "Shows EXIF information in JPEG files."}, {"name": "Exiftool", "url": "https://linux.die.net/man/1/exiftool", "description": "Read and write meta information in files."}, {"name": "Exiv2", "url": "http://www.exiv2.org/manpage.html", "description": "Image metadata manipulation tool."}, {"name": "Image Steganography", "url": "https://sourceforge.net/projects/image-steg/", "description": "Embeds text and files in images with optional encryption. Easy-to-use UI."}, {"name": "Image Steganography Online", "url": "https://incoherency.co.uk/image-steganography", "description": "This is a client-side Javascript tool to steganographically hide images inside the lower \"bits\" of other images"}, {"name": "ImageMagick", "url": "http://www.imagemagick.org/script/index.php", "description": "Tool for manipulating images."}, {"name": "Outguess", "url": "https://www.freebsd.org/cgi/man.cgi?query=outguess+\\&apropos=0\\&sektion=0\\&manpath=FreeBSD+Ports+5.1-RELEASE\\&format=html", "description": "Universal steganographic tool."}, {"name": "Pngtools", "url": "https://packages.debian.org/sid/pngtools", "description": "For various analysis related to PNGs."}, {"name": "SmartDeblur", "url": "https://github.com/Y-Vladimir/SmartDeblur", "description": "Used to deblur and fix defocused images.", "stars": "2.2k"}, {"name": "Steganabara", "url": "https://www.openhub.net/p/steganabara", "description": "Tool for stegano analysis written in Java."}, {"name": "SteganographyOnline", "url": "https://stylesuxx.github.io/steganography/", "description": "Online steganography encoder and decoder."}, {"name": "Stegbreak", "url": "https://linux.die.net/man/1/stegbreak", "description": "Launches brute-force dictionary attacks on JPG image."}, {"name": "StegCracker", "url": "https://github.com/Paradoxis/StegCracker", "description": "Steganography brute-force utility to uncover hidden data inside files.", "stars": "471"}, {"name": "stegextract", "url": "https://github.com/evyatarmeged/stegextract", "description": "Detect hidden files and text in images.", "stars": "98"}, {"name": "Steghide", "url": "http://steghide.sourceforge.net/", "description": "Hide data in various kind of images."}, {"name": "StegOnline", "url": "https://georgeom.net/StegOnline/upload", "description": "Conduct a wide range of image steganography operations, such as concealing/revealing files hidden within bits (open-source)."}, {"name": "Stegsolve", "url": "http://www.caesum.com/handbook/Stegsolve.jar", "description": "Apply various steganography techniques to images."}, {"name": "Zsteg", "url": "https://github.com/zed-0xff/zsteg/", "description": "PNG/BMP analysis.", "stars": "940"}, {"name": "BurpSuite", "url": "https://portswigger.net/burp", "description": "A graphical tool to testing website security."}, {"name": "Commix", "url": "https://github.com/commixproject/commix", "description": "Automated All-in-One OS Command Injection and Exploitation Tool.", "stars": "3.5k"}, {"name": "Hackbar", "url": "https://addons.mozilla.org/en-US/firefox/addon/hackbartool/", "description": "Firefox addon for easy web exploitation."}, {"name": "OWASP ZAP", "url": "https://www.owasp.org/index.php/Projects/OWASP_Zed_Attack_Proxy_Project", "description": "Intercepting proxy to replay, debug, and fuzz HTTP requests and responses"}, {"name": "Postman", "url": "https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en", "description": "Add on for chrome for debugging network requests."}, {"name": "Raccoon", "url": "https://github.com/evyatarmeged/Raccoon", "description": "A high performance offensive security tool for reconnaissance and vulnerability scanning.", "stars": "2.6k"}, {"name": "SQLMap", "url": "https://github.com/sqlmapproject/sqlmap", "description": "Automatic SQL injection and database takeover tool.", "stars": "25k"}, {"name": "W3af", "url": "https://github.com/andresriancho/w3af", "description": "Web Application Attack and Audit Framework.", "stars": "4k"}, {"name": "XSSer", "url": "http://xsser.sourceforge.net/", "description": "Automated XSS testor."}, {"name": "Android Tamer", "url": "https://androidtamer.com/", "description": "Based on Debian."}, {"name": "BackBox", "url": "https://backbox.org/", "description": "Based on Ubuntu."}, {"name": "BlackArch Linux", "url": "https://blackarch.org/", "description": "Based on Arch Linux."}, {"name": "Fedora Security Lab", "url": "https://labs.fedoraproject.org/security/", "description": "Based on Fedora."}, {"name": "Kali Linux", "url": "https://www.kali.org/", "description": "Based on Debian."}, {"name": "Parrot Security OS", "url": "https://www.parrotsec.org/", "description": "Based on Debian."}, {"name": "Pentoo", "url": "http://www.pentoo.ch/", "description": "Based on Gentoo."}, {"name": "URIX OS", "url": "http://urix.us/", "description": "Based on openSUSE."}, {"name": "Wifislax", "url": "http://www.wifislax.com/", "description": "Based on Slackware."}, {"name": "Flare VM", "url": "https://github.com/fireeye/flare-vm/", "description": "Based on Windows.", "stars": "4.1k"}, {"name": "REMnux", "url": "https://remnux.org/", "description": "Based on Debian."}, {"name": "CTF Tools", "url": "https://github.com/zardus/ctf-tools", "description": "Collection of setup scripts to install various security research tools.", "stars": "7k"}, {"name": "LazyKali", "url": "https://github.com/jlevitsk/lazykali", "description": "A 2016 refresh of LazyKali which simplifies install of tools and configuration.", "stars": "41"}, {"name": "CTF Field Guide", "url": "https://trailofbits.github.io/ctf/", "description": "Field Guide by Trails of Bits."}, {"name": "CTF Resources", "url": "http://ctfs.github.io/resources/", "description": "Start Guide maintained by community."}, {"name": "How to Get Started in CTF", "url": "https://www.endgame.com/blog/how-get-started-ctf", "description": "Short guideline for CTF beginners by Endgame"}, {"name": "Intro. to CTF Course", "url": "https://www.hoppersroppers.org/courseCTF.html", "description": "A free course that teaches beginners the basics of forensics, crypto, and web-ex."}, {"name": "IppSec", "url": "https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA", "description": "Video tutorials and walkthroughs of popular CTF platforms."}, {"name": "LiveOverFlow", "url": "https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w", "description": "Video tutorials on Exploitation."}, {"name": "MIPT CTF", "url": "https://github.com/xairy/mipt-ctf", "description": "A small course for beginners in CTFs (in Russian).", "stars": "250"}, {"name": "Backdoor", "url": "https://backdoor.sdslabs.co/", "description": "Security Platform by SDSLabs."}, {"name": "Crackmes", "url": "https://crackmes.one/", "description": "Reverse Engineering Challenges."}, {"name": "CryptoHack", "url": "https://cryptohack.org/", "description": "Fun cryptography challenges."}, {"name": "echoCTF.RED", "url": "https://echoctf.red/", "description": "Online CTF with a variety of targets to attack."}, {"name": "Exploit Exercises", "url": "https://exploit-exercises.lains.space/", "description": "Variety of VMs to learn variety of computer security issues."}, {"name": "Exploit.Education", "url": "http://exploit.education", "description": "Variety of VMs to learn variety of computer security issues."}, {"name": "Gracker", "url": "https://github.com/Samuirai/gracker", "description": "Binary challenges having a slow learning curve, and write-ups for each level.", "stars": "4"}, {"name": "Hack The Box", "url": "https://www.hackthebox.eu", "description": "Weekly CTFs for all types of security enthusiasts."}, {"name": "Hack This Site", "url": "https://www.hackthissite.org/", "description": "Training ground for hackers."}, {"name": "Hacker101", "url": "https://www.hacker101.com/", "description": "CTF from HackerOne"}, {"name": "Hacking-Lab", "url": "https://hacking-lab.com/", "description": "Ethical hacking, computer network and security challenge platform."}, {"name": "Hone Your Ninja Skills", "url": "https://honeyourskills.ninja/", "description": "Web challenges starting from basic ones."}, {"name": "IO", "url": "http://io.netgarage.org/", "description": "Wargame for binary challenges."}, {"name": "Microcorruption", "url": "https://microcorruption.com", "description": "Embedded security CTF."}, {"name": "Over The Wire", "url": "http://overthewire.org/wargames/", "description": "Wargame maintained by OvertheWire Community."}, {"name": "PentesterLab", "url": "https://pentesterlab.com/", "description": "Variety of VM and online challenges (paid)."}, {"name": "PicoCTF", "url": "https://2019game.picoctf.com", "description": "All year round ctf game. Questions from the yearly picoCTF competition."}, {"name": "PWN Challenge", "url": "http://pwn.eonew.cn/", "description": "Binary Exploitation Wargame."}, {"name": "Pwnable.kr", "url": "http://pwnable.kr/", "description": "Pwn Game."}, {"name": "Pwnable.tw", "url": "https://pwnable.tw/", "description": "Binary wargame."}, {"name": "Pwnable.xyz", "url": "https://pwnable.xyz/", "description": "Binary Exploitation Wargame."}, {"name": "Reversin.kr", "url": "http://reversing.kr/", "description": "Reversing challenge."}, {"name": "Ringzer0Team", "url": "https://ringzer0team.com/", "description": "Ringzer0 Team Online CTF."}, {"name": "Root-Me", "url": "https://www.root-me.org/", "description": "Hacking and Information Security learning platform."}, {"name": "ROP Wargames", "url": "https://github.com/xelenonz/game", "description": "ROP Wargames.", "stars": "20"}, {"name": "SANS HHC", "url": "https://holidayhackchallenge.com/past-challenges/", "description": "Challenges with a holiday theme"}, {"name": "SmashTheStack", "url": "http://smashthestack.org/", "description": "A variety of wargames maintained by the SmashTheStack Community."}, {"name": "Viblo CTF", "url": "https://ctf.viblo.asia", "description": "Various amazing CTF challenges, in many different categories. Has both Practice mode and Contest mode."}, {"name": "VulnHub", "url": "https://www.vulnhub.com/", "description": "VM-based for practical in digital security, computer application & network administration."}, {"name": "W3Challs", "url": "https://w3challs.com", "description": "A penetration testing training platform, which offers various computer challenges, in various categories."}, {"name": "WebHacking", "url": "http://webhacking.kr", "description": "Hacking challenges for web."}, {"name": "Damn Vulnerable Web Application", "url": "http://www.dvwa.co.uk/", "description": "PHP/MySQL web application that is damn vulnerable."}, {"name": "Juice Shop CTF", "url": "https://github.com/bkimminich/juice-shop-ctf", "description": "Scripts and tools for hosting a CTF on [OWASP Juice Shop](https://www.owasp.org/index.php/OWASP_Juice_Shop_Project) easily.", "stars": "317"}, {"name": "Awesome CTF Cheatsheet", "url": "https://github.com/uppusaikiran/awesome-ctf-cheatsheet#awesome-ctf-cheatsheet-", "description": "CTF Cheatsheet."}, {"name": "CTF Time", "url": "https://ctftime.org/", "description": "General information on CTF occuring around the worlds."}, {"name": "Reddit Security CTF", "url": "http://www.reddit.com/r/securityctf", "description": "Reddit CTF category."}, {"name": "Bamboofox", "url": "https://bamboofox.github.io/", "description": "Chinese resources to learn CTF."}, {"name": "bi0s Wiki", "url": "https://teambi0s.gitlab.io/bi0s-wiki/", "description": "Wiki from team bi0s."}, {"name": "CTF Cheatsheet", "url": "https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/", "description": "CTF tips and tricks."}, {"name": "ISIS Lab", "url": "https://github.com/isislab/Project-Ideas/wiki", "description": "CTF Wiki by Isis lab.", "stars": "379"}, {"name": "OpenToAll", "url": "https://github.com/OpenToAllCTF/Tips", "description": "CTF tips by OTA CTF team members.", "stars": "122"}, {"name": "0e85dc6eaf", "url": "https://github.com/0e85dc6eaf/CTF-Writeups", "description": "Write-ups for CTF challenges by 0e85dc6eaf", "stars": "83"}, {"name": "Captf", "url": "http://captf.com/", "description": "Dumped CTF challenges and materials by psifertex."}, {"name": "CTF write-ups (community)", "url": "https://github.com/ctfs/", "description": "CTF challenges + write-ups archive maintained by the community."}, {"name": "CTFTime Scrapper", "url": "https://github.com/abdilahrf/CTFWriteupScrapper", "description": "Scraps all writeup from CTF Time and organize which to read first.", "stars": "27"}, {"name": "HackThisSite", "url": "https://github.com/HackThisSite/CTF-Writeups", "description": "CTF write-ups repo maintained by HackThisSite team.", "stars": "216"}, {"name": "Mzfr", "url": "https://github.com/mzfr/ctf-writeups/", "description": "CTF competition write-ups by mzfr", "stars": "109"}, {"name": "pwntools writeups", "url": "https://github.com/Gallopsled/pwntools-write-ups", "description": "A collection of CTF write-ups all using pwntools.", "stars": "458"}, {"name": "SababaSec", "url": "https://github.com/SababaSec/ctf-writeups", "description": "A collection of CTF write-ups by the SababaSec team", "stars": "15"}, {"name": "Shell Storm", "url": "http://shell-storm.org/repo/CTF/", "description": "CTF challenge archive maintained by Jonathan Salwan."}, {"name": "Smoke Leet Everyday", "url": "https://github.com/smokeleeteveryday/CTF_WRITEUPS", "description": "CTF write-ups repo maintained by SmokeLeetEveryday team.", "stars": "180"}], "notes": []}, {"name": "Ctf \u2014 LICENSE", "entries": [], "notes": []}], "total_entries": 221}, {"name": "Fuzzing", "subcategories": [{"name": "Fuzzing", "entries": [{"name": "Books", "url": "#books", "description": ""}, {"name": "Papers", "url": "#papers", "description": ""}, {"name": "Tools", "url": "#tools", "description": ""}, {"name": "Platform", "url": "#platform", "description": ""}, {"name": "Fuzzing-101", "url": "https://github.com/antonio-morales/Fuzzing101", "description": "", "stars": "2.1k"}, {"name": "The Fuzzing Book", "url": "https://www.fuzzingbook.org/", "description": ""}, {"name": "The Art, Science, and Engineering of Fuzzing: A Survey", "url": "https://ieeexplore.ieee.org/document/8863940", "description": ""}, {"name": "Fuzzing for Software Security Testing and Quality Assurance, 2nd Edition", "url": "https://www.amazon.com/Fuzzing-Software-Security-Testing-Assurance/dp/1608078507/", "description": ""}, {"name": "Fuzzing: Brute Force Vulnerability Discovery, 1st Edition", "url": "https://www.amazon.com/Fuzzing-Brute-Force-Vulnerability-Discovery/dp/0321446119/", "description": ""}, {"name": "Open Source Fuzzing Tools, 1st Edition", "url": "https://www.amazon.com/Open-Source-Fuzzing-Tools-Rathaus/dp/1597491950/", "description": ""}, {"name": "Fuzzing Labs - Patrick Ventuzelo", "url": "https://www.youtube.com/channel/UCGD1Qt2jgnFRjrfAITGdNfQ", "description": ""}, {"name": "Effective File Format Fuzzing", "url": "https://youtu.be/qTTwqFRD1H8", "description": ""}, {"name": "Adventures in Fuzzing", "url": "https://www.youtube.com/watch?v=SngK4W4tVc0", "description": ""}, {"name": "Fuzzing with AFL", "url": "https://www.youtube.com/watch?v=DFQT1YxvpDo", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 The Network and Distributed System Security Symposium (NDSS)", "entries": [{"name": "Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-345-paper.pdf", "description": ""}, {"name": "MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-314-paper.pdf", "description": ""}, {"name": "Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-296-paper.pdf", "description": ""}, {"name": "EMS: History-Driven Mutation for Coverage-based Fuzzing, 2022", "url": "https://www.ndss-symposium.org/wp-content/uploads/2022-162-paper.pdf", "description": ""}, {"name": "WINNIE : Fuzzing Windows Applications with Harness Synthesis and Fast Cloning, 2021", "url": "https://taesoo.kim/pubs/2021/jung:winnie.pdf", "description": ""}, {"name": "Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing, 2021", "url": "https://www.cs.ucr.edu/~heng/pubs/afl-hier.pdf", "description": ""}, {"name": "PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles, 2021", "url": "https://beerkay.github.io/papers/Berkay2021PGFuzzNDSS.pdf", "description": ""}, {"name": "Favocado: Fuzzing Binding Code of JavaScript Engines Using Semantically Correct Test Cases, 2021", "url": "https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-2_24224_paper.pdf", "description": ""}, {"name": "HFL: Hybrid Fuzzing on the Linux Kernel, 2020", "url": "https://www.unexploitable.systems/publication/kimhfl/", "description": ""}, {"name": "HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing, 2020", "url": "https://www.researchgate.net/publication/339164746_HotFuzz_Discovering_Algorithmic_Denial-of-Service_Vulnerabilities_Through_Guided_Micro-Fuzzing", "description": ""}, {"name": "HYPER-CUBE: High-Dimensional Hypervisor Fuzzing, 2020", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/02/07/Hyper-Cube-NDSS20.pdf", "description": ""}, {"name": "Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization, 2020", "url": "https://www.ndss-symposium.org/wp-content/uploads/2020/02/24422.pdf", "description": ""}, {"name": "CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines, 2019", "url": "https://daramg.gift/paper/han-ndss2019.pdf", "description": ""}, {"name": "PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary, 2019", "url": "https://people.cs.kuleuven.be/~stijn.volckaert/papers/2019_NDSS_PeriScope.pdf", "description": ""}, {"name": "REDQUEEN: Fuzzing with Input-to-State Correspondence, 2019", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2018/12/17/NDSS19-Redqueen.pdf", "description": ""}, {"name": "Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing, 2019", "url": "https://www.cs.ucr.edu/~heng/pubs/digfuzz_ndss19.pdf", "description": ""}, {"name": "Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications, 2019", "url": "https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_08-4_Zhang_paper.pdf", "description": ""}, {"name": "INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing, 2018", "url": "https://www.ndss-symposium.org/wp-content/uploads/2018/07/bar2018_14_Hsu_paper.pdf", "description": ""}, {"name": "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, 2018", "url": "http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_01A-1_Chen_paper.pdf", "description": ""}, {"name": "What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, 2018", "url": "http://s3.eurecom.fr/docs/ndss18_muench.pdf", "description": ""}, {"name": "Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, 2018", "url": "https://lifeasageek.github.io/papers/han:meds.pdf", "description": ""}, {"name": "Vuzzer: Application-aware evolutionary fuzzing, 2017", "url": "https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/vuzzer-application-aware-evolutionary-fuzzing/", "description": ""}, {"name": "DELTA: A Security Assessment Framework for Software-Defined Networks, 2017", "url": "https://www.ndss-symposium.org/wp-content/uploads/2017/09/ndss201702A-1LeePaper.pdf", "description": ""}, {"name": "Driller: Augmenting Fuzzing Through Selective Symbolic Execution, 2016", "url": "https://cancer.shtech.org/wiki/uploads/2016---NDSS---driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf", "description": ""}, {"name": "Automated Whitebox Fuzz Testing, 2008", "url": "https://www.ndss-symposium.org/wp-content/uploads/2017/09/Automated-Whitebox-Fuzz-Testing-paper-Patrice-Godefroid.pdf", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 IEEE Symposium on Security and Privacy (IEEE S\\&P)", "entries": [{"name": "PATA: Fuzzing with Path Aware Taint Analysis, 2022", "url": "http://www.wingtecher.com/themes/WingTecherResearch/assets/papers/sp22.pdf", "description": ""}, {"name": "Jigsaw: Efficient and Scalable Path Constraints Fuzzing, 2022", "url": "https://www.cs.ucr.edu/~csong/oakland22-jigsaw.pdf", "description": ""}, {"name": "FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks, 2022", "url": "https://github.com/purseclab/fuzzusb/blob/main/paper/fuzzusb.pdf", "description": "", "stars": "26"}, {"name": "Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis, 2022", "url": "https://arxiv.org/pdf/2203.12064.pdf", "description": ""}, {"name": "BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning, 2022", "url": "https://qingkaishi.github.io/public_pdfs/SP22.pdf", "description": ""}, {"name": "STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting, 2021", "url": "https://www.cs.purdue.edu/homes/zhan3299/res/SP21b.pdf", "description": ""}, {"name": "One Engine to Fuzz 'em All: Generic Language Processor Testing with Semantic Validation, 2021", "url": "https://huhong789.github.io/papers/polyglot-oakland2021.pdf", "description": ""}, {"name": "NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis, 2021", "url": "https://softsec.kaist.ac.kr/~jschoi/data/oakland2021.pdf", "description": ""}, {"name": "DIFUZZRTL: Differential Fuzz Testing to Find CPU Bugs, 2021", "url": "https://lifeasageek.github.io/papers/jaewon-difuzzrtl.pdf", "description": ""}, {"name": "DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices, 2021", "url": "https://conand.me/publications/redini-diane-2021.pdf", "description": ""}, {"name": "Fuzzing JavaScript Engines with Aspect-preserving Mutation, 2020", "url": "https://jakkdu.github.io/pubs/2020/park:die.pdf", "description": ""}, {"name": "IJON: Exploring Deep State Spaces via Fuzzing, 2020", "url": "https://www.syssec.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/02/27/IJON-Oakland20.pdf", "description": ""}, {"name": "Krace: Data Race Fuzzing for Kernel File Systems, 2020", "url": "https://www.cc.gatech.edu/~mxu80/pubs/xu:krace.pdf", "description": ""}, {"name": "Pangolin:Incremental Hybrid Fuzzing with Polyhedral Path Abstraction, 2020", "url": "https://qingkaishi.github.io/public_pdfs/SP2020.pdf", "description": ""}, {"name": "RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization, 2020", "url": "https://www.semanticscholar.org/paper/RetroWrite%3A-Statically-Instrumenting-COTS-Binaries-Dinesh-Burow/845cafb153b0e4b9943c6d9b6a7e42c14845a0d6", "description": ""}, {"name": "Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000b122/19skgbGVFEQ", "description": ""}, {"name": "Fuzzing File Systems via Two-Dimensional Input Space Exploration, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a594/19skfLYOpaw", "description": ""}, {"name": "NEUZZ: Efficient Fuzzing with Neural Program Smoothing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a900/19skg5XghG0", "description": ""}, {"name": "Razzer: Finding Kernel Race Bugs through Fuzzing, 2019", "url": "https://www.computer.org/csdl/proceedings-article/sp/2019/666000a296/19skfwZLirm", "description": ""}, {"name": "Angora: Efficient Fuzzing by Principled Search, 2018", "url": "http://web.cs.ucdavis.edu/~hchen/paper/chen2018angora.pdf", "description": ""}, {"name": "CollAFL: Path Sensitive Fuzzing, 2018", "url": "http://chao.100871.net/papers/oakland18.pdf", "description": ""}, {"name": "T-Fuzz: fuzzing by program transformation, 2018", "url": "https://nebelwelt.net/publications/files/18Oakland.pdf", "description": ""}, {"name": "Skyfire: Data-Driven Seed Generation for Fuzzing, 2017", "url": "https://www.ieee-security.org/TC/SP2017/papers/42.pdf", "description": ""}, {"name": "Program-Adaptive Mutational Fuzzing, 2015", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/cha-oakland15.pdf", "description": ""}, {"name": "TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection, 2010", "url": "https://ieeexplore.ieee.org/abstract/document/5504701", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 USENIX Security", "entries": [{"name": "StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-zhao-bodong.pdf", "description": ""}, {"name": "FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing, 2022", "url": "https://www.usenix.org/system/files/sec22-zhang-zenong.pdf", "description": ""}, {"name": "SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-cloosters.pdf", "description": ""}, {"name": "AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities, 2022", "url": "https://www.usenix.org/system/files/sec22-krupp.pdf", "description": ""}, {"name": "Stateful Greybox Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-ba.pdf", "description": ""}, {"name": "BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-garbelini.pdf", "description": ""}, {"name": "Fuzzing Hardware Like Software, 2022", "url": "https://www.usenix.org/system/files/sec22-trippel.pdf", "description": ""}, {"name": "Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds, 2022", "url": "https://www.usenix.org/system/files/sec22-shen-zekun.pdf", "description": ""}, {"name": "FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-kim.pdf", "description": ""}, {"name": "TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities, 2022", "url": "https://www.usenix.org/system/files/sec22-kande.pdf", "description": ""}, {"name": "MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference, 2022", "url": "https://www.usenix.org/system/files/sec22-myung.pdf", "description": ""}, {"name": "Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing, 2022", "url": "https://www.usenix.org/system/files/sec22-scharnowski.pdf", "description": ""}, {"name": "SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel, 2022", "url": "https://www.usenix.org/system/files/sec22-zou.pdf", "description": ""}, {"name": "Morphuzz: Bending (Input) Space to Fuzz Virtual Devices, 2022", "url": "https://www.usenix.org/system/files/sec22-bulekov.pdf", "description": ""}, {"name": "Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/nagy", "description": ""}, {"name": "ICSFuzz: Manipulating I/Os and Repurposing Binary Code to Enable Instrumented Fuzzing in ICS Control Applications, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/tychalas", "description": ""}, {"name": "Android SmartTVs Vulnerability Discovery via Log-Guided Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/aafer", "description": ""}, {"name": "Constraint-guided Directed Greybox Fuzzing, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/lee-gwangmu", "description": ""}, {"name": "Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/schumilo", "description": ""}, {"name": "UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers, 2021", "url": "https://www.usenix.org/conference/usenixsecurity21/presentation/li-yuwei", "description": ""}, {"name": "FANS: Fuzzing Android Native System Services via Automated Interface Analysis, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/liu", "description": ""}, {"name": "Analysis of DTLS Implementations Using Protocol State Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/fiterau-brostean", "description": ""}, {"name": "EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/yue", "description": ""}, {"name": "Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/jiang", "description": ""}, {"name": "FuzzGen: Automatic Fuzzer Generation, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/ispoglou", "description": ""}, {"name": "ParmeSan: Sanitizer-guided Greybox Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/osterlund", "description": ""}, {"name": "SpecFuzz: Bringing Spectre-type vulnerabilities to the surface, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/oleksenko", "description": ""}, {"name": "FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/zong", "description": ""}, {"name": "Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/lee-suyoung", "description": ""}, {"name": "GREYONE: Data Flow Sensitive Fuzzing, 2020", "url": "https://www.usenix.org/conference/usenixsecurity20/presentation/gan", "description": ""}, {"name": "Fuzzification: Anti-Fuzzing Techniques, 2019", "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/jung", "description": ""}, {"name": "AntiFuzz: Impeding Fuzzing Audits of Binary Executables, 2019", "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/guler", "description": ""}, {"name": "Charm: Facilitating Dynamic Analysis of Device Drivers of Mobile Systems, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/talebi", "description": ""}, {"name": "MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/pailoor", "description": ""}, {"name": "QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing, 2018", "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/yun", "description": ""}, {"name": "OSS-Fuzz - Google's continuous fuzzing service for open source software, 2017", "url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/serebryany", "description": ""}, {"name": "kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, 2017", "url": "https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/schumilo", "description": ""}, {"name": "Protocol State Fuzzing of TLS Implementations, 2015", "url": "https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/de-ruiter", "description": ""}, {"name": "Optimizing Seed Selection for Fuzzing, 2014", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/rebert-usenixsec14.pdf", "description": ""}, {"name": "Dowsing for overflows: a guided fuzzer to find buffer boundary violations, 2013", "url": "http://enigma.usenix.org/sites/default/files/sec13_proceedings_interior.pdf#page=57", "description": ""}, {"name": "Fuzzing with Code Fragments, 2012", "url": "https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final73.pdf", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 ACM Conference on Computer and Communications Security (ACM CCS)", "entries": [{"name": "Fuzz on the Beach: Fuzzing Solana Smart Contracts, 2023", "url": "https://arxiv.org/pdf/2309.03006.pdf", "description": ""}, {"name": "NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic, 2023", "url": "https://secsys.fudan.edu.cn/_upload/article/files/56/ed/788960544d56a38258aca7d3c8b5/216e599a-d6f6-4308-aa0b-ef45166a8431.pdf", "description": ""}, {"name": "Profile-Driven System Optimizations for Accelerated Greybox Fuzzing, 2023", "url": "https://users.cs.utah.edu/~snagy/papers/23CCS.pdf", "description": ""}, {"name": "Hopper: Interpretative Fuzzing for Libraries, 2023", "url": "https://arxiv.org/pdf/2309.03496.pdf", "description": ""}, {"name": "Greybox Fuzzing of Distributed Systems, 2023", "url": "https://arxiv.org/pdf/2305.02601.pdf", "description": ""}, {"name": "SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities, 2022", "url": "https://compsec.snu.ac.kr/papers/jaewon-specdoctor.pdf", "description": ""}, {"name": "SFuzz: Slice-based Fuzzing for Real-Time Operating Systems, 2022", "url": "https://huhong789.github.io/papers/chen:sfuzz.pdf", "description": ""}, {"name": "MC^2: Rigorous and Efficient Directed Greybox Fuzzing, 2022", "url": "https://arxiv.org/pdf/2208.14530.pdf", "description": ""}, {"name": "LibAFL: A Framework to Build Modular and Reusable Fuzzers, 2022", "url": "https://www.s3.eurecom.fr/docs/ccs22_fioraldi.pdf", "description": ""}, {"name": "JIT-Picking: Differential Fuzzing of JavaScript Engines, 2022", "url": "https://publications.cispa.saarland/3773/1/2022-CCS-JIT-Fuzzing.pdf", "description": ""}, {"name": "DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing, 2022", "url": "https://chungkim.io/doc/ccs22-drivefuzz.pdf", "description": ""}, {"name": "SoFi: Reflection-Augmented Fuzzing for JavaScript Engines, 2021", "url": "https://dl.acm.org/doi/pdf/10.1145/3460120.3484823", "description": ""}, {"name": "T-Reqs: HTTP Request Smuggling with Differential Fuzzing, 2021", "url": "https://bahruz.me/papers/ccs2021treqs.pdf", "description": ""}, {"name": "V-SHUTTLE: Scalable and Semantics-Aware Hypervisor Fuzzing, 2021", "url": "https://nesa.zju.edu.cn/download/ppt/pgn_slides_V-SHUTTLE.pdf", "description": ""}, {"name": "Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing, 2021", "url": "https://people.cs.vt.edu/snagy2/papers/21CCS.pdf", "description": ""}, {"name": "HyperFuzzer: An Efficient Hybrid Fuzzer For Virtual CPUs, 2021", "url": "https://www.microsoft.com/en-us/research/uploads/prod/2021/09/hyperfuzzer-ccs21.pdf", "description": ""}, {"name": "Regression Greybox Fuzzing, 2021", "url": "https://mboehme.github.io/paper/CCS21.pdf", "description": ""}, {"name": "Hardware Support to Improve Fuzzing Performance and Precision, 2021", "url": "https://gts3.org/assets/papers/2021/ding:snap.pdf", "description": ""}, {"name": "SNIPUZZ: Black-box Fuzzing of IoT Firmware via Message Snippet Inference, 2021", "url": "https://arxiv.org/pdf/2105.05445.pdf", "description": ""}, {"name": "FREEDOM: Engineering a State-of-the-Art DOM Fuzzer, 2020", "url": "https://gts3.org/assets/papers/2020/xu:freedom.pdf", "description": ""}, {"name": "Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing, 2019", "url": "https://dl.acm.org/citation.cfm?id=3354249", "description": ""}, {"name": "Learning to Fuzz from Symbolic Execution with Application to Smart Contracts, 2019", "url": "https://files.sri.inf.ethz.ch/website/papers/ccs19-ilf.pdf", "description": ""}, {"name": "Matryoshka: fuzzing deeply nested branches, 2019", "url": "https://web.cs.ucdavis.edu/~hchen/paper/chen2019matryoshka.pdf", "description": ""}, {"name": "Evaluating Fuzz Testing, 2018", "url": "http://www.cs.umd.edu/~mwh/papers/fuzzeval.pdf", "description": ""}, {"name": "Hawkeye: Towards a Desired Directed Grey-box Fuzzer, 2018", "url": "https://chenbihuan.github.io/paper/ccs18-chen-hawkeye.pdf", "description": ""}, {"name": "IMF: Inferred Model-based Fuzzer, 2017", "url": "http://daramg.gift/paper/han-ccs2017.pdf", "description": ""}, {"name": "SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits, 2017", "url": "https://www.informatics.indiana.edu/xw7/papers/p2139-you.pdf", "description": ""}, {"name": "AFL-based Fuzzing for Java with Kelinci, 2017", "url": "https://dl.acm.org/citation.cfm?id=3138820", "description": ""}, {"name": "Designing New Operating Primitives to Improve Fuzzing Performance, 2017", "url": "http://iisp.gatech.edu/sites/default/files/images/designing_new_operating_primitives_to_improve_fuzzing_performance_vt.pdf", "description": ""}, {"name": "Directed Greybox Fuzzing, 2017", "url": "https://dl.acm.org/citation.cfm?id=3134020", "description": ""}, {"name": "SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities, 2017", "url": "https://arxiv.org/pdf/1708.08437.pdf", "description": ""}, {"name": "DIFUZE: Interface Aware Fuzzing for Kernel Drivers, 2017", "url": "https://acmccs.github.io/papers/p2123-corinaA.pdf", "description": ""}, {"name": "Systematic Fuzzing and Testing of TLS Libraries, 2016", "url": "https://www.nds.rub.de/media/nds/veroeffentlichungen/2016/10/19/tls-attacker-ccs16.pdf", "description": ""}, {"name": "Coverage-based Greybox Fuzzing as Markov Chain, 2016", "url": "https://ieeexplore.ieee.org/abstract/document/8233151", "description": ""}, {"name": "eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters, 2016", "url": "http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.817.5616\\&rep=rep1\\&type=pdf", "description": ""}, {"name": "Scheduling Black-box Mutational Fuzzing, 2013", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/woo-ccs13.pdf", "description": ""}, {"name": "Taming compiler fuzzers, 2013", "url": "https://www.cs.utah.edu/~regehr/papers/pldi13.pdf", "description": ""}, {"name": "SAGE: whitebox fuzzing for security testing, 2012", "url": "https://dl.acm.org/citation.cfm?id=2094081", "description": ""}, {"name": "Grammar-based whitebox fuzzing, 2008", "url": "https://dl.acm.org/citation.cfm?id=1375607", "description": ""}, {"name": "Taint-based directed whitebox fuzzing, 2009", "url": "https://dl.acm.org/citation.cfm?id=1555061", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 ArXiv (Fuzzing with Artificial Intelligence & Machine Learning)", "entries": [{"name": "MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing, 2020", "url": "https://arxiv.org/abs/2002.08568", "description": ""}, {"name": "A Review of Machine Learning Applications in Fuzzing, 2019", "url": "https://arxiv.org/abs/1906.11133", "description": ""}, {"name": "Evolutionary Fuzzing of Android OS Vendor System Services, 2019", "url": "https://arxiv.org/abs/1906.00621", "description": ""}, {"name": "MoonLight: Effective Fuzzing with Near-Optimal Corpus Distillation, 2019", "url": "https://arxiv.org/abs/1905.13055", "description": ""}, {"name": "Coverage-Guided Fuzzing for Deep Neural Networks, 2018", "url": "https://arxiv.org/abs/1809.01266", "description": ""}, {"name": "DLFuzz: Differential Fuzzing Testing of Deep Learning Systems, 2018", "url": "https://arxiv.org/abs/1808.09413", "description": ""}, {"name": "TensorFuzz: Debugging Neural Networks with Coverage-Guided Fuzzing, 2018", "url": "https://arxiv.org/abs/1807.10875", "description": ""}, {"name": "NEUZZ: Efficient Fuzzing with Neural Program Learning, 2018", "url": "https://arxiv.org/abs/1807.05620", "description": ""}, {"name": "EnFuzz: From Ensemble Learning to Ensemble Fuzzing, 2018", "url": "https://arxiv.org/abs/1807.00182", "description": ""}, {"name": "REST-ler: Automatic Intelligent REST API Fuzzing, 2018", "url": "https://arxiv.org/abs/1806.09739", "description": ""}, {"name": "Deep Reinforcement Fuzzing, 2018", "url": "https://arxiv.org/abs/1801.04589", "description": ""}, {"name": "Not all bytes are equal: Neural byte sieve for fuzzing, 2017", "url": "https://arxiv.org/abs/1711.04596", "description": ""}, {"name": "Faster Fuzzing: Reinitialization with Deep Neural Models, 2017", "url": "https://arxiv.org/abs/1711.02807", "description": ""}, {"name": "Learn\\&Fuzz: Machine Learning for Input Fuzzing, 2017", "url": "https://arxiv.org/abs/1701.07232", "description": ""}, {"name": "Complementing Model Learning with Mutation-Based Fuzzing, 2016", "url": "https://arxiv.org/abs/1611.02429", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 The others", "entries": [{"name": "Fuzzle: Making a Puzzle for Fuzzers, 2022", "url": "https://softsec.kaist.ac.kr/~sangkilc/papers/lee-ase22.pdf", "description": ""}, {"name": "Ifuzzer: An evolutionary interpreter fuzzer using genetic programming, 2016", "url": "https://www.cs.vu.nl/~herbertb/download/papers/ifuzzer-esorics16.pdf", "description": ""}, {"name": "Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution, 2012", "url": "https://pdfs.semanticscholar.org/488a/b1e313f5109153f2c74e3b5d86d41e9b4b71.pdf", "description": ""}, {"name": "Call-Flow Aware API Fuzz Testing for Security of Windows Systems, 2008", "url": "https://www.computer.org/csdl/proceedings/iccsa/2008/3243/00/3243a019-abs.html", "description": ""}, {"name": "Feedback-directed random test generation, 2007", "url": "https://dl.acm.org/citation.cfm?id=1248841", "description": ""}, {"name": "MTF-Storm:a high performance fuzzer for Modbus/TCP, 2018", "url": "https://doi.org/10.1109/ETFA.2018.8502600", "description": ""}, {"name": "A Modbus/TCP Fuzzer for testing internetworked industrial systems, 2015", "url": "https://doi.org/10.1109/ETFA.2015.7301400", "description": ""}], "notes": []}, {"name": "Fuzzing \u2014 File", "entries": [{"name": "AFL++", "url": "https://github.com/AFLplusplus/AFLplusplus", "description": "AFL++ is a superior fork to Google's AFL - more speed, more and better mutations, more and better instrumentation, custom module support, etc.", "stars": "4.1k"}, {"name": "Angora", "url": "https://github.com/AngoraFuzzer/Angora", "description": "Angora is a mutation-based coverage guided fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.", "stars": "882"}], "notes": []}, {"name": "Fuzzing \u2014 Kernel", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Network", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 API", "entries": [{"name": "IvySyn", "url": "https://gitlab.com/brown-ssl/ivysyn", "description": "IvySyn is a fully-automated framework for discovering memory error vulnerabilities in Deep Learning (DL) frameworks."}, {"name": "MINER", "url": "https://github.com/puppet-meteor/MINER", "description": "MINER is a REST API fuzzer that utilizes three data-driven designs working together to guide the sequence generation, improve the request generation quality, and capture the unique errors caused by incorrect parameter usage.", "stars": "21"}, {"name": "RestTestGen", "url": "https://github.com/SeUniVr/RestTestGen", "description": "RestTestGen is a robust tool and framework designed for automated black-box testing of RESTful web APIs.", "stars": "27"}, {"name": "GraphFuzz", "url": "https://github.com/ForAllSecure/GraphFuzz", "description": "GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.", "stars": "7"}, {"name": "Minerva", "url": "https://github.com/ChijinZ/Minerva", "description": "Minerva is a browser fuzzer augmented by API mod-ref relations, aiming to synthesize highly-relevant browser API invocations in each test case.", "stars": "25"}, {"name": "FANS", "url": "https://github.com/iromise/fans", "description": "FANS is a fuzzing tool for fuzzing Android native system services. It contains four components: interface collector, interface model extractor, dependency inferer, and fuzzer engine.", "stars": "229"}], "notes": []}, {"name": "Fuzzing \u2014 JavaScript", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Firmware", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Hypervisor", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 CPU", "entries": [{"name": "DifuzzRTL", "url": "https://github.com/compsec-snu/difuzz-rtl", "description": "DifuzzRTL is a differential fuzz testing approach for CPU verification.", "stars": "59"}, {"name": "MorFuzz", "url": "https://github.com/sycuricon/MorFuzz", "description": "MorFuzz is a generic RISC-V processor fuzzing framework that can efficiently detect software triggerable functional bugs.", "stars": "10"}, {"name": "SpecFuzz", "url": "https://github.com/tudinfse/SpecFuzz", "description": "SpecFuzz is a tool to enable fuzzing for Spectre vulnerabilities", "stars": "28"}, {"name": "Transynther", "url": "https://github.com/vernamlab/Medusa", "description": "Transynther automatically generates and tests building blocks for Meltdown attacks with various faults and microcode assists.", "stars": "18"}], "notes": []}, {"name": "Fuzzing \u2014 Lib", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Web", "entries": [{"name": "TEFuzz", "url": "https://github.com/seclab-fudan/TEFuzz/", "description": "TEFuzz is a tailored fuzzing-based framework to facilitate the detection and exploitation of template escape bugs.", "stars": "5"}, {"name": "Witcher", "url": "https://github.com/sefcom/Witcher", "description": "Witcher is a web application fuzzer that utilizes mutational fuzzing to explore web applications and fault escalation to detect command and SQL injection vulnerabilities.", "stars": "54"}, {"name": "CorbFuzz", "url": "https://github.com/shouc/corbfuzz", "description": "CorbFuzz is a state-aware fuzzer for generating as much reponses from a web application as possible without need of setting up database, etc.", "stars": "3"}], "notes": []}, {"name": "Fuzzing \u2014 DOM", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Argument", "entries": [], "notes": []}, {"name": "Fuzzing \u2014 Blockchain", "entries": [{"name": "Fluffy", "url": "https://github.com/snuspl/fluffy", "description": "Fluffy is a multi-transaction differential fuzzer for finding consensus bugs in Ethereum.", "stars": "44"}, {"name": "LOKI", "url": "https://github.com/ConsensusFuzz/LOKI", "description": "LOKI is a blockchain consensus protocol fuzzing framework that detects the consensus memory related and logic bugs.", "stars": "7"}], "notes": []}, {"name": "Fuzzing \u2014 DBMS", "entries": [{"name": "Squirrel", "url": "https://github.com/s3team/Squirrel", "description": "Squirrel is a fuzzer for database managment systems (DBMSs).", "stars": "166"}], "notes": []}], "total_entries": 185}, {"name": "Vehicle Security", "subcategories": [{"name": "Vehicle Security", "entries": [{"name": "Related Lists", "url": "#related-lists", "description": ""}, {"name": "Learn", "url": "#learn", "description": ""}, {"name": "Projects", "url": "#projects", "description": ""}, {"name": "Hardware", "url": "#hardware", "description": ""}, {"name": "Software", "url": "#software", "description": ""}, {"name": "Companies and Jobs", "url": "#companies-and-jobs", "description": ""}, {"name": "Other Awesome (non-vehicle related) Lists", "url": "#other-awesome-lists", "description": ""}, {"name": "Contributing", "url": "#contributing", "description": ""}, {"name": "Awesome CAN Bus - an awesome list just for CAN Bus-related tools (hardware, software, etc.)", "url": "https://github.com/iDoka/awesome-canbus", "description": "", "stars": "3.1k"}, {"name": "Awesome LIN Bus - an awesome list just for LIN-Bus related tools (hardware, software, etc.)", "url": "https://github.com/iDoka/awesome-linbus", "description": "", "stars": "230"}, {"name": "How to hack a car\u200a\u2014\u200aa quick crash-course", "url": "https://medium.freecodecamp.org/hacking-cars-a-guide-tutorial-on-how-to-hack-a-car-5eafcfbbb7ec", "description": "Car enthusiast Kenny Kuchera illustrates just enough information to get you up and running. An excellent resource for first timers!"}, {"name": "Stopping a Jeep Cherokee on the Highway Remotely", "url": "https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/", "description": "Chris Valasek's and Charlie Miller's pivotal research on hacking into Jeep's presented at DEFCON in 2015."}, {"name": "Troy Hunt on Controlling Nissans", "url": "https://www.troyhunt.com/controlling-vehicle-features-of-nissan/", "description": "Troy Hunt goes into controlling Nissan vehicles."}, {"name": "Tesla hackers explain how they did it at Defcon", "url": "http://www.cnet.com/roadshow/news/tesla-hackers-explain-how-they-did-it-at-def-con-23/", "description": "Overview of DEFCON 23 presentation on hacking into Tesla cars."}, {"name": "Anatomy of the Rolljam Wireless Car Hack", "url": "http://makezine.com/2015/08/11/anatomy-of-the-rolljam-wireless-car-hack/", "description": "Overview of the RollJam rolling code exploitation device."}, {"name": "IOActive's Tools and Data", "url": "http://blog.ioactive.com/2013/08/car-hacking-content.html", "description": "Chris Valasek and Charlie Miller release some of their tools and data for hacking into vehicles in an effort to get more people into vehicle security research."}, {"name": "Developments in Car Hacking", "url": "https://www.sans.org/reading-room/whitepapers/ICS/developments-car-hacking-36607", "description": "via the SANS Reading Room, Currie's paper analyses the risks and perils of smart vehicle technology."}, {"name": "Car Hacking on the Cheap", "url": "http://www.ioactive.com/pdfs/IOActive_Car_Hacking_Poories.pdf", "description": "A whitepaper from Chris Valasek and IOActive on hacking your car when you don't have a lot of resources at your disposal."}, {"name": "Car Hacking: The definitive source", "url": "http://illmatics.com/carhacking.html", "description": "Charlie Miller and Chris Valasek publish all tools, data, research notes, and papers for everyone for free"}, {"name": "Car Hacking on the cheap", "url": "https://community.rapid7.com/community/transpo-security/blog/2017/02/08/car-hacking-on-the-cheap", "description": "Craig Smith wrote a brief article on working with Metasploit\u2019s HWBrige using ELM327 Bluetooth dongle"}, {"name": "Researchers tackle autonomous vehicle security", "url": "https://phys.org/news/2017-05-tackle-autonomous-vehicle.html", "description": "Texas A\\&M researchers develop intelligence system prototype."}, {"name": "Reverse engineering of the Nitro OBD2", "url": "https://blog.quarkslab.com/reverse-engineering-of-the-nitro-obd2.html", "description": "Reverse engineering of CAN diagnostic tools."}, {"name": "Analysis of an old Subaru Impreza - Subaru Select Monitor v1 (SSM1)", "url": "https://p1kachu.pluggi.fr/project/automotive/2018/12/28/subaru-ssm1/", "description": "Digging into an old ECU through an old protocol and disabling a 1997 Subaru Impreza's speed limiter."}, {"name": "Car Hacking in 30 Minutes or Less", "url": "https://brysonpayne.com/2018/10/20/start-car-hacking-in-30-minutes-or-less/", "description": "Using VirtualBox and Kali Linux, you can start car hacking using completely free open-source software and tools, including can-utils, ICSim, ScanTool, Wireshark, and tcpdump"}, {"name": "\"Hopping on the CAN Bus\" from BlackHat Asia 2015", "url": "https://www.blackhat.com/asia-15/briefings.html#hopping-on-the-can-bus", "description": "A talk from BlackHat Asia 2015 that aims to enable the audience to \"gain an understanding of automotive systems, but will also have the tools to attack them\"."}, {"name": "\"Drive It Like You Hacked It\" from DEFCON 23", "url": "https://samy.pl/defcon2015/", "description": "A talk and slides from Samy Kamkar's DEFCON 23/2015 talk that includes hacking garages, exploiting automotive mobile apps, and breaking rolling codes to unlock any vehicle with low cost tools."}, {"name": "Samy Kamkar on Hacking Vehicles with OnStar", "url": "https://www.youtube.com/watch?v=3olXUbS-prU\\&feature=youtu.be", "description": "Samy Kamkar, the prolific hacker behind the Samy worm on MySpace, explores hacking into vehicles with OnStar systems."}, {"name": "Remote Exploitation of an Unaltered Passenger Vehicle", "url": "https://www.youtube.com/watch?v=OobLb1McxnI", "description": "DEFCON 23 talk Chris Valasek and Charlie Miller give their now famous talk on hacking into a Jeep remotely and stopping it dead in its tracks."}, {"name": "Adventures in Automotive Networks and Control Units", "url": "https://www.youtube.com/watch?v=n70hIu9lcYo", "description": "DEFCON 21 talk by Chris Valasek and Charlie Miller on automotive networks."}, {"name": "Can You Trust Autonomous Vehicles?", "url": "https://www.youtube.com/watch?v=orWqKWvIW_0", "description": "DEFCON 24 talk by Jianhao Liu, Chen Yan, Wenyuan Xu"}, {"name": "Ken Munro & Dave Lodge - Hacking the Mitsubishi Outlander & IOT", "url": "https://www.youtube.com/watch?v=YLBQdO6a5IQ", "description": "talk from BSides Manchester 2016 by Ken and Dave of [Pen Test Partners](#who-to-follow)"}, {"name": "FREE-FALL: HACKING TESLA FROM WIRELESS TO CAN BUS", "url": "https://www.blackhat.com/docs/us-17/thursday/us-17-Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf", "description": "Zeronights 2016 and later BlackHat talk by Sen Nie, Ling Liu, and Yuefeng Du from Tencent and KEEN Security lab"}, {"name": "Car Hacking 101", "url": "https://www.youtube.com/watch?v=P-mzo2X47sg", "description": "Bugcrowd LevelUp 2017 by Alan Mond"}, {"name": "State of Automotive Cyber Safety, 2015", "url": "https://www.youtube.com/watch?v=g-a20ORka-A", "description": "State of automotive hacking, policy, industry changes, etc. from I Am The Cavalry track at BSides Las Vegas, 2015."}, {"name": "State of Automotive Cyber Safety, 2016", "url": "https://www.youtube.com/watch?v=WcObDVy2-1I", "description": "State of automotive hacking, policy, industry changes, etc. from I Am The Cavalry track at BSides Las Vegas, 2016."}, {"name": "How to Hack a Tesla Model S", "url": "https://www.youtube.com/watch?v=KX_0c9R4Fng", "description": "DEF CON 23 talk by Marc Rogers and Kevin Mahaffey on hacking a Tesla. Tesla Co-Founder and CTO, JB Straubel, joins them to thank them and present a challenge coin."}, {"name": "Car Hacking Videos", "url": "http://tekeye.uk/automotive/cyber-security/car-hacking-videos", "description": "A web page with a long list of videos (40+) that are available online related to the topic of car hacking. From a 2007 DEF CON talk on modding engine ECUS and onwards (e.g. the 2017 Keen Security Tesla hack)."}, {"name": "Self-Driving and Connected Cars: Fooling Sensors and Tracking Drivers", "url": "https://www.youtube.com/watch?v=C29UGFsIWVI", "description": "Black Hat talk by Jonathan Petit. Automated and connected vehicles are the next evolution in transportation and will improve safety, traffic efficiency and driving experience. This talk will be divided in two parts: 1) security of autonomous automated vehicles and 2) privacy of connected vehicles. 2015"}, {"name": "A Survey of Remote Automotive Attack Surfaces", "url": "https://www.youtube.com/watch?v=MAGacjNw0Sw", "description": "Black Hat talk By Charlie Miller and Chris Valasek. Automotive security concerns have gone from the fringe to the mainstream with security researchers showing the susceptibility of the modern vehicle to local and remote attacks. Discussion of vehicle attack surfaces. 2014."}, {"name": "Pentesting vehicles with YACHT (Yet Another Car Hacking Tool)", "url": "https://www.blackhat.com/docs/eu-16/materials/eu-16-Sintsov-Pen-Testing-Vehicles-With-Cantoolz.pdf", "description": "A presentation that discusses different attack surfaces of a vehicle, then continues to describe an approach to car hacking along with tools needed to analyse and gather useful information."}, {"name": "How to drift with any car", "url": "https://www.youtube.com/watch?v=KU7gl1n1tIs", "description": "Introduction to CAN hacking, and using a real car as an Xbox controller."}, {"name": "Car Infotainment Hacking Methodology and Attack Surface Scenario", "url": "https://www.youtube.com/watch?v=F0mYkI2FJ_4", "description": "A guide on how to attack, hunt bugs or hack your IVI by Jay Turla which was presented at the Packet Hacking Village / Wall of Sheep during DEF CON 26."}, {"name": "TR19: Automotive Penetration Testing with Scapy", "url": "https://www.youtube.com/watch?v=7D7uNqPWrXw", "description": "Overview on how Scapy can be used for automotive penetration testing at Troopers Conference 2019."}, {"name": "Analysis and Defense of Automotive Networks", "url": "https://www.youtube.com/watch?v=a1huGwMjjd4", "description": "Overview of CAN, security, and potential intrusion detection approaches at BSides Knoxville 2020"}, {"name": "Remote Exploitation of Honda Cars", "url": "https://www.youtube.com/watch?v=y4Uzm-CTa0I\\&ab_channel=CarHackingVillage", "description": "The Honda Connect app used by Honda City 5th generation used weak security mechanisms in its APIs for access control which would allow a malicious user to perform actions like starting the car, locking/unlocking car etc. remotely by interacting with it's Telematics Control Unit (TCU)"}, {"name": "TR22: UDS Fuzzing and the Path to Game Over", "url": "https://www.youtube.com/watch?v=c_DqxHmH7kc", "description": "UDS diagnostics protocol fuzzing methodology, presented as a result of numerous penetration testing projects in the automotive industry, with real world exploitation PoCs, presented during Troopers Conference 2022."}, {"name": "CCC - Horror Stories From the Automotive Industry", "url": "https://www.youtube.com/watch?v=rAA-agcNeeg", "description": "Horrifying examples of common vulnerabilities in the automotive industry, result of more than 100 penetration tests targeting Tier 1 suppliers and OEMs, with ultimate goal to raise awareness on the current state of automotive security. Additionally, PoC of automated week seed randomness exploitation in automotive components, by using a battery isolator in heavy-duty vehicles and the UDS protocol, for complete compromise of a target. Presented in Chaos Communication Camp, DeepSec 2023 and Troopers Conference 23."}, {"name": "Car Hacking Scene in the PH: How Far We've Come", "url": "https://www.youtube.com/watch?v=JaF-_KYQ46A", "description": "Car Hacking Village PH presents their first attempt on the main tracks for ROOTCON. This is a rundown of CHVPH's past security research to current research - from hacking infotainment systems to CAN Bus protocols and a summary of cars available in the Philippines which are susceptible to car thefts."}, {"name": "Analysis of an In-vehicular network: From CAN bus to infotainment", "url": "https://www.youtube.com/watch?v=4d-uhs2VLCQ", "description": "This talk will feature Div0 CSQ\u2019s 3 test benches as they explore more features on Connected vehicles. This was presented in ROOTCON 17 Car Hacking Village."}, {"name": "An overview of Automotive Defensive Engineering", "url": "https://www.youtube.com/watch?v=MfTNv9SXd-o", "description": "This talk is for car hackers to learn about modern defense measures being added to ECUs and Vehicle Architectures. This was presented in ROOTCON 17 Car Hacking Village."}, {"name": "Hacking Back Your Car", "url": "https://www.youtube.com/watch?v=akMok3Hb-pE", "description": "Kamel Ghali's talk on ROOTCON 17 about how an attacker's perspective on hacking a car and origins of such attacks, how they've been used in different countries over the years, and explore the technical details of what makes such an attack possible."}, {"name": "TR23: V2GEvil: Ghost in the wires", "url": "https://www.youtube.com/watch?v=JVWFfSmIlRY", "description": "This research is dedicated to enhancing the cybersecurity of electric vehicles, with a specific focus on identifying vulnerabilities in the Electric Vehicle Communication Controller (EVCC), and an introduction to the tool V2GEvil. Accessible through the On-Board Charging (OBC) port, makes this attack vector really important for the security of future vehicles."}, {"name": "DEF CON CHV - V2GEvil: Ghost in the wires", "url": "https://www.youtube.com/watch?v=Ui2etjRyrUE", "description": "Shortened and summarized version of the talk V2GEvil: Ghost in the wires, from the DEF CON 32 Car Hacking Village, by Pavel Khunt and Thomas Sermpinis."}, {"name": "The hack, the crash and two smoking barrels. (And all the times I (almost) killed an engineer.)", "url": "https://www.youtube.com/watch?v=MDndWJxfP-U", "description": "Thomas Sermpinis goes through the process of responsibly disclosing findings affecting the Blind Spot Detection Sensor of a current MY vehicle from one of the biggest OEMs in the world, leading to accusations that he was collaborating with hostile nations by the OEM. A story about how automotive manufacturers are treating the security industry, where are we heading, and how to be better, on the stage of DEF CON 32."}, {"name": "2014 Car Hacker's Handbook", "url": "https://www.amazon.com/Car-Hackers-Manual-Craig-Smith/dp/0990490106", "description": "Free guide to hacking vehicles from 2014."}, {"name": "2016 Car Hacker's Handbook", "url": "https://www.amazon.com/Car-Hackers-Handbook-Penetration-Tester/dp/1593277032", "description": "Latest version of the Car Hacker's handbook with updated information to hack your own vehicle and learning vehicle security. For a physical copy as well unlimited PDF, MOBI, and EPUB copies of the book, buy it at [No Starch Press](https://www.nostarch.com/carhacking). Sections are available online [here](https://books.google.com/books?id=Ao_QCwAAQBAJ\\&lpg=PP1\\&dq=car%20hacking\\&pg=PP1#v=onepage\\&q\\&f=false)."}, {"name": "A Comprehensible Guide to Controller Area Network", "url": "https://www.amazon.com/Comprehensible-Guide-Controller-Area-Network/dp/0976511606/ref=pd_sim_14_1?ie=UTF8\\&dpID=41-D9UhlE9L\\&dpSrc=sims\\&preST=_AC_UL160_SR124%2C160_\\&psc=1\\&refRID=3FH8N10610H0RX8SMB6K", "description": "An older book from 2005, but still a comprehensive guide on CAN buses and networking in vehicles."}, {"name": "\u667a\u80fd\u6c7d\u8f66\u5b89\u5168\u653b\u9632\u5927\u63ed\u79d8", "url": "https://www.amazon.cn/dp/B075QZXY7W", "description": ""}, {"name": "Controller Area Network Prototyping with Arduino", "url": "https://www.amazon.com/Controller-Area-Network-Prototyping-Arduino/dp/1938581164/ref=pd_sim_14_2?ie=UTF8\\&dpID=51J27ZEcl9L\\&dpSrc=sims\\&preST=_AC_UL160_SR123%2C160_\\&psc=1\\&refRID=V42FKNW09QGVGHW7ZFRR", "description": "This book guides you through prototyping CAN applications on Arduinos, which can help when working with CAN on your own car."}, {"name": "Embedded Networking with CAN and CANopen", "url": "https://www.amazon.com/Embedded-Networking-CANopen-Olaf-Pfeiffer/dp/0929392787/ref=pd_sim_14_37?ie=UTF8\\&dpID=41UnLKYFpmL\\&dpSrc=sims\\&preST=_AC_UL160_SR122%2C160_\\&psc=1\\&refRID=V42FKNW09QGVGHW7ZFRR", "description": "From 2003, this book fills in gaps in CAN literature and will educate you further on CAN networks and working with embedded systems."}, {"name": "Inside Radio: An Attack and Defense Guide", "url": "https://www.amazon.com/Inside-Radio-Attack-Defense-Guide/dp/9811084467", "description": ""}, {"name": "Koscher et al. Experimental Security Analysis of a Modern Automobile, 2010", "url": "http://www.autosec.org/pubs/cars-oakland2010.pdf", "description": ""}, {"name": "Comprehensive Experimental Analyses of Automotive Attack Surfaces, 2011", "url": "http://static.usenix.org/events/sec11/tech/full_papers/Checkoway.pdf", "description": ""}, {"name": "Miller and Valasek", "url": "http://illmatics.com/carhacking.html", "description": "Self proclaimed \"car hacking the definitive source\"."}, {"name": "5-Star Automotive Cyber Safety Framework, 2015", "url": "https://iamthecavalry.org/5star", "description": ""}, {"name": "A Vulnerability in Modern Automotive Standards and How We Exploited It", "url": "https://documents.trendmicro.com/assets/A-Vulnerability-in-Modern-Automotive-Standards-and-How-We-Exploited-It.pdf", "description": ""}, {"name": "A Car Hacking Experiment: When Connectivity Meets Vulnerability", "url": "http://ieeexplore.ieee.org/abstract/document/7413993/", "description": ""}, {"name": "Security issues and vulnerabilities in connected car systems", "url": "http://ieeexplore.ieee.org/abstract/document/7223297/", "description": ""}, {"name": "Automobile Driver Fingerprinting, 2016", "url": "http://www.autosec.org/pubs/fingerprint.pdf", "description": ""}, {"name": "Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network, 2016", "url": "https://ieeexplore.ieee.org/document/7427089", "description": ""}, {"name": "Modeling Inter-Signal Arrival Times for Accurate Detection of CAN Bus Signal Injection Attacks", "url": "https://dl.acm.org/citation.cfm?id=3064816", "description": ""}, {"name": "The Connected Car - Ways to get unauthorized access and potential implications, 2018", "url": "https://www.computest.nl/documents/9/The_Connected_Car._Research_Rapport_Computest_april_2018.pdf", "description": ""}, {"name": "CAN-D: A Modular Four-Step Pipeline for Comprehensively Decoding Controller Area Network Data", "url": "https://arxiv.org/pdf/2006.05993.pdf", "description": ""}, {"name": "Time-Based CAN Intrusion Detection Benchmark", "url": "https://arxiv.org/pdf/2101.05781.pdf", "description": ""}, {"name": "Addressing the Lack of Comparability & Testing in CAN Intrusion Detection Research: A Comprehensive Guide to CAN IDS Data & Introduction of the ROAD Dataset", "url": "https://arxiv.org/pdf/2012.14600.pdf", "description": ""}, {"name": "On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats", "url": "https://hexhive.epfl.ch/publications/files/22WOOT.pdf", "description": ""}, {"name": "Pavel, K. Vehicle On-Board Charging Security Scanner, 2024", "url": "https://dspace.cvut.cz/bitstream/handle/10467/113764/F8-DP-2024-Khunt-Pavel-thesis.pdf", "description": ""}, {"name": "Udacity's Self Driving Car Engineer Course", "url": "https://github.com/udacity/self-driving-car", "description": "The content for Udacity's self driving car software engineer course. The actual course on Udacity's website is [here](https://www.udacity.com/course/self-driving-car-engineer-nanodegree--nd013).", "stars": "6.3k"}, {"name": "Keen Security Lab Blog", "url": "http://keenlab.tencent.com/en/", "description": "Blog created by Keen Security Lab of Tencent that posts research on car security."}, {"name": "Automotive Security Research Group", "url": "https://asrg.io/knowledge/", "description": "The Automotive Security Research Group (ASRG) is a non-profit initiative to promote the development of security solutions for automotive products."}, {"name": "OpenGarages", "url": "https://github.com/opengarages", "description": "Provides public access, documentation and tools necessary to understand today's modern vehicle systems."}, {"name": "DEFCON Car Hacking Village", "url": "http://www.carhackingvillage.com/", "description": "Car Hacking exercises from DEFCON 24."}, {"name": "canbushack: Hack Your Car", "url": "http://www.canbushack.com/blog/index.php", "description": "course on Vehicle Hacking methodology."}, {"name": "OWASP Internet of Things Project", "url": "https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=Community", "description": "OWASP's project to secure IoT, from cars to medical devices and beyond."}, {"name": "I Am The Cavalry", "url": "https://www.iamthecavalry.org/", "description": "Global grassroots (eg. volunteer) initiative focused on the intersection of security and human life/public safety issues, such as cars. Participation from security researchers, OEMs, Tier 1s, and many others. Published [Automotive 5-Star Cyber Safety Framework](https://iamthecavalry.org/5star)."}, {"name": "Carloop Community", "url": "https://community.carloop.io/", "description": "Community of people interested in car hacking and connecting vehicles to the cloud."}, {"name": "Python Security", "url": "http://www.pythoncarsecurity.com/", "description": "A website for browsing and buying python-integrated cars having certain vehicular security features."}, {"name": "NIST Automotive Cybersecurity Community of Interest", "url": "https://csrc.nist.gov/Projects/auto-cybersecurity-coi", "description": "NIST, the organization behind the NVD CVE database and modern cryptographic standards, runs a Community of Interest group for Automotive Cybersecurity that seeks to \"provide a way for NIST to facilitate the discussions and receive comments and feedback from the automotive industry, academia, and government.\"."}, {"name": "U.S. Automotve Cyber Security Summit", "url": "http://www.automotivecybersecurity.com/", "description": ""}, {"name": "escar conference", "url": "https://www.escar.info/", "description": "Embedded security in cars. European event has run for over 10 years, and they now have US and Asia events."}, {"name": "IT Security for Vehicles", "url": "https://www.vdi-wissensforum.de/en/event/it-security-for-vehicles/", "description": "Conference run by the Association of German Engineers (VDI), with participation from US and European OEMs, Tier 1s, and others."}, {"name": "Cyber Truck Challenge", "url": "https://www.cybertruckchallenge.org/", "description": "Conference that focuses on heavy vehicle cybersecurity issues. Includes hands-on assessments of heavy vehicles and subsystems."}], "notes": []}, {"name": "Vehicle Security \u2014 Podcasts", "entries": [{"name": "Security Weekly", "url": "http://securityweekly.com/", "description": "Excellent podcast covering all ranges of security, with some episodes focusing portions on vehicle security from cars to drones."}, {"name": "TrustedSec Podcast", "url": "https://podcasts.apple.com/us/podcast/security-noise/id1428851782", "description": "From the people at TrustedSec, leaders in Social Engineering, their episodes often go into recent vehicle vulnerabilities and exploits."}, {"name": "SANS Internet Storm Center", "url": "https://isc.sans.edu/", "description": "the ISC run a regular podcast going into the latest vulnerabilities and security news."}, {"name": "Security Ledger", "url": "https://soundcloud.com/securityledger", "description": "A podcast focusing on interviewing security experts about topics related to security."}], "notes": []}, {"name": "Vehicle Security \u2014 Episodes", "entries": [{"name": "Car Hacking with Craig Smith", "url": "http://softwareengineeringdaily.com/2015/09/02/car-hacking-with-craig-smith/", "description": "Software Engineering Daily did an amazing episode with Craig Smith, author of the Car Hacking Handbook (above), on hacking into vehicles."}, {"name": "Big Bugs Podcast Episode 1: Auto Bugs - Critical Vulns found in Cars with Jason Haddix", "url": "https://blog.bugcrowd.com/big-bugs-podcast-episode-1", "description": "Jason Haddix explores major vulnerabilities found in cars."}, {"name": "Hacking Under the Hood and Into Your Car", "url": "http://www.npr.org/2013/08/02/208270026/hacking-under-the-hood-and-into-your-car", "description": "Chris Valasek and Charlie Miller discuss with NPR how they were able to hack into vehicles."}, {"name": "Hacking Connected Vehicles with Chris Valasek of IOActive", "url": "https://soundcloud.com/securityledger/chris-valasek-of-ioactive", "description": "Chris Valasek talks about hacking into connected vehicles."}, {"name": "Reverse Engineering Resources", "url": "https://github.com/ps1337/automotive-security-research", "description": "", "stars": "97"}, {"name": "Real ORNL Automotive Dynamometer (ROAD) CAN Intrusion Dataset", "url": "https://0xsam.com/road/", "description": ""}, {"name": "CAN DoS Fuzzing Attack Video", "url": "https://www.youtube.com/shorts/80A5IhvwsJU", "description": ""}, {"name": "ECU Reflashing Detector Demo", "url": "https://www.youtube.com/watch?v=HPpGzwWQY5Y", "description": ""}, {"name": "Open Vehicle Monitoring System", "url": "https://github.com/openvehicles/Open-Vehicle-Monitoring-System", "description": "A community project building a hardware module for your car, a server to talk to it, and a mobile app to talk to the server, in order to allow developers and enthusiasts to add more functionality to their car and control it remotely.", "stars": "341"}, {"name": "Open Source Car Control Project", "url": "https://github.com/PolySync/OSCC", "description": "The Open Source Car Control Project is a hardware and software project detailing the conversion of a late model vehicle into an autonomous driving research and development vehicle.", "stars": "1k"}, {"name": "Uptane", "url": "https://uptane.github.io/overview.html", "description": "Uptane is an open and secure software update system design protecting software delivered over-the-air to the computerized units of automobiles and is designed to be resilient even to the best efforts of nation state attackers."}, {"name": "Arduino", "url": "https://www.arduino.cc/", "description": "Arduino boards have a number of shields you can attach to connect to CAN-enabled devices."}, {"name": "CANtact", "url": "https://cantact.io/cantact/users-guide.html", "description": "\"The Open Source Car Tool\" designed to help you hack your car. You can buy one or make your own following the guide here."}, {"name": "Freematics OBD-II Telematics Kit", "url": "http://freematics.com/pages/products/arduino-telematics-kit-3/", "description": "Arduino-based OBD-II Bluetooth adapter kit has both an OBD-II device and a data logger, and it comes with GPS, an accelerometer and gyro, and temperature sensors."}, {"name": "ELM327", "url": "https://www.elmelectronics.com/obdic.html", "description": "The de facto chipset that's very cheap and can be used to connect to CAN devices."}, {"name": "GoodThopter12", "url": "http://goodfet.sourceforge.net/hardware/goodthopter12/", "description": "Crafted by a well-known hardware hacker, this board is a general board that can be used for exploration of automotive networks."}, {"name": "USB2CAN", "url": "http://www.8devices.com/products/usb2can/", "description": "Cheap USB to CAN connector that will register a device on linux that you can use to get data from a CAN network."}, {"name": "Rinho Telematics", "url": "https://rinho.com.ar/en", "description": "GPS trackers with native CAN Bus (J1939/FMS), WiFi fallback for offline data download, and BLE 5.0 sensors. Compatible with Traccar and Wialon."}, {"name": "Intrepid Tools", "url": "http://store.intrepidcs.com/", "description": "Expensive, but extremely versatile tools specifically designed for reversing CAN and other vehicle communication protocols."}, {"name": "Red Pitaya", "url": "http://redpitaya.com/", "description": "Replaces expensive measurement tools such as oscilloscopes, signal generators, and spectrum analyzers. Red Pitaya has LabView and Matlab interfaces, and you can write your own tools and applications for it. It even supports extensions for things like Arduino shields."}, {"name": "ChipWhisperer", "url": "http://newae.com/tools/chipwhisperer/", "description": "A system for side-channel attacks, such as power analysis and clock glitching."}, {"name": "HackerSDR", "url": "https://greatscottgadgets.com/hackrf/", "description": "A Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies."}, {"name": "Carloop", "url": "https://www.carloop.io/", "description": "Open source development kit that makes it easy to connect your car to the Internet. Lowest cost car hacking tool that is compatible with SocketCAN and can-utils.  No OBD-II to serial cable required."}, {"name": "CANBadger", "url": "https://gutenshit.github.io/CANBadger/", "description": "A tool for reverse-engineering and testing automotive systems. The CANBadger consists of both hardware and software. The main interface is a LPC1768/LPC1769 processor mounted on a custom PCB, which offers two CAN interfaces, SD Card, a blinky LED, some GPIO pins, power supply for peripherals and the ethernet port."}, {"name": "CANSPY", "url": "https://bitbucket.org/jcdemay/canspy", "description": "A platform giving security auditors to audit CAN devices. It can be used to block, forward or modify CAN frames on the fly autonomously as well as interactively."}, {"name": "CANBus Triple", "url": "https://canb.us/", "description": "General purpose Controller Area Network swiss army knife and development platform."}, {"name": "USBtin", "url": "http://www.fischl.de/usbtin/", "description": "USBtin is a simple USB to CAN interface. It can monitor CAN busses and transmit CAN messages. USBtin implements the USB CDC class and creates a virtual comport on the host computer."}, {"name": "OpenXC", "url": "http://openxcplatform.com/hardware.html", "description": "OpenXC is a combination of open source hardware and software that lets you extend your vehicle with custom applications and pluggable modules. It uses standard, well-known tools to open up a wealth of data from the vehicle to developers. Started by researchers at Ford, it works for all 2002 and newer MY vehicles (standard OBD-II interface). Researchers at Ford Motor Company joined up to create a standard way of creating aftermarket software and hardware for vehicles."}, {"name": "Macchina M2", "url": "https://www.macchina.cc/m2-introduction", "description": "Macchina 2.0 is a complete overhaul of our 1.X generation of Macchina. The goals are still the same: Create an easy-to-use, fully-open, and super-compatible automotive interface."}, {"name": "PandwaRF", "url": "https://pandwarf.com/", "description": "PandwaRF is a pocket-sized, portable RF analysis tool operating the sub-1 GHz range. It allows the capture, analysis and re-transmission of RF via an Android device or a Linux PC. Capture any data in ASK/OOK/MSK/2-FSK/GFSK modulation from the 300-928 MHz band."}, {"name": "CAN MITM Bridge by MUXSCAN", "url": "https://www.tindie.com/products/muxsan/can-mitm-bridge-3-port-rev-25/", "description": "a tool to MITM CAN messages, allowing easy interaction with your car."}, {"name": "PiCCANTE", "url": "https://github.com/Alia5/PiCCANTE", "description": "Open-source CAN hacking tool based on Raspberry Pi Pico \\[2] (W) - Up to 3x CAN interfaces, includes ELM327 emulator.", "stars": "67"}, {"name": "Wireshark", "url": "https://www.wireshark.org/", "description": "WireShark can be used for reversing CAN communications."}, {"name": "Kayak", "url": "http://kayak.2codeornot2code.org/", "description": "Java application for CAN bus diagnosis and monitoring."}, {"name": "UDSim", "url": "https://github.com/zombieCraig/UDSim/", "description": "GUI tool that can monitor a CAN bus and automatically learn the devices attached to it by watching communications.", "stars": "321"}, {"name": "RomRaider", "url": "http://www.romraider.com/", "description": "An open source tuning suite for the Subaru engine control unit that lets you view and log data and tune the ECU."}, {"name": "Intrepid Tools", "url": "http://store.intrepidcs.com/", "description": "Expensive, but extremely versatile tools specifically designed for reversing CAN and other vehicle communication protocols."}, {"name": "O2OO", "url": "http://web.archive.org/web/20201108091723/https://www.vanheusden.com/O2OO/", "description": "Works with the ELM327 to record data to a SQLite database for graphing purposes. It also supports reading GPS data. You can connect this to your car and have it map out using Google Maps KML data where you drive."}, {"name": "CANToolz", "url": "https://github.com/eik00d/CANToolz", "description": "CANToolz is a framework for analysing CAN networks and devices. It is based on several modules which can be assembled in a pipeline.", "stars": "313"}, {"name": "BUSMASTER", "url": "https://rbei-etas.github.io/busmaster/", "description": "An Open Source tool to simulate, analyze and test data bus systems such as CAN, LIN, FlexRay."}, {"name": "OpenXC", "url": "http://openxcplatform.com/getting-started/index.html", "description": "Currently, OpenXC works with `Python` and `Android`, with libraries provided to get started."}, {"name": "openpilot", "url": "https://github.com/commaai/openpilot", "description": "openpilot is an open source driving agent that performs the functions of Adaptive Cruise Control (ACC) and Lane Keeping Assist System (LKAS) for Hondas and Acuras.", "stars": "60k"}, {"name": "openalpr", "url": "https://github.com/openalpr/openalpr", "description": "An open source Automatic License Plate Recognition library written in C++ with bindings in C#, Java, Node.js, Go, and Python.", "stars": "11k"}, {"name": "metasploit", "url": "https://community.rapid7.com/community/transpo-security/blog/2017/02/02/exiting-the-matrix", "description": "The popular metasploit framework now supports Hardware Bridge sessions, that extend the framework's capabilites onto hardware devices such as socketcan and SDR radios."}, {"name": "Mazda AIO Tweaks", "url": "https://mazdatweaks.com/", "description": "All-in-one installer/uninstaller for many available Mazda MZD Infotainment System tweaks."}, {"name": "mazda\\_getInfo", "url": "https://github.com/shipcod3/mazda_getInfo", "description": "A PoC that the USB port is an attack surface for a Mazda car's infotainment system and how Mazda hacks are made (known bug in the CMU).", "stars": "166"}, {"name": "talking-with-cars", "url": "https://github.com/P1kachu/talking-with-cars", "description": "CAN related scripts, and scripts to use a car as a gamepad", "stars": "129"}, {"name": "CANalyzat0r", "url": "https://github.com/schutzwerk/CANalyzat0r", "description": "A security analysis toolkit for proprietary car protocols.", "stars": "785"}], "notes": []}, {"name": "Vehicle Security \u2014 C", "entries": [{"name": "SocketCAN Utils", "url": "https://github.com/linux-can/can-utils", "description": "Userspace utilites for SocketCAN on Linux.", "stars": "2.8k"}, {"name": "vircar", "url": "https://github.com/dn5/vircar", "description": "a Virtual car userspace that sends CAN messages based on SocketCAN", "stars": "154"}, {"name": "dbcc", "url": "https://github.com/howerj/dbcc", "description": "\"dbcc is a program for converting a DBC file primarily into into C code that can serialize and deserialize CAN messages.\" With existing DBC files from a vehicle, this file allows you to convert them to C code that extracts the CAN messages and properties of the CAN environment.", "stars": "440"}], "notes": []}, {"name": "Vehicle Security \u2014 C++", "entries": [{"name": "High Level ViWi Service", "url": "https://github.com/iotbzh/high-level-viwi-service", "description": "High level Volkswagen CAN signaling protocol implementation.", "stars": "13"}, {"name": "CanCat", "url": "https://github.com/atlas0fd00m/CanCat", "description": "A \"swiss-army knife\" for interacting with live CAN data. Primary API interface in Python, but written in C++.", "stars": "208"}, {"name": "CANdevStudio", "url": "https://github.com/GENIVI/CANdevStudio", "description": "Development tool for CAN bus simulation. CANdevStudio enables to simulate CAN signals such as ignition status, doors status or reverse gear by every automotive developer.", "stars": "1.1k"}, {"name": "UnlockECU", "url": "https://github.com/jglim/UnlockECU", "description": "Free, open-source ECU seed-key unlocking tool.", "stars": "389"}], "notes": []}, {"name": "Vehicle Security \u2014 Java", "entries": [{"name": "ITS Geonetworking", "url": "https://github.com/alexvoronov/geonetworking", "description": "ETSI ITS G5 GeoNetworking stack, in Java: CAM-DENM / ASN.1 PER / BTP / GeoNetworking", "stars": "104"}], "notes": []}, {"name": "Vehicle Security \u2014 Python", "entries": [{"name": "CANard", "url": "https://github.com/ericevenchick/canard", "description": "A Python framework for Controller Area Network applications.", "stars": "515"}, {"name": "Caring Caribou", "url": "https://github.com/CaringCaribou/caringcaribou/", "description": "Intended to be the *nmap of vehicle security*.", "stars": "889"}, {"name": "c0f", "url": "https://github.com/zombieCraig/c0f/", "description": "A fingerprinting tool for CAN communications that can be used to find a specific signal on a CAN network when testing interactions with a vehicle.", "stars": "92"}, {"name": "Python-CAN", "url": "https://github.com/hardbyte/python-can", "description": "Python interface to various CAN implementations, including SocketCAN. Allows you to use Python 2.7.x or 3.3.x+ to communicate over CAN networks.", "stars": "1.5k"}, {"name": "Python-OBD", "url": "https://github.com/brendan-w/python-OBD", "description": "A Python module for handling realtime sensor data from OBD-II vehicle ports. Works with ELM327 OBD-II adapters, and is fit for the Raspberry Pi.", "stars": "1.3k"}, {"name": "CanCat", "url": "https://github.com/atlas0fd00m/CanCat", "description": "A \"swiss-army knife\" for interacting with live CAN data. Primary API interface in Python, but written in C++.", "stars": "208"}, {"name": "Scapy", "url": "https://github.com/secdev/scapy", "description": "A python library to send, receive, edit raw packets. Supports CAN and automotive protocols: see the [automotive doc](https://scapy.readthedocs.io/en/latest/layers/automotive.html)", "stars": "12k"}, {"name": "CanoPy", "url": "https://github.com/tbruno25/canopy", "description": "A python gui used to visualize and plot message payloads in real time.", "stars": "290"}, {"name": "canTot", "url": "https://github.com/shipcod3/canTot", "description": "A python-based cli framework based on sploitkit and is easy to use because it similar to working with Metasploit. This similar to an exploit framework but focused on known CAN Bus vulnerabilities or fun CAN Bus hacks.", "stars": "149"}, {"name": "SocketCAN", "url": "https://python-can.readthedocs.io/en/master/interfaces/socketcan.html", "description": ""}, {"name": "canmatrix", "url": "https://github.com/ebroecker/canmatrix", "description": "", "stars": "1.1k"}, {"name": "canopen", "url": "https://canopen.readthedocs.io/en/latest/", "description": ""}, {"name": "cantools", "url": "https://github.com/eerimoq/cantools", "description": "", "stars": "2.2k"}, {"name": "Caring Caribou Next", "url": "https://github.com/Cr0wTom/caringcaribounext", "description": "Upgraded and optimized version of the original Caring Caribou project.", "stars": "9"}], "notes": []}, {"name": "Vehicle Security \u2014 Go", "entries": [{"name": "CANNiBUS", "url": "https://github.com/Hive13/CANiBUS/", "description": "A Go server that allows a room full of researchers to simultaneously work on the same vehicle, whether for instructional purposes or team reversing sessions.", "stars": "111"}, {"name": "CAN Simulator", "url": "https://github.com/carloop/simulator-program", "description": "A Go based CAN simulator for the Raspberry Pi to be used with PiCAN2 or the open source [CAN Simulator board (\u2b50188)](https://github.com/carloop/simulator)", "stars": "70"}], "notes": []}, {"name": "Vehicle Security \u2014 JavaScript", "entries": [{"name": "NodeJS extension to SocketCAN", "url": "https://github.com/sebi2k1/node-can", "description": "Allows you to communicate over CAN networks with simple JavaScript functions.", "stars": "241"}, {"name": "UberATC", "url": "https://www.uber.com/us/en/autonomous/", "description": "Uber Advanced Technologies Center, now Uber AV - [info@uberatc.com](https://github.com/jaredthecoder/awesome-vehicle-security/blob/master/README.md/mailto:info@uberatc.com)."}, {"name": "Tesla", "url": "https://www.tesla.com/careers/search#/filter/?keyword=security\\&department=1", "description": "Tesla hires security professionals for a variety of roles, particularly securing their vehicles."}, {"name": "Intrepid Control Systems", "url": "https://www.intrepidcs.com/jobs/", "description": "Embedded security company building tools for reversing vehicles."}, {"name": "Rapid7", "url": "https://www.rapid7.com/company/careers.jsp", "description": "Rapid7 does work in information, computer, and embedded security."}, {"name": "IOActive", "url": "http://www.ioactive.com/", "description": "Security consulting firm that does work on pentesting hardware and embedded systems."}, {"name": "Cohda Wireless", "url": "https://cohdawireless.com/", "description": "V2X DSRC Radio and Software"}, {"name": "VicOne", "url": "https://www.vicone.com/", "description": "A subsidiary of Trend Micro which focuses on automotive security"}, {"name": "General Motors", "url": "https://hackerone.com/gm", "description": ""}, {"name": "Stellantis", "url": "https://bugcrowd.com/stellantis", "description": ""}, {"name": "Tesla Motors", "url": "https://bugcrowd.com/tesla", "description": ""}, {"name": "ASRG", "url": "https://asrg.io/disclosure/", "description": "The ASRG Disclosure Process is to support responsible disclosure when direct communication with the responsible company is unavailable or not responsive."}, {"name": "Zeekr", "url": "https://security.zeekrlife.com/vulnerability", "description": "Zeekr and Geely Responsible disclosure program"}], "notes": []}], "total_entries": 181}, {"name": "Hacking", "subcategories": [{"name": "Hacking \u2014 Table of Contents", "entries": [{"name": "System", "url": "#system", "description": ""}, {"name": "Reverse Engineering", "url": "#reverse-engineering", "description": ""}, {"name": "Web", "url": "#web", "description": ""}, {"name": "Network", "url": "#network", "description": ""}, {"name": "Forensic", "url": "#forensic", "description": ""}, {"name": "Cryptography", "url": "#cryptography", "description": ""}, {"name": "Wargame", "url": "#wargame", "description": ""}, {"name": "CTF", "url": "#ctf", "description": ""}, {"name": "OS", "url": "#os", "description": ""}, {"name": "Post exploitation", "url": "#post-exploitation", "description": ""}, {"name": "ETC", "url": "#etc", "description": ""}, {"name": "Roppers Computing Fundamentals", "url": "https://www.roppers.org/courses/fundamentals", "description": ""}, {"name": "Corelan Team's Exploit writing tutorial", "url": "https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/", "description": ""}, {"name": "Exploit Writing Tutorials for Pentesters", "url": "http://web.archive.org/web/20140916085343/http://www.punter-infosec.com/exploit-writing-tutorials-for-pentesters/", "description": ""}, {"name": "Understanding the basics of Linux Binary Exploitation", "url": "https://github.com/r0hi7/BinExp", "description": "", "stars": "1.2k"}, {"name": "Shells", "url": "https://www.youtube.com/playlist?list=PLyzOVJj3bHQuloKGG59rS43e29ro7I57J", "description": ""}, {"name": "Missing Semester", "url": "https://missing.csail.mit.edu/2020/course-shell/", "description": ""}, {"name": "Metasploit", "url": "https://github.com/rapid7/metasploit-framework", "description": "", "stars": "32k"}, {"name": "mimikatz", "url": "https://github.com/gentilkiwi/mimikatz", "description": "A little tool to play with Windows security", "stars": "18k"}, {"name": "Hackers tools", "url": "https://www.youtube.com/playlist?list=PLyzOVJj3bHQuiujH1lpn8cA9dsyulbYRv", "description": "Tutorial on tools."}], "notes": []}, {"name": "Hacking \u2014 Docker Images for Penetration Testing & Security", "entries": [{"name": "Exploit database", "url": "https://www.exploit-db.com/", "description": "An ultimate archive of exploits and vulnerable software"}, {"name": "Begin RE: A Reverse Engineering Tutorial Workshop", "url": "https://www.begin.re/the-workshop", "description": ""}, {"name": "Malware Analysis Tutorials: a Reverse Engineering Approach", "url": "http://fumalwareanalysis.blogspot.kr/p/malware-analysis-tutorials-reverse.html", "description": ""}, {"name": "Malware Unicorn Reverse Engineering Tutorial", "url": "https://malwareunicorn.org/workshops/re101.html#0", "description": ""}, {"name": "Lena151: Reversing With Lena", "url": "https://archive.org/details/lena151", "description": ""}], "notes": []}, {"name": "Hacking \u2014 Disassemblers and debuggers", "entries": [{"name": "IDA", "url": "https://www.hex-rays.com/products/ida/", "description": "IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger"}, {"name": "OllyDbg", "url": "http://www.ollydbg.de/", "description": "A 32-bit assembler level analysing debugger for Windows"}, {"name": "x64dbg", "url": "https://github.com/x64dbg/x64dbg", "description": "An open-source x64/x32 debugger for Windows", "stars": "42k"}, {"name": "radare2", "url": "https://github.com/radare/radare2", "description": "A portable reversing framework", "stars": "19k"}, {"name": "plasma", "url": "https://github.com/joelpx/plasma", "description": "Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.", "stars": "3k"}, {"name": "ScratchABit", "url": "https://github.com/pfalcon/ScratchABit", "description": "Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API", "stars": "390"}, {"name": "Capstone", "url": "https://github.com/aquynh/capstone", "description": "", "stars": "6.8k"}, {"name": "Ghidra", "url": "https://ghidra-sre.org/", "description": "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission"}], "notes": []}, {"name": "Hacking \u2014 Decompilers", "entries": [{"name": "Krakatau", "url": "https://github.com/Storyyeller/Krakatau", "description": "the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.", "stars": "1.9k"}, {"name": "JD-GUI", "url": "https://github.com/java-decompiler/jd-gui", "description": "", "stars": "13k"}, {"name": "procyon", "url": "https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler", "description": ""}, {"name": "JAD", "url": "http://varaneckas.com/jad/", "description": "JAD Java Decompiler (closed-source, unmaintained)"}, {"name": "JADX", "url": "https://github.com/skylot/jadx", "description": "a decompiler for Android apps. Not related to JAD.", "stars": "38k"}], "notes": []}, {"name": "Hacking \u2014 Deobfuscators", "entries": [{"name": "de4dot", "url": "https://github.com/0xd4d/de4dot", "description": ".NET deobfuscator and unpacker.", "stars": "6.6k"}, {"name": "JS Beautifier", "url": "https://github.com/beautify-web/js-beautify", "description": "", "stars": "8.3k"}, {"name": "JS Nice", "url": "http://jsnice.org/", "description": "a web service guessing JS variables names and types based on the model derived from open source."}], "notes": []}, {"name": "Hacking \u2014 Other", "entries": [{"name": "nudge4j", "url": "https://github.com/lorenzoongithub/nudge4j", "description": "Java tool to let the browser talk to the JVM", "stars": "154"}, {"name": "dex2jar", "url": "https://github.com/pxb1988/dex2jar", "description": "Tools to work with Android .dex and Java .class files", "stars": "12k"}, {"name": "androguard", "url": "https://code.google.com/p/androguard/", "description": "Reverse engineering, malware and goodware analysis of Android applications"}, {"name": "antinet", "url": "https://github.com/0xd4d/antinet", "description": ".NET anti-managed debugger and anti-profiler code", "stars": "289"}, {"name": "UPX", "url": "http://upx.sourceforge.net/", "description": "the Ultimate Packer (and unpacker) for eXecutables"}], "notes": []}, {"name": "Hacking \u2014 Execution logging and tracing", "entries": [{"name": "Wireshark", "url": "https://www.wireshark.org/", "description": "A free and open-source packet analyzer"}, {"name": "tcpdump", "url": "http://www.tcpdump.org/", "description": "A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture"}, {"name": "mitmproxy", "url": "https://github.com/mitmproxy/mitmproxy", "description": "An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface", "stars": "33k"}, {"name": "Charles Proxy", "url": "https://charlesproxy.com", "description": "A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic"}, {"name": "usbmon", "url": "https://www.kernel.org/doc/Documentation/usb/usbmon.txt", "description": "USB capture for Linux."}, {"name": "USBPcap", "url": "https://github.com/desowin/usbpcap", "description": "USB capture for Windows.", "stars": "840"}, {"name": "dynStruct", "url": "https://github.com/ampotos/dynStruct", "description": "structures recovery via dynamic instrumentation.", "stars": "309"}, {"name": "drltrace", "url": "https://github.com/mxmssh/drltrace", "description": "shared library calls tracing.", "stars": "365"}], "notes": []}, {"name": "Hacking \u2014 Binary files examination and editing", "entries": [{"name": "HxD", "url": "http://mh-nexus.de/en/hxd/", "description": "A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size"}, {"name": "WinHex", "url": "http://www.winhex.com/winhex/", "description": "A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security"}, {"name": "wxHexEditor", "url": "https://github.com/EUA/wxHexEditor", "description": "", "stars": "515"}, {"name": "Synalize It", "url": "https://www.synalysis.net/", "description": ""}, {"name": "Binwalk", "url": "https://github.com/ReFirmLabs/binwalk", "description": "Detects signatures, unpacks archives, visualizes entropy.", "stars": "9.9k"}, {"name": "Veles", "url": "https://github.com/codilime/veles", "description": "a visualizer for statistical properties of blobs.", "stars": "1k"}, {"name": "Kaitai Struct", "url": "https://github.com/kaitai-io/kaitai_struct", "description": "a DSL for creating parsers in a variety of programming languages. The Web IDE is particularly useful for reverse-engineering.", "stars": "3.7k"}, {"name": "Protobuf inspector", "url": "https://github.com/jmendeth/protobuf-inspector", "description": "", "stars": "862"}, {"name": "DarunGrim", "url": "https://github.com/ohjeongwook/DarunGrim", "description": "executable differ.", "stars": "359"}, {"name": "DBeaver", "url": "https://github.com/dbeaver/dbeaver", "description": "a DB editor.", "stars": "35k"}, {"name": "Dependencies", "url": "https://github.com/lucasg/Dependencies", "description": "a FOSS replacement to Dependency Walker.", "stars": "7.6k"}, {"name": "PEview", "url": "http://wjradburn.com/software/", "description": "A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files"}, {"name": "BinText", "url": "https://web.archive.org/web/http://www.mcafee.com/kr/downloads/free-tools/bintext.aspx", "description": "A small, very fast and powerful text extractor that will be of particular interest to programmers."}, {"name": "Open Malware", "url": "http://www.offensivecomputing.net/", "description": ""}, {"name": "Spyse", "url": "https://spyse.com/", "description": "Data gathering service that collects web info using OSINT. Provided info: IPv4 hosts, domains/whois, ports/banners/protocols, technologies, OS, AS, maintains huge SSL/TLS DB, and more... All the data is stored in its own database allowing get the data without scanning."}, {"name": "sqlmap", "url": "https://github.com/sqlmapproject/sqlmap", "description": "Automatic SQL injection and database takeover tool", "stars": "29k"}, {"name": "NoSQLMap", "url": "https://github.com/codingo/NoSQLMap", "description": "Automated NoSQL database enumeration and web application exploitation tool.", "stars": "2.7k"}, {"name": "tools.web-max.ca", "url": "http://tools.web-max.ca/encode_decode.php", "description": "base64 base85 md4,5 hash, sha1 hash encoding/decoding"}, {"name": "VHostScan", "url": "https://github.com/codingo/VHostScan", "description": "A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.", "stars": "1.1k"}, {"name": "SubFinder", "url": "https://github.com/subfinder/subfinder", "description": "SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.", "stars": "8.7k"}, {"name": "Findsubdomains", "url": "https://findsubdomains.com/", "description": "A subdomains discovery tool that collects all possible subdomains from open source internet and validates them through various tools to provide accurate results."}, {"name": "badtouch", "url": "https://github.com/kpcyrd/badtouch", "description": "Scriptable network authentication cracker", "stars": "371"}, {"name": "PhpSploit", "url": "https://github.com/nil0x42/phpsploit", "description": "Full-featured C2 framework which silently persists on webserver via evil PHP oneliner", "stars": "2.1k"}, {"name": "Git-Scanner", "url": "https://github.com/HightechSec/git-scanner", "description": "A tool for bug hunting or pentesting for targeting websites that have open `.git` repositories available in public", "stars": "320"}, {"name": "CSP Scanner", "url": "https://cspscanner.com/", "description": "Analyze a site's Content-Security-Policy (CSP) to find bypasses and missing directives."}, {"name": "Shodan", "url": "https://www.shodan.io/", "description": "A web-crawling search engine that lets users search for various types of servers connected to the internet."}, {"name": "masscan", "url": "https://github.com/robertdavidgraham/masscan", "description": "Internet scale portscanner.", "stars": "22k"}, {"name": "Keyscope", "url": "https://github.com/SpectralOps/keyscope", "description": "an extensible key and secret validation tool for auditing active secrets against multiple SaaS vendors", "stars": "369"}, {"name": "Decompiler.com", "url": "https://www.decompiler.com/", "description": "Java, Android, Python, C# online decompiler."}, {"name": "Strong node.js", "url": "https://github.com/jesusprubio/strong-node", "description": "An exhaustive checklist to assist in the source code security analysis of a node.js web service.", "stars": "490"}, {"name": "NetworkMiner", "url": "http://www.netresec.com/?page=NetworkMiner", "description": "A Network Forensic Analysis Tool (NFAT)"}, {"name": "Paros", "url": "http://sourceforge.net/projects/paros/", "description": "A Java-based HTTP/HTTPS proxy for assessing web application vulnerability"}, {"name": "pig", "url": "https://github.com/rafael-santiago/pig", "description": "A Linux packet crafting tool", "stars": "452"}, {"name": "findsubdomains", "url": "https://findsubdomains.com", "description": "really fast subdomains scanning service that has much greater opportunities than simple subs finder(works using OSINT)."}, {"name": "cirt-fuzzer", "url": "http://www.cirt.dk/", "description": "A simple TCP/UDP protocol fuzzer."}, {"name": "ASlookup", "url": "https://aslookup.com/", "description": "a useful tool for exploring autonomous systems and all related info (CIDR, ASN, Org...)"}, {"name": "ZAP", "url": "https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project", "description": "The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications"}, {"name": "mitmsocks4j", "url": "https://github.com/Akdeniz/mitmsocks4j", "description": "Man-in-the-middle SOCKS Proxy for Java", "stars": "31"}, {"name": "ssh-mitm", "url": "https://github.com/jtesta/ssh-mitm", "description": "An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.", "stars": "1.6k"}, {"name": "nmap", "url": "https://nmap.org/", "description": "Nmap (Network Mapper) is a security scanner"}, {"name": "Aircrack-ng", "url": "http://www.aircrack-ng.org/", "description": "An 802.11 WEP and WPA-PSK keys cracking program"}, {"name": "Nipe", "url": "https://github.com/GouveaHeitor/nipe", "description": "A script to make Tor Network your default gateway.", "stars": "1.8k"}, {"name": "Habu", "url": "https://github.com/portantier/habu", "description": "Python Network Hacking Toolkit", "stars": "836"}, {"name": "Wifi Jammer", "url": "https://n0where.net/wifijammer/", "description": "Free program to jam all wifi clients in range"}, {"name": "Firesheep", "url": "https://codebutler.github.io/firesheep/", "description": "Free program for HTTP session hijacking attacks."}, {"name": "Scapy", "url": "https://github.com/secdev/awesome-scapy", "description": "A Python tool and library for low level packet creation and manipulation", "stars": "167"}, {"name": "Amass", "url": "https://github.com/OWASP/Amass", "description": "In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping", "stars": "11k"}, {"name": "sniffglue", "url": "https://github.com/kpcyrd/sniffglue", "description": "Secure multithreaded packet sniffer", "stars": "997"}, {"name": "Netz", "url": "https://github.com/spectralops/netz", "description": "Discover internet-wide misconfigurations, using zgrab2 and others.", "stars": "360"}, {"name": "RustScan", "url": "https://github.com/rustscan/rustscan", "description": "Extremely fast port scanner built with Rust, designed to scan all ports in a couple of seconds and utilizes nmap to perform port enumeration in a fraction of the time.", "stars": "11k"}, {"name": "PETEP", "url": "https://github.com/Warxim/petep", "description": "Extensible TCP/UDP proxy with GUI for traffic analysis & modification with SSL/TLS support.", "stars": "97"}, {"name": "Autopsy", "url": "http://www.sleuthkit.org/autopsy/", "description": "A digital forensics platform and graphical interface to [The Sleuth Kit](http://www.sleuthkit.org/sleuthkit/index.php) and other digital forensics tools"}, {"name": "sleuthkit", "url": "https://github.com/sleuthkit/sleuthkit", "description": "A library and collection of command-line digital forensics tools", "stars": "2.4k"}, {"name": "EnCase", "url": "https://www.guidancesoftware.com/products/Pages/encase-forensic/overview.aspx", "description": "The shared technology within a suite of digital investigations products by Guidance Software"}, {"name": "malzilla", "url": "http://malzilla.sourceforge.net/", "description": "Malware hunting tool"}, {"name": "IPED - Indexador e Processador de Evid\u00eancias Digitais", "url": "https://servicos.dpf.gov.br/ferramentas/IPED/", "description": "Brazilian Federal Police Tool for Forensic Investigation"}, {"name": "CyLR", "url": "https://github.com/orlikoski/CyLR", "description": "NTFS forensic image collector", "stars": "579"}, {"name": "CAINE", "url": "https://www.caine-live.net/", "description": "CAINE is a Ubuntu-based app that offers a complete forensic environment that provides a graphical interface. This tool can be integrated into existing software tools as a module. It automatically extracts a timeline from RAM."}], "notes": []}, {"name": "Hacking \u2014 Tools", "entries": [{"name": "xortool", "url": "https://github.com/hellman/xortool", "description": "A tool to analyze multi-byte XOR cipher", "stars": "1.3k"}, {"name": "John the Ripper", "url": "http://www.openwall.com/john/", "description": "A fast password cracker"}, {"name": "Aircrack", "url": "http://www.aircrack-ng.org/", "description": "Aircrack is 802.11 WEP and WPA-PSK keys cracking program."}, {"name": "Ciphey", "url": "https://github.com/ciphey/ciphey", "description": "Automated decryption tool using artificial intelligence & natural language processing.", "stars": "15k"}, {"name": "OverTheWire - Semtex", "url": "http://overthewire.org/wargames/semtex/", "description": ""}, {"name": "OverTheWire - Vortex", "url": "http://overthewire.org/wargames/vortex/", "description": ""}, {"name": "OverTheWire - Drifter", "url": "http://overthewire.org/wargames/drifter/", "description": ""}, {"name": "pwnable.kr", "url": "http://pwnable.kr/", "description": "Provide various pwn challenges regarding system security"}, {"name": "Exploit Exercises - Nebula", "url": "https://exploit-exercises.com/nebula/", "description": ""}, {"name": "SmashTheStack", "url": "http://smashthestack.org/", "description": ""}, {"name": "HackingLab", "url": "https://www.hacking-lab.com/", "description": ""}, {"name": "Reversing.kr", "url": "http://www.reversing.kr/", "description": "This site tests your ability to Cracking & Reverse Code Engineering"}, {"name": "CodeEngn", "url": "http://codeengn.com/challenges/", "description": "(Korean)"}, {"name": "simples.kr", "url": "http://simples.kr/", "description": "(Korean)"}, {"name": "Crackmes.de", "url": "http://crackmes.de/", "description": "The world first and largest community website for crackmes and reversemes."}, {"name": "Hack This Site!", "url": "https://www.hackthissite.org/", "description": "a free, safe and legal training ground for hackers to test and expand their hacking skills"}, {"name": "Hack The Box", "url": "https://www.hackthebox.eu", "description": "a free site to perform pentesting in a variety of different systems."}, {"name": "Webhacking.kr", "url": "http://webhacking.kr/", "description": ""}, {"name": "0xf.at", "url": "https://0xf.at/", "description": "a website without logins or ads where you can solve password-riddles (so called hackits)."}, {"name": "fuzzy.land", "url": "https://fuzzy.land/", "description": "Website by an Austrian group. Lots of challenges taken from CTFs they participated in."}, {"name": "Gruyere", "url": "https://google-gruyere.appspot.com/", "description": ""}, {"name": "Others", "url": "https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project#tab=On-Line_apps", "description": ""}, {"name": "TryHackMe", "url": "https://tryhackme.com/", "description": "Hands-on cyber security training through real-world scenarios."}, {"name": "OverTheWire - Krypton", "url": "http://overthewire.org/wargames/krypton/", "description": ""}, {"name": "Awesome bug bounty resources by EdOverflow", "url": "https://github.com/EdOverflow/bugbounty-cheatsheet", "description": "", "stars": "5.4k"}, {"name": "Bugcrowd", "url": "https://www.bugcrowd.com/", "description": ""}, {"name": "Hackerone", "url": "https://www.hackerone.com/start-hacking", "description": ""}, {"name": "Intigriti", "url": "https://www.intigriti.com/", "description": ""}, {"name": "DEF CON", "url": "https://legitbs.net/", "description": ""}, {"name": "CSAW CTF", "url": "https://ctf.isis.poly.edu/", "description": ""}, {"name": "hack.lu CTF", "url": "http://hack.lu/", "description": ""}, {"name": "Pliad CTF", "url": "http://www.plaidctf.com/", "description": ""}, {"name": "RuCTFe", "url": "http://ructf.org/e/", "description": ""}, {"name": "Ghost in the Shellcode", "url": "http://ghostintheshellcode.com/", "description": ""}, {"name": "PHD CTF", "url": "http://www.phdays.com/", "description": ""}, {"name": "SECUINSIDE CTF", "url": "http://secuinside.com/", "description": ""}, {"name": "Codegate CTF", "url": "http://ctf.codegate.org/html/Main.html?lang=eng", "description": ""}, {"name": "Boston Key Party CTF", "url": "http://bostonkeyparty.net/", "description": ""}, {"name": "ZeroDays CTF", "url": "https://zerodays.ie/", "description": ""}, {"name": "Insomni\u2019hack", "url": "https://insomnihack.ch/", "description": ""}, {"name": "Pico CTF", "url": "https://picoctf.com/", "description": ""}, {"name": "prompt(1) to win", "url": "http://prompt.ml/", "description": "XSS Challenges"}, {"name": "HackTheBox", "url": "https://www.hackthebox.eu/", "description": ""}, {"name": "Hack+", "url": "http://hack.plus", "description": "An Intelligent network of bots that fetch the latest InfoSec content."}, {"name": "CTFtime.org", "url": "https://ctftime.org/", "description": "All about CTF (Capture The Flag)"}, {"name": "WeChall", "url": "http://www.wechall.net/", "description": ""}, {"name": "CTF archives (shell-storm)", "url": "http://shell-storm.org/repo/CTF/", "description": ""}, {"name": "Rookit Arsenal", "url": "https://amzn.com/144962636X", "description": "OS RE and rootkit development"}, {"name": "Pentest Cheat Sheets", "url": "https://github.com/coreb1t/awesome-pentest-cheat-sheets", "description": "Collection of cheat sheets useful for pentesting", "stars": "3.6k"}, {"name": "Movies For Hackers", "url": "https://github.com/k4m4/movies-for-hackers", "description": "A curated list of movies every hacker & cyberpunk must watch.", "stars": "10k"}, {"name": "Roppers CTF Fundamentals Course", "url": "https://www.roppers.org/courses/ctf", "description": "Free course designed to get a student crushing CTFs as quickly as possible. Teaches the mentality and skills required for crypto, forensics, and more. Full text available as a [gitbook](https://www.hoppersroppers.org/ctf/)."}, {"name": "Security related Operating Systems @ Rawsec", "url": "https://inventory.raw.pm/operating_systems.html", "description": "Complete list of security related operating systems"}, {"name": "Best Linux Penetration Testing Distributions @ CyberPunk", "url": "https://n0where.net/best-linux-penetration-testing-distributions/", "description": "Description of main penetration testing distributions"}, {"name": "Security @ Distrowatch", "url": "http://distrowatch.com/search.php?category=Security", "description": "Website dedicated to talking about, reviewing and keeping up to date with open source operating systems"}, {"name": "empire", "url": "https://github.com/EmpireProject/Empire", "description": "A post exploitation framework for powershell and python.", "stars": "7.2k"}, {"name": "silenttrinity", "url": "https://github.com/byt3bl33d3r/SILENTTRINITY", "description": "A post exploitation tool that uses iron python to get past powershell restrictions.", "stars": "2.1k"}, {"name": "PowerSploit", "url": "https://github.com/PowerShellMafia/PowerSploit", "description": "A PowerShell post exploitation framework", "stars": "11k"}, {"name": "ebowla", "url": "https://github.com/Genetic-Malware/Ebowla", "description": "Framework for Making Environmental Keyed Payloads", "stars": "717"}, {"name": "SecTools", "url": "http://sectools.org/", "description": "Top 125 Network Security Tools"}, {"name": "Roppers Security Fundamentals", "url": "https://www.roppers.org/courses/security", "description": "Free course that teaches a beginner how security works in the real world. Learn security theory and execute defensive measures so that you are better prepared against threats online and in the physical world. Full text available as a [gitbook](https://www.hoppersroppers.org/security/)."}, {"name": "Roppers Practical Networking", "url": "https://www.roppers.org/courses/networking", "description": "A hands-on, wildly practical introduction to networking and making packets dance. No wasted time, no memorizing, just learning the fundamentals."}, {"name": "Rawsec's CyberSecurity Inventory", "url": "https://inventory.raw.pm/", "description": "An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. ([Source](https://gitlab.com/rawsec/rawsec-cybersecurity-list))"}, {"name": "The Cyberclopaedia", "url": "https://cr0mll.github.io/cyberclopaedia/", "description": "The open-source encyclopedia of cybersecurity. [GitHub Repository (\u2b50150)](https://github.com/cr0mll/cyberclopaedia)"}], "notes": []}], "total_entries": 175}, {"name": "Devsecops", "subcategories": [{"name": "Devsecops", "entries": [{"name": "Resources", "url": "#resources", "description": ""}, {"name": "Tools", "url": "#tools", "description": ""}, {"name": "Related Lists", "url": "#related-lists", "description": ""}], "notes": []}, {"name": "Devsecops \u2014 Articles", "entries": [{"name": "Our Approach to Employee Security Training", "url": "https://www.pagerduty.com/blog/security-training-at-pagerduty/", "description": "*Pager Duty* - Guidelines to running security training within an organisation."}, {"name": "DevSecOps: Making Security Central To Your DevOps Pipeline", "url": "https://spacelift.io/blog/what-is-devsecops", "description": "*Spacelift* - An article explains what DevSecOps aims to achieve, why it\u2019s advantageous, and how the DevSecOps lifecycle looks."}], "notes": []}, {"name": "Devsecops \u2014 Books", "entries": [{"name": "Alice and Bob Learn Application Security", "url": "https://www.wiley.com/en-gb/Alice+and+Bob+Learn+Application+Security-p-9781119687405", "description": "*Tanya Janca* - An accessible and thorough resource for anyone seeking to incorporate, from the beginning of the System Development Life Cycle, best security practices in software development."}], "notes": []}, {"name": "Devsecops \u2014 Communities", "entries": [{"name": "DevSecCon", "url": "https://www.devseccon.com/", "description": "*Snyk* - A community that runs conferences, a blog, a podcast and a Discord dedicated to DevSecOps."}, {"name": "TAG Security", "url": "https://tag-security.cncf.io/", "description": "*Cloud Native Computing Foundation* - TAG Security facilitates collaboration to discover and produce resources that enable secure access, policy control, and safety for operators, administrators, developers, and end-users across the cloud native ecosystem."}], "notes": []}, {"name": "Devsecops \u2014 Conferences", "entries": [{"name": "AppSec Day", "url": "https://appsecday.io/", "description": "*OWASP* - An Australian application security conference run by OWASP."}, {"name": "DevSecCon", "url": "https://www.devseccon.com/", "description": "*Snyk* - A network of DevSecOps conferences run by Snyk."}], "notes": []}, {"name": "Devsecops \u2014 Newsletters", "entries": [{"name": "Shift Security Left", "url": "https://shift-security-left.curated.co/", "description": "*Cossack Labs* - A free biweekly newsletter for security-aware developers covering application security, secure architecture, DevSecOps, cryptography, incidents, etc. that can be useful for builders and (to a lesser extent) for breakers."}], "notes": []}, {"name": "Devsecops \u2014 Podcasts", "entries": [{"name": "Absolute AppSec", "url": "https://absoluteappsec.com/", "description": "*Seth Law & Ken Johnson* - Discussions about current events and specific topics related to application security."}, {"name": "Application Security Podcast", "url": "https://podcast.securityjourney.com/", "description": "*Security Journey* - Interviews with industry experts about specific application security concepts."}, {"name": "BeerSecOps", "url": "https://blog.aquasec.com/devsecops-podcasts", "description": "*Aqua Security* - Breaking down the silos of Dev, Sec and Ops, discussing topics that span these subject areas."}, {"name": "DevSecOps Podcast Series", "url": "https://soundcloud.com/owasp-podcast", "description": "*OWASP* - Discussions with thought leaders and practitioners to integrate security into the development lifecycle."}, {"name": "The Secure Developer", "url": "https://www.mydevsecops.io/the-secure-developer-podcast", "description": "*Snyk* - Discussion about security tools and best practices for software developers."}], "notes": []}, {"name": "Devsecops \u2014 Secure Development Guidelines", "entries": [{"name": "Application Security Verification Standard", "url": "https://owasp.org/www-project-application-security-verification-standard/", "description": "*OWASP* - A framework of security requirements and controls to help developers design and develop secure web applications."}, {"name": "Coding Standards", "url": "https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards", "description": "*CERT* - A collection of secure development standards for C, C++, Java and Android development."}, {"name": "Fundamental Practices for Secure Software Development", "url": "https://safecode.org/wp-content/uploads/2018/03/SAFECode_Fundamental_Practices_for_Secure_Software_Development_March_2018.pdf", "description": "*SAFECode* - Guidelines for implementing key secure development practices throughout the SDLC."}, {"name": "Proactive Controls", "url": "https://owasp.org/www-project-proactive-controls/", "description": "*OWASP* - OWASP's list of top ten controls that should be implemented in every software development project."}, {"name": "Secure Coding Guidelines", "url": "https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines", "description": "*Mozilla* - A guideline containing specific secure development standards for secure web application development."}, {"name": "Secure Coding Practices Quick Reference Guide", "url": "https://owasp.org/www-pdf-archive/OWASP_SCP_Quick_Reference_Guide_v2.pdf", "description": "*OWASP* - A checklist to verify that secure development standards have been followed."}], "notes": []}, {"name": "Devsecops \u2014 Secure Development Lifecycle Framework", "entries": [{"name": "Building Security In Maturity Model (BSIMM)", "url": "https://www.bsimm.com/framework.html", "description": "*Synopsys* - A framework for software security created by observing and analysing data from leading software security initiatives."}, {"name": "Secure Development Lifecycle", "url": "https://www.microsoft.com/en-us/securityengineering/sdl/practices", "description": "*Microsoft* - A collection of tools and practices that serve as a framework for the secure development lifecycle."}, {"name": "Secure Software Development Framework", "url": "https://csrc.nist.gov/CSRC/media/Publications/white-paper/2019/06/07/mitigating-risk-of-software-vulnerabilities-with-ssdf/draft/documents/ssdf-for-mitigating-risk-of-software-vulns-draft.pdf", "description": "*NIST* - A framework consisting of practices, tasks and implementation examples for a secure development lifecycle."}, {"name": "Software Assurance Maturity Model", "url": "https://github.com/OWASP/samm", "description": "*OWASP* - A framework to measure and improve the maturity of the secure development lifecycle.", "stars": "396"}], "notes": []}, {"name": "Devsecops \u2014 Toolchains", "entries": [{"name": "Cloud Security and DevSecOps Best Practices *and* Securing Web Application Technologies (SWAT) Checklist", "url": "https://www.sans.org/posters/cloud-security-devsecops-best-practices/", "description": "*SANS* - A poster containing the Securing Web Application Technologies (SWAT) Checklist, SANS Cloud Security Curriculum, Cloud Security Top 10, Top 12 Kubernetes Threats, and Secure DevOps Toolchain."}, {"name": "Periodic Table of DevOps Tools", "url": "https://xebialabs.com/periodic-table-of-devops-tools/", "description": "*XebiaLabs* - A collection of DevSecOps tooling categorised by tool functionality."}], "notes": []}, {"name": "Devsecops \u2014 Training", "entries": [{"name": "Application Security Education", "url": "https://github.com/duo-labs/appsec-education", "description": "*Duo Security* - Training materials created by the Duo application security team, including introductory and advanced training presentations and hands-on labs.", "stars": "68"}, {"name": "Cybrary", "url": "https://www.cybrary.it/", "description": "*Cybrary* - Subscription based online courses with dedicated categories for cybersecurity and DevSecOps."}, {"name": "PentesterLab", "url": "https://pentesterlab.com/", "description": "*PentesterLab* - Hands on labs to understand and exploit simple and advanced web vulnerabilities."}, {"name": "Practical DevSecOps", "url": "https://www.practical-devsecops.com", "description": "*Practical DevSecOps* - Learn DevSecOps concepts, tools, and techniques from industry experts with practical DevSecOps using state of the art browser-based labs."}, {"name": "SafeStack", "url": "https://academy.safestack.io/", "description": "*SafeStack* - Security training for software development teams, designed to be accessible to individuals and small teams as well as larger organisations."}, {"name": "Secure Code Warrior", "url": "https://www.securecodewarrior.com/", "description": "*Secure Code Warrior* - Gamified and hands-on secure development training with support for courses, assessments and tournaments."}, {"name": "SecureFlag", "url": "https://www.secureflag.com/platform.html", "description": "*OWASP* - Hands-on secure coding training for Developers and Build/Release Engineers."}, {"name": "Security Training for Engineers", "url": "https://sudo.pagerduty.com/for_engineers/", "description": "*Pager Duty* - A presentation created and open-sourced by PagerDuty to provide security training to software engineers."}, {"name": "Security Training for Everyone", "url": "https://sudo.pagerduty.com/for_everyone/", "description": "*Pager Duty* - A presentation created and open-sourced by PagerDuty to provide security training employees."}, {"name": "Semgrep Academy", "url": "https://academy.semgrep.dev/", "description": "*Semgrep* - Free, on-demand courses covering topics including API security, secure coding and application security."}, {"name": "Web Security Academy", "url": "https://portswigger.net/web-security", "description": "*PortSwigger* - A set of materials and labs to learn and exploit common web vulnerabilities."}, {"name": "WeHackPuple", "url": "https://wehackpurple.com/", "description": "*WeHackPurple* - Online courses that teach application security theory and hands-on technical lessons."}], "notes": []}, {"name": "Devsecops \u2014 Wikis", "entries": [{"name": "DevSecOps Hub", "url": "https://snyk.io/devsecops/", "description": "*Snyk* - Introduction to key DevSecOps concepts, processes and technologies."}, {"name": "SecureFlag Knowledge Base", "url": "https://knowledge-base.secureflag.com/", "description": "*OWASP* - A repository of information about software vulnerabilities and how to prevent them."}], "notes": []}, {"name": "Devsecops \u2014 Dependency Management", "entries": [{"name": "Deepfence ThreatMapper", "url": "https://github.com/deepfence/ThreatMapper", "description": "Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.", "stars": "4.7k"}, {"name": "Dependabot", "url": "https://dependabot.com/", "description": "*GitHub* - Automatically scan GitHub repositories for vulnerabilities and create pull requests to merge in patched dependencies."}, {"name": "Dependency-Check", "url": "https://owasp.org/www-project-dependency-check/", "description": "*OWASP* - Scans dependencies for publicly disclosed vulnerabilities using CLI or build server plugins."}, {"name": "Dependency-Track", "url": "https://dependencytrack.org/", "description": "*OWASP* - Monitor the volume and severity of vulnerable dependencies across multiple projects over time."}, {"name": "JFrog XRay", "url": "https://jfrog.com/xray/", "description": "*JFrog* - Security and compliance analysis for artifacts stored in JFrog Artifactory."}, {"name": "NPM Audit", "url": "https://docs.npmjs.com/cli/audit", "description": "*NPM* - Vulnerable package auditing for node packages built into the npm CLI."}, {"name": "Renovate", "url": "https://renovate.whitesourcesoftware.com/", "description": "*WhiteSource* - Automatically monitor and update software dependencies for multiple frameworks and languages using a CLI or git repository apps."}, {"name": "Requires.io", "url": "https://requires.io/", "description": "*Olivier Mansion & Alexis Tabary* - Automated vulnerable dependency monitoring and upgrades for Python projects."}, {"name": "Snyk Open Source", "url": "https://snyk.io/product/open-source-security-management/", "description": "*Snyk* - Automated vulnerable dependency monitoring and upgrades using Snyk's dedicated vulnerability database."}], "notes": []}, {"name": "Devsecops \u2014 Dynamic Analysis", "entries": [{"name": "Automatic API Attack Tool", "url": "https://github.com/imperva/automatic-api-attack-tool", "description": "*Imperva* - Perform automated security scanning against an API based on an API specification.", "stars": "443"}, {"name": "BurpSuite Enterprise Edition", "url": "https://portswigger.net/burp/enterprise", "description": "*PortSwigger* - BurpSuite's web application vulnerability scanner used widely by penetration testers, modified with CI/CD integration and continuous monitoring over multiple web applications."}, {"name": "Gauntlt", "url": "https://github.com/gauntlt/gauntlt", "description": "*Gauntlt* - A Behaviour Driven Development framework to run security scans using common security tools and test output, defined using Gherkin syntax.", "stars": "977"}, {"name": "Netz", "url": "https://github.com/spectralops/netz", "description": "*Spectral* - Discover internet-wide misconfigurations, using zgrab2 and others.", "stars": "380"}, {"name": "RESTler", "url": "https://github.com/microsoft/restler-fuzzer", "description": "*Microsoft* - A stateful RESTful API scanner based on peer-reviewed research papers.", "stars": "2.5k"}, {"name": "SSL Labs Scan", "url": "https://github.com/ssllabs/ssllabs-scan", "description": "*SSL Labs* - Automated scanning for SSL / TLS configuration issues.", "stars": "1.7k"}, {"name": "Zed Attack Proxy (ZAP)", "url": "https://github.com/zaproxy/zaproxy", "description": "*OWASP* - An open-source web application vulnerability scanner, including an API for CI/CD integration.", "stars": "12k"}], "notes": []}, {"name": "Devsecops \u2014 Infrastructure as Code Analysis", "entries": [{"name": "Checkov", "url": "https://github.com/bridgecrewio/checkov", "description": "*Bridgecrew* - Scan Terraform, AWS CloudFormation and Kubernetes templates for insecure configuration.", "stars": "6.7k"}, {"name": "KICS", "url": "https://github.com/Checkmarx/kics", "description": "*Checkmarx* - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle.", "stars": "2k"}, {"name": "Spectral DeepConfig", "url": "https://spectralops.io/blog/spectral-launches-deepconfig-to-ensure-no-misconfiguration-at-all-layers-of-software/", "description": "*Spectral* - Find misconfiguration both in infrastructure as well as apps as early as commit time."}, {"name": "Terrascan", "url": "https://github.com/accurics/terrascan", "description": "*Accurics* - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.", "stars": "4.6k"}, {"name": "Cfn Nag", "url": "https://github.com/stelligent/cfn_nag", "description": "*Stelligent* - Scan AWS CloudFormation templates for insecure configuration.", "stars": "1.2k"}, {"name": "Clair", "url": "https://github.com/quay/clair", "description": "*Red Hat* - Scan App Container and Docker containers for publicly disclosed vulnerabilities.", "stars": "10k"}, {"name": "Dagda", "url": "https://github.com/eliasgranderubio/dagda/", "description": "*El\u00edas Grande* - Compares OS and software dependency versions installed in Docker containers with public vulnerability databases, and also performs virus scanning.", "stars": "1.1k"}, {"name": "Docker-Bench-Security", "url": "https://github.com/docker/docker-bench-security", "description": "*Docker* - The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.", "stars": "9k"}, {"name": "Grype", "url": "https://github.com/anchore/grype/", "description": "*Anchore* - An easy-to-integrate open source vulnerability scanning tool for container images and filesystems.", "stars": "8.2k"}, {"name": "Hadolint", "url": "https://github.com/hadolint/hadolint", "description": "*Hadolint* - Checks a Dockerfile against known rules and validates inline bash code in RUN statements.", "stars": "10k"}, {"name": "Snyk Container", "url": "https://snyk.io/product/container-vulnerability-management/", "description": "*Snyk* - Scan Docker and Kubernetes applications for security vulnerabilities during CI/CD or via continuous monitoring."}, {"name": "Trivy", "url": "https://github.com/aquasecurity/trivy", "description": "*Aqua Security* - Simple and comprehensive vulnerability scanner for containers.", "stars": "22k"}, {"name": "Regula", "url": "https://github.com/fugue/regula", "description": "*Fugue* - Evaluate Terraform infrastructure-as-code for potential security misconfigurations and compliance violations prior to deployment.", "stars": "942"}, {"name": "Terraform Compliance", "url": "https://terraform-compliance.com/", "description": "*terraform-compliance* - A lightweight, security and compliance focused test framework against terraform to enable negative testing capability for your infrastructure-as-code."}, {"name": "Tfsec", "url": "https://github.com/liamg/tfsec", "description": "*Liam Galvin* - Scan Terraform templates for security misconfiguration and noncompliance with AWS, Azure and GCP security best practice.", "stars": "6.6k"}, {"name": "Kubescape", "url": "https://kubescape.io/", "description": "*Cloud Native Computing Foundation* - An open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters."}, {"name": "Kube-Score", "url": "https://github.com/zegl/kube-score", "description": "*Gustav Westling* - Scan Kubernetes object definitions for security and performance misconfiguration.", "stars": "2.7k"}, {"name": "Kubectrl Kubesec", "url": "https://github.com/controlplaneio/kubectl-kubesec", "description": "*ControlPlane* - Plugin for kubesec.io to perform security risk analysis for Kubernetes resources.", "stars": "505"}, {"name": "Ansible-Lint", "url": "https://github.com/ansible-community/ansible-lint", "description": "*Ansible Community* - Checks playbooks for practices and behaviour that could potentially be improved. As a community backed project ansible-lint supports only the last two major versions of Ansible.", "stars": "3.4k"}], "notes": []}, {"name": "Devsecops \u2014 Intentionally Vulnerable Applications", "entries": [{"name": "Bad SSL", "url": "https://github.com/chromium/badssl.com", "description": "*The Chromium Project* - A container running a number of webservers with poor SSL / TLS configuration. Useful for testing tooling.", "stars": "2.8k"}, {"name": "Cfngoat", "url": "https://github.com/bridgecrewio/cfngoat", "description": "*Bridgecrew* - Cloud Formation templates for creating stacks of intentionally insecure services in AWS. Ideal for testing the Cloud Formation Infrastructure as Code Analysis tools above.", "stars": "92"}, {"name": "CI/CD Goat", "url": "https://github.com/cider-security-research/cicd-goat", "description": "*Cider Security* - A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.", "stars": "1.9k"}, {"name": "Damn Vulnerable Web App", "url": "http://www.dvwa.co.uk/", "description": "*Ryan Dewhurst* - A web application that provides a safe environment to understand and exploit common web vulnerabilities."}, {"name": "Juice Shop", "url": "https://github.com/bkimminich/juice-shop", "description": "*OWASP* - A web application containing the OWASP Top 10 security vulnerabilities and more.", "stars": "9.8k"}, {"name": "Kubernetes Goat", "url": "https://github.com/madhuakula/kubernetes-goat", "description": "*Madhu Akula* - Intentionally vulnerable cluster environment to learn and practice Kubernetes security.", "stars": "4.1k"}, {"name": "NodeGoat", "url": "https://github.com/OWASP/NodeGoat", "description": "*OWASP* - A Node.js web application that demonstrates and provides ways to address common security vulnerabilities.", "stars": "1.8k"}, {"name": "Pentest-Ground", "url": "https://pentest-ground.com/", "description": "*Pentest-Tools.com* - Pentest-Ground is a free playground with deliberately vulnerable web applications and network services."}, {"name": "Terragoat", "url": "https://github.com/bridgecrewio/terragoat", "description": "*Bridgecrew* - Terraform templates for creating stacks of intentionally insecure services in AWS, Azure and GCP. Ideal for testing the Terraform Infrastructure as Code Analysis tools above.", "stars": "1.1k"}, {"name": "Vulnerable Web Apps Directory", "url": "https://owasp.org/www-project-vulnerable-web-applications-directory", "description": "*OWASP* - A collection of vulnerable web applications for learning purposes."}, {"name": "WrongSecrets", "url": "https://github.com/OWASP/wrongsecrets", "description": "*OWASP* - Vulnerable app with examples showing how to not use secrets", "stars": "1.2k"}], "notes": []}, {"name": "Devsecops \u2014 Monitoring", "entries": [{"name": "Csper", "url": "https://csper.io/report-uri", "description": "*Csper* - A set of Content Security Policy tools that can test policies, monitor CSP reports and provide metrics and alerts."}, {"name": "Streamdal", "url": "https://streamdal.com", "description": "*Streamdal* - Embed privacy controls in your application code to detect and monitor PII as it enters and leaves your systems, preventing it from reaching unintended databases, data streams, or pipelines."}], "notes": []}, {"name": "Devsecops \u2014 Secrets Management", "entries": [{"name": "Ansible Vault", "url": "https://docs.ansible.com/ansible/latest/user_guide/vault.html", "description": "*Ansible* - Securely store secrets within Ansible pipelines."}, {"name": "AWS Key Management Service (KMS)", "url": "https://aws.amazon.com/kms/", "description": "*Amazon AWS* - Create and manage cryptographic keys in AWS."}, {"name": "AWS Secrets Manager", "url": "https://aws.amazon.com/secrets-manager/", "description": "*Amazon AWS* - Securely store retrievable application secrets in AWS."}, {"name": "Azure Key Vault", "url": "https://azure.microsoft.com/en-au/services/key-vault/", "description": "*Microsoft Azure* - Securely store secrets within Azure."}, {"name": "BlackBox", "url": "https://github.com/StackExchange/blackbox", "description": "*StackExchange* - Encrypt credentials within your code repository.", "stars": "6.6k"}, {"name": "Chef Vault", "url": "https://github.com/chef/chef-vault", "description": "*Chef* - Securely store secrets within Chef.", "stars": "407"}, {"name": "CredStash", "url": "https://github.com/fugue/credstash", "description": "*Fugue* - Securely store secrets within AWS using KMS and DynamoDB.", "stars": "2.1k"}, {"name": "CyberArk Application Access Manager", "url": "https://www.cyberark.com/products/privileged-account-security-solution/application-access-manager/", "description": "*CyberArk* - Secrets management for applications including secret rotation and auditing."}, {"name": "Docker Secrets", "url": "https://docs.docker.com/engine/swarm/secrets/", "description": "*Docker* - Store and manage access to secrets within a Docker swarm."}, {"name": "Git Secrets", "url": "https://github.com/awslabs/git-secrets", "description": "*Amazon AWS* - Scan git repositories for secrets committed within code or commit messages.", "stars": "12k"}, {"name": "Gopass", "url": "https://github.com/gopasspw/gopass", "description": "*Gopass* - Password manager for teams relying on Git and gpg. Manages secrets in encrypted files and repositories.", "stars": "5.7k"}, {"name": "Google Cloud Key Management Service (KMS)", "url": "https://cloud.google.com/kms", "description": "*Google Cloud Platform* - Securely store secrets within GCP."}, {"name": "HashiCorp Vault", "url": "https://www.vaultproject.io/", "description": "*HashiCorp* - Securely store secrets via UI, CLI or HTTP API."}, {"name": "Keyscope", "url": "https://github.com/SpectralOps/keyscope", "description": "*Spectral* - Keyscope is an open source key and secret workflow tool (validation, invalidation, etc.) built in Rust.", "stars": "381"}, {"name": "Pinterest Knox", "url": "https://github.com/pinterest/knox", "description": "*Pinterest* - Securely store, rotate and audit secrets.", "stars": "1.2k"}, {"name": "Secrets Operations (SOPS)", "url": "https://github.com/mozilla/sops", "description": "*Mozilla* - Encrypt keys stored within YAML, JSON, ENV, INI and BINARY files.", "stars": "16k"}, {"name": "Teller", "url": "https://github.com/spectralops/teller", "description": "*Spectral* - A secrets management tool for developers - never leave your command line for secrets.", "stars": "2.6k"}], "notes": []}, {"name": "Devsecops \u2014 Secrets Scanning", "entries": [{"name": "CredScan", "url": "https://secdevtools.azurewebsites.net/helpcredscan.html", "description": "*Microsoft* - A credential scanning tool that can be run as a task in Azure DevOps pipelines."}, {"name": "Detect Secrets", "url": "https://github.com/Yelp/detect-secrets", "description": "*Yelp* - An aptly named module for (surprise, surprise) detecting secrets within a code base.", "stars": "3.6k"}, {"name": "GitGuardian", "url": "https://www.gitguardian.com/", "description": "*GitGuardian* - A web-based solution that scans and monitors public and private git repositories for secrets."}, {"name": "Gitleaks", "url": "https://github.com/zricethezav/gitleaks", "description": "*Zachary Rice* - Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repositories.", "stars": "17k"}, {"name": "git-secrets", "url": "https://github.com/awslabs/git-secrets", "description": "*AWS Labs* - Scans commits, commit messages and merges for secrets. Native support for AWS secret patterns, but can be configured to support other patterns.", "stars": "12k"}, {"name": "Nightfall", "url": "https://nightfall.ai/solutions/product/github", "description": "*Nightfall* - A web-based platform that monitors for sensitive data disclosure across several SDLC tools, including GitHub repositories."}, {"name": "Repo-supervisor", "url": "https://github.com/auth0/repo-supervisor", "description": "*Auth0* - Secrets scanning tool that can run as a CLI, as a Docker container or in AWS Lambda.", "stars": "632"}, {"name": "SpectralOps", "url": "https://spectralops.io", "description": "*Spectral* - Automated code security, secrets, tokens and sensitive data scanning."}, {"name": "truffleHog", "url": "https://github.com/trufflesecurity/truffleHog", "description": "*Truffle Security* - Searches through git repositories for secrets, digging deep into commit history and branches.", "stars": "14k"}], "notes": []}, {"name": "Devsecops \u2014 Static Analysis", "entries": [{"name": "DevSkim", "url": "https://github.com/microsoft/DevSkim", "description": "*Microsoft* - A set of IDE plugins, CLIs and other tools that provide security analysis for a number of programming languages.", "stars": "893"}, {"name": "Graudit", "url": "https://github.com/wireghoul/graudit/", "description": "*Eldar Marcussen* - Grep source code for potential security flaws with custom or pre-configured regex signatures.", "stars": "1.4k"}, {"name": "Hawkeye", "url": "https://github.com/hawkeyesec/scanner-cli", "description": "*Hawkeyesec* - Modularised CLI tool for project security, vulnerability and general risk highlighting.", "stars": "358"}, {"name": "LGTM", "url": "https://lgtm.com/", "description": "*Semmle* - Scan and monitor code for security vulnerabilities using custom or built-in CodeQL queries."}, {"name": "RIPS", "url": "https://www.ripstech.com/", "description": "*RIPS Technologies* - Automated static analysis for PHP, Java and Node.js projects."}, {"name": "SemGrep", "url": "https://semgrep.dev/", "description": "*r2c* - Semgrep is a fast, open-source, static analysis tool that finds bugs and enforces code standards at editor, commit, and CI time."}, {"name": "SonarLint", "url": "https://www.sonarlint.org/", "description": "*SonarSource* - An IDE plugin that highlights potential security security issues, code quality issues and bugs."}, {"name": "SonarQube", "url": "https://www.sonarqube.org/", "description": "*SonarSource* - Scan code for security and quality issues with support for a wide variety of languages."}, {"name": "FlawFinder", "url": "https://github.com/david-a-wheeler/flawfinder", "description": "*David Wheeler* - Scan C / C++ code for potential security weaknesses.", "stars": "463"}, {"name": "Puma Scan", "url": "https://github.com/pumasecurity/puma-scan", "description": "*Puma Security* - A Visual Studio plugin to scan .NET projects for potential security flaws.", "stars": "443"}, {"name": "Conftest", "url": "https://github.com/instrumenta/conftest", "description": "*Instrumenta* - Create custom tests to scan any configuration file for security flaws.", "stars": "2.8k"}, {"name": "Selefra", "url": "https://github.com/selefra/selefra", "description": "*Selefra* - An open-source policy-as-code software that provides analytics for multi-cloud and SaaS.", "stars": "513"}, {"name": "Deep Dive", "url": "https://discotek.ca/deepdive.xhtml", "description": "*Discotek.ca* - Static analysis for JVM deployment units including Ear, War, Jar and APK."}, {"name": "Find Security Bugs", "url": "https://github.com/find-sec-bugs/find-sec-bugs/", "description": "*OWASP* - SpotBugs plugin for security audits of Java web applications. Supports Eclipse, IntelliJ, Android Studio and SonarQube.", "stars": "2.2k"}, {"name": "SpotBugs", "url": "https://github.com/spotbugs/spotbugs", "description": "*SpotBugs* - Static code analysis for Java applications.", "stars": "3.4k"}, {"name": "ESLint", "url": "https://eslint.org/", "description": "*JS Foundation* - Linting tool for JavaScript with multiple security linting rules available."}, {"name": "Golang Security Checker", "url": "https://github.com/securego/gosec", "description": "*securego* - CLI tool to scan Go code for potential security flaws.", "stars": "7.6k"}, {"name": "Security Code Scan", "url": "https://github.com/security-code-scan/security-code-scan", "description": "*Security Code Scan* - Static code analysis for C# and VB.NET applications.", "stars": "929"}, {"name": "Phan", "url": "https://github.com/phan/phan", "description": "*Phan* - Broad static analysis for PHP applications with some support for security scanning features.", "stars": "5.5k"}, {"name": "PHPCS Security Audit", "url": "https://github.com/FloeDesignTechnologies/phpcs-security-audit", "description": "*Floe* - PHP static analysis with rules for PHP, Drupal 7 and PHP related CVEs.", "stars": "703"}, {"name": "Progpilot", "url": "https://github.com/designsecurity/progpilot", "description": "*Design Security* - Static analysis for PHP source code.", "stars": "319"}, {"name": "Bandit", "url": "https://github.com/PyCQA/bandit", "description": "*Python Code Quality Authority* - Find common security vulnerabilities in Python code.", "stars": "6.1k"}, {"name": "Brakeman", "url": "https://github.com/presidentbeef/brakeman", "description": "*Justin Collins* - Static analysis tool which checks Ruby on Rails applications for security vulnerabilities.", "stars": "6.9k"}, {"name": "DawnScanner", "url": "https://github.com/thesp0nge/dawnscanner", "description": "*Paolo Perego* - Security scanning for Ruby scripts and web application. Supports Ruby on Rails, Sinatra and Padrino frameworks.", "stars": "733"}], "notes": []}, {"name": "Devsecops \u2014 Supply Chain Security", "entries": [{"name": "Harden Runner GitHub Action", "url": "https://github.com/step-security/harden-runner", "description": "*StepSecurity* - installs a security agent on the GitHub-hosted runner (Ubuntu VM) to prevent exfiltration of credentials, detect compromised dependencies and build tools, and detect tampering of source code during the build.", "stars": "550"}, {"name": "Overlay", "url": "https://github.com/os-scar/overlay", "description": "*SCAR* - a browser extension helping developers evaluate open source packages before picking them.", "stars": "213"}, {"name": "Preflight", "url": "https://github.com/spectralops/preflight", "description": "*Spectral* - helps you verify scripts and executables to mitigate supply chain attacks in your CI and other systems, such as in the recent [Codecov hack](https://spectralops.io/blog/credentials-risk-supply-chain-lessons-from-the-codecov-breach/).", "stars": "152"}, {"name": "Sigstore", "url": "https://www.sigstore.dev/", "description": "sigstore is a set of free to use and open source tools, including [fulcio (\u2b50622)](https://github.com/sigstore/fulcio), [cosign (\u2b504.2k)](https://github.com/sigstore/cosign) and [rekor (\u2b50853)](https://github.com/sigstore/rekor), handling digital signing, verification and checks for provenance needed to make it safer to distribute and use open source software."}, {"name": "Syft", "url": "https://github.com/anchore/syft/", "description": "*Anchore* - A CLI tool for generating a Software Bill of Materials (SBOM) from container images and filesystems.", "stars": "5.8k"}], "notes": []}, {"name": "Devsecops \u2014 Threat Modelling", "entries": [{"name": "Awesome Threat Modelling", "url": "https://github.com/hysnsec/awesome-threat-modelling", "description": "*Practical DevSecOps* - A curated list of threat modelling resources.", "stars": "1.3k"}, {"name": "SecuriCAD", "url": "https://www.foreseeti.com/", "description": "*Forseeti* - Treat modelling and attack simulations for IT infrastructure."}, {"name": "IriusRisk", "url": "https://iriusrisk.com/", "description": "*IriusRisk* - Draw threat models and capture threats and countermeasures and manage risk."}, {"name": "Raindance Project", "url": "https://github.com/devsecops/raindance", "description": "*DevSecOps* - Use attack maps to identify attack surface and adversary strategies that may lead to compromise.", "stars": "44"}, {"name": "SD Elements", "url": "https://www.securitycompass.com/sdelements/threat-modeling/", "description": "*Security Compass* - Identify and rank threats, generate actionable tasks and track related tickets."}, {"name": "Threat Dragon", "url": "https://owasp.org/www-project-threat-dragon/", "description": "*OWASP* - Threat model diagramming tool."}, {"name": "Threat Modelling Tool", "url": "https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling", "description": "*Microsoft* - Threat model diagramming tool."}, {"name": "Threatspec", "url": "https://threatspec.org/", "description": "*Threatspec* - Define threat modelling as code."}, {"name": "Awesome Dynamic Analysis", "url": "https://github.com/analysis-tools-dev/dynamic-analysis/", "description": "*Matthias Endler* - A collection of dynamic analysis tools and code quality checkers.", "stars": "899"}, {"name": "Awesome Platform Engineering", "url": "https://github.com/shospodarets/awesome-platform-engineering/", "description": "A curated list of solutions, tools and resources for *Platform Engineering*", "stars": "305"}, {"name": "Awesome Static Analysis", "url": "https://github.com/analysis-tools-dev/static-analysis/", "description": "*Matthias Endler* - A collection of static analysis tools and code quality checkers.", "stars": "13k"}, {"name": "Awesome Threat Modelling", "url": "https://github.com/hysnsec/awesome-threat-modelling", "description": "*Practical DevSecOps* - A curated list of threat modeling resources.", "stars": "1.3k"}, {"name": "Vulnerable Web Apps Directory", "url": "https://owasp.org/www-project-vulnerable-web-applications-directory", "description": "*OWASP* - A collection of vulnerable web applications for learning purposes."}], "notes": []}], "total_entries": 158}, {"name": "Cyber Security University", "subcategories": [{"name": "Cyber Security University", "entries": [{"name": "About", "url": "#about", "description": ""}, {"name": "Introduction and Pre-Security", "url": "#introduction-and-pre-security", "description": "(Completed/In Progress)"}, {"name": "Free Beginner Red Team Path", "url": "#free-beginner-red-team-path", "description": "(Add your badge here. The badge code is hidden in this repo)"}, {"name": "Free Beginner Blue Team Path", "url": "#free-beginner-blue-team-path", "description": "(Add your badge here. The badge code is hidden in this repo)"}, {"name": "Bonus CTF practice and Latest CVEs", "url": "#bonus-ctf-practice-and-latest-cves", "description": "(Completed/In Progress)"}, {"name": "Bonus Windows", "url": "#bonus-windows", "description": "(Completed/In Progress)"}, {"name": "Extremely Hard Rooms to do", "url": "#extremely-hard-rooms-to-do", "description": "(Completed/In Progress)"}], "notes": []}, {"name": "Cyber Security University \u2014 Level 1 - Intro", "entries": [{"name": "OpenVPN", "url": "https://tryhackme.com/room/openvpn", "description": "Learn how to connect to a virtual private network using OpenVPN.<!--lint enable double-link-->"}, {"name": "Welcome", "url": "https://tryhackme.com/jr/welcome", "description": "Learn how to use a TryHackMe room to start your upskilling in cyber security."}, {"name": "Intro to Researching", "url": "https://tryhackme.com/room/introtoresearch", "description": "A brief introduction to research skills for pentesting."}, {"name": "Linux Fundamentals 1", "url": "https://tryhackme.com/room/linuxfundamentalspart1", "description": "Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal."}, {"name": "Linux Fundamentals 2", "url": "https://tryhackme.com/room/linuxfundamentalspart2", "description": "Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal."}, {"name": "Linux Fundamentals 3", "url": "https://tryhackme.com/room/linuxfundamentalspart3", "description": "Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal."}, {"name": "Pentesting fundamentals", "url": "https://tryhackme.com/room/pentestingfundamentals", "description": "Fundamentals of penetration testing."}, {"name": "Principles of security", "url": "https://tryhackme.com/room/principlesofsecurity", "description": "Principles of security."}, {"name": "Red Team Engagements", "url": "https://tryhackme.com/room/redteamengagements", "description": "Intro to red team engagements."}, {"name": "Hip Flask", "url": "https://tryhackme.com/room/hipflask", "description": "An in-depth walkthrough covering pentest methodology against a vulnerable server."}, {"name": "Practice Linux Commands", "url": "https://labex.io/courses/linux-basic-commands-practice-online", "description": "A free course with 41 hands-on labs to practice and master the most commonly used Linux commands."}, {"name": "Google Dorking", "url": "https://tryhackme.com/room/googledorking", "description": "Explaining how Search Engines work and leveraging them into finding hidden content!"}, {"name": "Osint", "url": "https://tryhackme.com/room/ohsint", "description": "Intro to Open Source Intelligence."}, {"name": "Shodan.io", "url": "https://tryhackme.com/room/shodan", "description": "Learn about Shodan.io and how to use it for device enumeration."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 2 - Tooling", "entries": [{"name": "Tmux", "url": "https://tryhackme.com/room/rptmux", "description": "Learn to use tmux, one of the most powerful multi-tasking tools on linux."}, {"name": "Nmap,Curl and Netcat", "url": "https://echoctf.red/challenge/1", "description": "Get experience with Nmap, Curl and Netcat for network communications."}, {"name": "Web Scanning", "url": "https://tryhackme.com/room/rustscan", "description": "Learn the basics of automated web scanning."}, {"name": "Subdomain Enumeration", "url": "https://tryhackme.com/room/subdomainenumeration", "description": "Learn how to find subdomains with different techniques."}, {"name": "Metasploit", "url": "https://tryhackme.com/room/metasploitintro", "description": "An introduction to the main components of the Metasploit Framework."}, {"name": "Hydra", "url": "https://tryhackme.com/room/hydra", "description": "Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials."}, {"name": "Linux Privesc", "url": "https://tryhackme.com/room/linuxprivesc", "description": "Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available."}, {"name": "Red Team Fundamentals", "url": "https://tryhackme.com/room/redteamfundamentals", "description": "Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements."}, {"name": "Red Team Recon", "url": "https://tryhackme.com/room/redteamrecon", "description": "Learn how to use DNS, advanced searching, Recon-ng, and Maltego to collect information about your target."}, {"name": "Nmap Tutorials", "url": "https://labex.io/tutorials/quick-start-with-nmap-free-tutorials-400132", "description": "Learn and practice the basics of network scanning using Nmap."}, {"name": "Vulnversity", "url": "https://tryhackme.com/room/vulnversity", "description": "Learn about active recon, web app attacks and privilege escalation."}, {"name": "Blue", "url": "https://tryhackme.com/room/blue", "description": "Deploy & hack into a Windows machine, leveraging common misconfigurations issues."}, {"name": "Simple CTF", "url": "https://tryhackme.com/room/easyctf", "description": "Beginner level CTF."}, {"name": "Bounty Hacker", "url": "https://tryhackme.com/room/cowboyhacker", "description": "A space cowboy-themed boot to root machine."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 3 - Crypto & Hashes with CTF practice", "entries": [{"name": "Crack the hash", "url": "https://tryhackme.com/room/crackthehash", "description": "Cracking hash challenges."}, {"name": "Agent Sudo", "url": "https://tryhackme.com/room/agentsudoctf", "description": "You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth."}, {"name": "The Cod Caper", "url": "https://tryhackme.com/room/thecodcaper", "description": "A guided room taking you through infiltrating and exploiting a Linux system."}, {"name": "Ice", "url": "https://tryhackme.com/room/ice", "description": "Deploy & hack into a Windows machine, exploiting a very poorly secured media server."}, {"name": "Lazy Admin", "url": "https://tryhackme.com/room/lazyadmin", "description": "Easy linux machine to practice your skills."}, {"name": "Basic Pentesting", "url": "https://tryhackme.com/room/basicpentestingjt", "description": "This is a machine that allows you to practice web app hacking and privilege escalation."}, {"name": "Bypassing UAC", "url": "https://tryhackme.com/room/bypassinguac", "description": "Learn common ways to bypass User Account Control (UAC) in Windows hosts."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 4 - Web", "entries": [{"name": "OWASP top 10", "url": "https://tryhackme.com/room/owasptop10", "description": "Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks."}, {"name": "Inclusion", "url": "https://tryhackme.com/room/inclusion", "description": "A beginner-level LFI challenge."}, {"name": "Injection", "url": "https://tryhackme.com/room/injection", "description": "Walkthrough of OS Command Injection. Demonstrate OS Command Injection and explain how to prevent it on your servers."}, {"name": "Juiceshop", "url": "https://tryhackme.com/room/owaspjuiceshop", "description": "This room uses the OWASP juice shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities."}, {"name": "Overpass", "url": "https://tryhackme.com/room/overpass", "description": "What happens when some broke CompSci students make a password manager."}, {"name": "Year of the Rabbit", "url": "https://tryhackme.com/room/yearoftherabbit", "description": "Can you hack into the Year of the Rabbit box without falling down a hole."}, {"name": "DevelPy", "url": "https://tryhackme.com/room/bsidesgtdevelpy", "description": "Boot2root machine for FIT and bsides Guatemala CTF."}, {"name": "Jack of all trades", "url": "https://tryhackme.com/room/jackofalltrades", "description": "Boot-to-root originally designed for Securi-Tay 2020."}, {"name": "Bolt", "url": "https://tryhackme.com/room/bolt", "description": "Bolt themed machine to root into."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 5 - Reverse Engineering & Pwn", "entries": [{"name": "Windows x64 Assembly", "url": "https://tryhackme.com/r/room/win64assembly", "description": "Introduction to x64 Assembly on Windows."}, {"name": "CC Ghidra", "url": "https://tryhackme.com/room/ccghidra", "description": "This room teaches the basics of ghidra."}, {"name": "CC Radare2", "url": "https://tryhackme.com/room/ccradare2", "description": "This room teaches the basics of radare2."}, {"name": "Reverse Engineering", "url": "https://tryhackme.com/room/reverseengineering", "description": "This room focuses on teaching the basics of assembly through reverse engineering."}, {"name": "Reversing ELF", "url": "https://tryhackme.com/room/reverselfiles", "description": "Room for beginner Reverse Engineering CTF players."}, {"name": "Dumping Router Firmware", "url": "https://tryhackme.com/room/rfirmware", "description": "Reverse engineering router firmware."}, {"name": "Intro to pwntools", "url": "https://tryhackme.com/room/introtopwntools", "description": "Introduction to popular pwn tools framework."}, {"name": "Pwnkit: CVE-2021-4034", "url": "https://tryhackme.com/room/pwnkit", "description": "Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 6 - PrivEsc", "entries": [{"name": "Sudo Security Bypass", "url": "https://tryhackme.com/room/sudovulnsbypass", "description": "A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series."}, {"name": "Sudo Buffer Overflow", "url": "https://tryhackme.com/room/sudovulnsbof", "description": "A tutorial room exploring CVE-2019-18634 in the Unix Sudo Program. Room Two in the SudoVulns Series."}, {"name": "Windows Privesc Arena", "url": "https://tryhackme.com/room/windowsprivescarena", "description": "Students will learn how to escalate privileges using a very vulnerable Windows 7 VM."}, {"name": "Linux Privesc Arena", "url": "https://tryhackme.com/room/linuxprivescarena", "description": "Students will learn how to escalate privileges using a very vulnerable Linux VM."}, {"name": "Windows Privesc", "url": "https://tryhackme.com/room/windows10privesc", "description": "Students will learn how to escalate privileges using a very vulnerable Windows 7 VM."}, {"name": "Blaster", "url": "https://tryhackme.com/room/blaster", "description": "Metasploit Framework to get a foothold."}, {"name": "Ignite", "url": "https://tryhackme.com/room/ignite", "description": "A new start-up has a few security issues with its web server."}, {"name": "Kenobi", "url": "https://tryhackme.com/room/kenobi", "description": "Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation."}, {"name": "Capture the flag", "url": "https://tryhackme.com/room/c4ptur3th3fl4g", "description": "Another beginner-level CTF challenge."}, {"name": "Pickle Rick", "url": "https://tryhackme.com/room/picklerick", "description": "Rick and Morty themed LFI challenge."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 1 - Tools", "entries": [{"name": "Introduction to digital forensics", "url": "https://tryhackme.com/room/introdigitalforensics", "description": "Intro to Digital Forensics."}, {"name": "Windows Fundamentals", "url": "https://tryhackme.com/room/windowsfundamentals1xbx", "description": "Intro to Windows."}, {"name": "Nessus", "url": "https://tryhackme.com/room/rpnessusredux", "description": "Intro to nessus scan."}, {"name": "Mitre", "url": "https://tryhackme.com/room/mitre", "description": "Intro to Mitre attack framework."}, {"name": "IntroSIEM", "url": "https://tryhackme.com/room/introtosiem", "description": "Introduction to SIEM."}, {"name": "Yara", "url": "https://tryhackme.com/room/yara", "description": "Intro to yara for malware analysis."}, {"name": "OpenVAS", "url": "https://tryhackme.com/room/openvas", "description": "Intro to openvas."}, {"name": "Intro to Honeypots", "url": "https://tryhackme.com/room/introductiontohoneypots", "description": "Intro to honeypots."}, {"name": "Volatility", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/redline/", "description": "Intro to memory analysis with volatility."}, {"name": "Red Line", "url": "https://tryhackme.com/room/btredlinejoxr3d", "description": "Learn how to use Redline to perform memory analysis and scan for IOCs on an endpoint."}, {"name": "Autopsy", "url": "https://tryhackme.com/room/autopsy2ze0", "description": "Use Autopsy to investigate artifacts from a disk image."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 2 - Security Operations, Incident Response & Threat Hunting", "entries": [{"name": "Investigating Windows", "url": "https://tryhackme.com/room/investigatingwindows", "description": "Investigating Windows."}, {"name": "Juicy Details", "url": "https://tryhackme.com/room/juicydetails", "description": "A popular juice shop has been breached! Analyze the logs to see what had happened."}, {"name": "Carnage", "url": "https://tryhackme.com/room/c2carnage", "description": "Apply your analytical skills to analyze the malicious network traffic using Wireshark."}, {"name": "Squid Game", "url": "https://tryhackme.com/room/squidgameroom", "description": "Squid game-themed CTF."}, {"name": "Splunk Boss of the SOC V1", "url": "https://tryhackme.com/room/bpsplunk", "description": "Part of the Blue Primer series, learn how to use Splunk to search through massive amounts of information."}, {"name": "Splunk Boss of the SOC V2", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/16", "description": "Splunk analysis vol 2."}, {"name": "Splunk Boss of the SOC V3", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/8", "description": "Splunk analysis vol 3."}, {"name": "Hunt Conti with Splunk", "url": "https://tryhackme.com/room/contiransomwarehgh", "description": "An Exchange server was compromised with ransomware. Use Splunk to investigate how the attackers compromised the server."}, {"name": "Hunting for Execution Tactic", "url": "https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-3", "description": "Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT\\&CK Tactic of Execution (TA0002)."}, {"name": "Hunting for Credential Access", "url": "https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-5", "description": "Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT\\&CK Tactic of Credential Access (TA0006)."}, {"name": "Hunting for Persistence Access", "url": "https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-2", "description": "Join Cyborg Security's team of threat hunting instructors for a fun and hands-on-keyboard threat hunting workshop covering the topic of adversarial persistence (TA0003)."}, {"name": "Hunting for Defense Evation", "url": "https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-4", "description": "Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT\\&CK Tactic of Defense Evasion (TA0005)."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 3 - Beginner Forensics, Threat Intel & Cryptography", "entries": [{"name": "Threat Intelligence 101", "url": "https://tryhackme.com/room/cyberthreatintel", "description": "Introduction to Cyber Threat Intelligence."}, {"name": "Threat Intelligence Tools", "url": "https://tryhackme.com/room/threatinteltools", "description": "Explore different OSINT tools used to conduct security threat assessments and investigations."}, {"name": "Martryohka doll", "url": "https://play.picoctf.org/practice/challenge/129?category=4\\&page=1\\&solved=0", "description": "Beginner file analysis challenge."}, {"name": "The Glory of the Garden", "url": "https://play.picoctf.org/practice/challenge/44?category=4\\&page=1\\&solved=0", "description": "Beginner image analysis challenge."}, {"name": "Packets Primer", "url": "https://play.picoctf.org/practice/challenge/286?category=4\\&page=2\\&solved=0", "description": "Beginner packet analysis challenge."}, {"name": "Wireshark doo doo doo", "url": "https://play.picoctf.org/practice/challenge/115?category=4\\&page=1\\&solved=0", "description": "Beginner packet analysis challenge."}, {"name": "Wireshark two two two", "url": "https://play.picoctf.org/practice/challenge/110?category=4\\&page=1\\&solved=0", "description": "Beginner packet analysis challenge."}, {"name": "Trivial flag transfer protocol", "url": "https://play.picoctf.org/practice/challenge/103?category=4\\&page=1\\&solved=0", "description": "Beginner packet analysis challenge."}, {"name": "What Lies within", "url": "https://play.picoctf.org/practice/challenge/74?category=4\\&page=2\\&solved=0", "description": "Beginner decoding analysis challenge."}, {"name": "Illumination", "url": "https://app.hackthebox.com/challenges/illumination", "description": "Medium level forensics challenge."}, {"name": "Emo", "url": "https://app.hackthebox.com/challenges/emo", "description": "Medium level forensics challenge."}, {"name": "Obsecure", "url": "https://app.hackthebox.com/challenges/obscure", "description": "Medium level forensics challenge."}, {"name": "Intel101 Challenge", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/38", "description": "Medium level Threat Intel challenge."}, {"name": "Introduction to Cryptohack", "url": "https://cryptohack.org/courses/intro/course_details/", "description": "Medium level cryptography challenge."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 4 - Memory & Disk Forensics", "entries": [{"name": "Sleuthkit Intro", "url": "https://play.picoctf.org/practice/challenge/301?category=4\\&page=2\\&solved=0", "description": "Medium level disk forensics challenge."}, {"name": "Reminiscent", "url": "https://app.hackthebox.com/challenges/reminiscent", "description": "Medium level disk forensics challenge."}, {"name": "Hunter - Windows Disk Image Forensics", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/32", "description": "Medium level disk forensics challenge."}, {"name": "Spotlight - Mac Disk Image Forensics", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/34", "description": "Medium level disk forensics challenge."}, {"name": "Ulysses -  Linux Disk Image Forensics", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/41", "description": "Medium level disk forensics challenge."}, {"name": "Banking Troubles - Windows Memory Image Forensics", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/43", "description": "Medium level memory forensics challenge."}, {"name": "Detect Log4J", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/86", "description": "Medium level disk forensics challenge."}], "notes": []}, {"name": "Cyber Security University \u2014 Level 5 - Malware and Reverse Engineering", "entries": [{"name": "History of Malware", "url": "https://tryhackme.com/room/historyofmalware", "description": "Intro to malware history."}, {"name": "Malware Introduction", "url": "https://tryhackme.com/room/malmalintroductory", "description": "Intro to malware."}, {"name": "Basic Malware Reverse Engineering", "url": "https://tryhackme.com/room/basicmalwarere", "description": "Intro to malware RE."}, {"name": "Intro Windows Reversing", "url": "https://tryhackme.com/room/windowsreversingintro", "description": "Intro to Windows RE."}, {"name": "Windows x64 Assembly", "url": "https://tryhackme.com/room/win64assembly", "description": "Introduction to x64 Assembly on Windows."}, {"name": "JVM reverse engineering", "url": "https://tryhackme.com/room/jvmreverseengineering", "description": "Learn Reverse Engineering for Java Virtual Machine bytecode."}, {"name": "Get PDF (Malicious Document)", "url": "https://cyberdefenders.org/blueteam-ctf-challenges/47", "description": "Reversing PDF malware."}, {"name": "Bandit", "url": "https://overthewire.org/wargames/bandit/", "description": "Aimed at absolute beginners and teaches the basics of remote server access."}, {"name": "Natas", "url": "https://overthewire.org/wargames/natas/", "description": "Teaches the basics of serverside web-security."}, {"name": "Post Exploitation Basics", "url": "https://tryhackme.com/room/postexploit", "description": "Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenom."}, {"name": "Smag Grotto", "url": "https://tryhackme.com/room/smaggrotto", "description": "An obsecure boot to root machine."}, {"name": "Dogcat", "url": "https://tryhackme.com/room/dogcat", "description": "I made a website where you can look at pictures of dogs and/or cats! Exploit a PHP application via LFI and break out of a docker container."}, {"name": "Buffer Overflow Prep", "url": "https://tryhackme.com/room/bufferoverflowprep", "description": "Practice stack-based buffer overflows."}, {"name": "Break out the cage", "url": "https://tryhackme.com/room/breakoutthecage1", "description": "Help Cage bring back his acting career and investigate the nefarious going on of his agent."}, {"name": "Lian Yu", "url": "https://tryhackme.com/room/lianyu", "description": "A beginner-level security challenge."}, {"name": "Insecure Kubernetes", "url": "https://tryhackme.com/room/insekube", "description": "Exploiting Kubernetes by leveraging a Grafana LFI vulnerability."}, {"name": "The Great Escape (docker)", "url": "https://tryhackme.com/room/thegreatescape", "description": "Escaping docker container."}, {"name": "Solr Exploiting Log4j", "url": "https://tryhackme.com/room/solar", "description": "Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun."}, {"name": "Spring4Shell", "url": "https://tryhackme.com/room/spring4shell", "description": "Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework."}, {"name": "Most Recent threats", "url": "https://tryhackme.com/module/recent-threats", "description": "Learn about the latest industry threats. Get hands-on experience identifying, exploiting, and mitigating critical vulnerabilities."}, {"name": "Attacktive Directory", "url": "https://tryhackme.com/room/attacktivedirectory", "description": "Learn about 99% of Corporate networks that run off of AD."}, {"name": "Retro", "url": "https://tryhackme.com/room/retro", "description": "Breaking out of the retro-themed box."}, {"name": "Blue Print", "url": "https://tryhackme.com/room/blueprint", "description": "Hack into this Windows machine and escalate your privileges to Administrator."}, {"name": "Anthem", "url": "https://tryhackme.com/room/anthem", "description": "Exploit a Windows machine in this beginner-level challenge."}, {"name": "Relevant", "url": "https://tryhackme.com/room/relevant", "description": "Penetration Testing Challenge."}, {"name": "Ra", "url": "https://tryhackme.com/room/ra", "description": "You have found WindCorp's internal network and their Domain Controller. Pwn the network."}, {"name": "CCT2019", "url": "https://tryhackme.com/room/cct2019", "description": "Legacy challenges from the US Navy Cyber Competition Team 2019 Assessment sponsored by US TENTH Fleet."}, {"name": "Theseus", "url": "https://tryhackme.com/room/theseus", "description": "The first installment of the SuitGuy series of very hard challenges."}, {"name": "IronCorp", "url": "https://tryhackme.com/room/ironcorp", "description": "Get access to Iron Corp's system."}, {"name": "Carpe Diem 1", "url": "https://tryhackme.com/room/carpediem1", "description": "Recover your client's encrypted files before the ransomware timer runs out."}, {"name": "Borderlands", "url": "https://tryhackme.com/room/borderlands", "description": "Compromise a perimeter host and pivot through this network."}, {"name": "Jeff", "url": "https://tryhackme.com/room/jeff", "description": "Hack into Jeff's web server."}, {"name": "Year of the Owl", "url": "https://tryhackme.com/room/yearoftheowl", "description": "Owl-themed boot to root machine."}, {"name": "Anonymous Playground", "url": "https://tryhackme.com/room/anonymousplayground", "description": "Want to become part of Anonymous? They have a challenge for you."}, {"name": "EnterPrize", "url": "https://tryhackme.com/room/enterprize", "description": "Enterprise-themed network to hack into."}, {"name": "Racetrack Bank", "url": "https://tryhackme.com/room/racetrackbank", "description": "It's time for another heist."}, {"name": "Python Playground", "url": "https://tryhackme.com/room/pythonplayground", "description": "Use python to pwn this room."}], "notes": []}, {"name": "Cyber Security University \u2014 Contributors & stargazers \u2728", "entries": [], "notes": []}], "total_entries": 150}, {"name": "Embedded and Iot Security", "subcategories": [{"name": "Embedded and Iot Security", "entries": [{"name": "Software Tools", "url": "#software-tools", "description": ""}, {"name": "Hardware Tools", "url": "#hardware-tools", "description": ""}, {"name": "Books", "url": "#books", "description": ""}, {"name": "Research Papers", "url": "#research-papers", "description": ""}, {"name": "Case Studies", "url": "#case-studies", "description": ""}, {"name": "Free Training", "url": "#free-training", "description": ""}, {"name": "Websites", "url": "#websites", "description": ""}, {"name": "Conferences", "url": "#conferences", "description": ""}, {"name": "Contribute", "url": "#contribute", "description": ""}, {"name": "License", "url": "#license", "description": ""}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Analysis Frameworks", "entries": [{"name": "EXPLIoT", "url": "https://gitlab.com/expliot_framework/expliot", "description": "Pentest framework like Metasploit but specialized for IoT."}, {"name": "FACT - The Firmware Analysis and Comparison Tool", "url": "https://fkie-cad.github.io/FACT_core/", "description": "Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions."}, {"name": "FwAnalyzer", "url": "https://github.com/cruise-automation/fwanalyzer", "description": "Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.", "stars": "474"}, {"name": "HAL \u2013 The Hardware Analyzer", "url": "https://github.com/emsec/hal", "description": "A comprehensive reverse engineering and manipulation framework for gate-level netlists.", "stars": "480"}, {"name": "HomePWN", "url": "https://github.com/ElevenPaths/HomePWN", "description": "Swiss Army Knife for Pentesting of IoT Devices.", "stars": "787"}, {"name": "IoTSecFuzz", "url": "https://gitlab.com/invuls/iot-projects/iotsecfuzz", "description": "Framework for automatisation of IoT layers security analysis: hardware, software and communication."}, {"name": "Killerbee", "url": "https://github.com/riverloopsec/killerbee", "description": "Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.", "stars": "707"}, {"name": "PRET", "url": "https://github.com/RUB-NDS/PRET", "description": "Printer Exploitation Toolkit.", "stars": "3.6k"}, {"name": "Routersploit", "url": "https://github.com/threat9/routersploit", "description": "Framework dedicated to exploit embedded devices.", "stars": "11k"}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Analysis Tools", "entries": [{"name": "Binwalk", "url": "https://github.com/ReFirmLabs/binwalk", "description": "Searches a binary for \"interesting\" stuff, as well as extracts arbitrary files.", "stars": "9.7k"}, {"name": "cwe\\_checker", "url": "https://github.com/fkie-cad/cwe_checker", "description": "Finds vulnerable patterns in binary executables - ELF support for x86, ARM, and MIPS, experimental bare-metal support.", "stars": "957"}, {"name": "emba", "url": "https://github.com/e-m-b-a/emba", "description": "Analyze Linux-based firmware of embedded devices.", "stars": "2.1k"}, {"name": "Firmadyne", "url": "https://github.com/firmadyne/firmadyne", "description": "Tries to emulate and pentest a firmware.", "stars": "1.7k"}, {"name": "Firmwalker", "url": "https://github.com/craigz28/firmwalker", "description": "Searches extracted firmware images for interesting files and information.", "stars": "942"}, {"name": "Firmware Slap", "url": "https://github.com/ChrisTheCoolHut/Firmware_Slap", "description": "Discovering vulnerabilities in firmware through concolic analysis and function clustering.", "stars": "462"}, {"name": "Ghidra", "url": "https://ghidra-sre.org/", "description": "Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary."}, {"name": "Radare2", "url": "https://github.com/radare/radare2", "description": "Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset.", "stars": "19k"}, {"name": "Trommel", "url": "https://github.com/CERTCC/trommel", "description": "Searches extracted firmware images for interesting files and information.", "stars": "198"}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Extraction Tools", "entries": [{"name": "FACT Extractor", "url": "https://github.com/fkie-cad/fact_extractor", "description": "Detects container format automatically and executes the corresponding extraction tool.", "stars": "68"}, {"name": "Firmware Mod Kit", "url": "https://github.com/rampageX/firmware-mod-kit/wiki", "description": "Extraction tools for several container formats.", "stars": "726"}, {"name": "The SRecord package", "url": "http://srecord.sourceforge.net/", "description": "Collection of tools for manipulating EPROM files (can convert lots of binary formats)."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Support Tools", "entries": [{"name": "JTAGenum", "url": "https://github.com/cyphunk/JTAGenum", "description": "Add JTAG capabilities to an Arduino.", "stars": "625"}, {"name": "OpenOCD", "url": "http://openocd.org/", "description": "Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Misc Tools", "entries": [{"name": "Cotopaxi", "url": "https://github.com/Samsung/cotopaxi", "description": "Set of tools for security testing of Internet of Things devices using specific network IoT protocols.", "stars": "334"}, {"name": "dumpflash", "url": "https://github.com/ohjeongwook/dumpflash", "description": "Low-level NAND Flash dump and parsing utility.", "stars": "264"}, {"name": "flashrom", "url": "https://github.com/flashrom/flashrom", "description": "Tool for detecting, reading, writing, verifying and erasing flash chips.", "stars": "731"}, {"name": "Samsung Firmware Magic", "url": "https://github.com/chrivers/samsung-firmware-magic", "description": "Decrypt Samsung SSD firmware updates.", "stars": "191"}, {"name": "Bus Blaster", "url": "http://dangerousprototypes.com/docs/Bus_Blaster", "description": "Detects and interacts with hardware debug ports like [UART](https://en.wikipedia.org/wiki/Universal_asynchronous_receiver-transmitter) and [JTAG](https://en.wikipedia.org/wiki/JTAG)."}, {"name": "Bus Pirate", "url": "http://dangerousprototypes.com/docs/Bus_Pirate", "description": "Detects and interacts with hardware debug ports like UART and JTAG."}, {"name": "Shikra", "url": "https://int3.cc/products/the-shikra", "description": "Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols."}, {"name": "JTAGULATOR", "url": "http://www.grandideastudio.com/jtagulator/", "description": "Detects JTAG Pinouts fast."}, {"name": "Saleae", "url": "https://www.saleae.com/", "description": "Easy to use Logic Analyzer that support many protocols :euro:."}, {"name": "Ikalogic", "url": "https://www.ikalogic.com/pages/logic-analyzer-sp-series-sp209", "description": "Alternative to Saleae logic analyzers :euro:."}, {"name": "HydraBus", "url": "https://hydrabus.com/hydrabus-1-0-specifications/", "description": "Open source multi-tool hardware similar to the BusPirate but with NFC capabilities."}, {"name": "ChipWhisperer", "url": "https://newae.com/chipwhisperer/", "description": "Detects Glitch/Side-channel attacks."}, {"name": "Glasgow", "url": "https://github.com/GlasgowEmbedded/Glasgow", "description": "Tool for exploring and debugging different digital interfaces.", "stars": "1.8k"}, {"name": "J-Link", "url": "https://www.segger.com/products/debug-probes/j-link/models/model-overview/", "description": "J-Link offers USB powered JTAG debug probes for multiple different CPU cores :euro:."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Bluetooth BLE Tools", "entries": [{"name": "UberTooth One", "url": "https://greatscottgadgets.com/ubertoothone/", "description": "Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation."}, {"name": "Bluefruit LE Sniffer", "url": "https://www.adafruit.com/product/2269", "description": "Easy to use Bluetooth Low Energy sniffer."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 ZigBee Tools", "entries": [{"name": "ApiMote", "url": "http://apimote.com", "description": "ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible."}, {"name": "Freakduino", "url": "https://freaklabsstore.com/index.php?main_page=product_info\\&cPath=22\\&products_id=219\\&zenid=fpmu2kuuk4abjf6aurt3bjnfk4", "description": "Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 SDR Tools", "entries": [{"name": "RTL-SDR", "url": "https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/", "description": "Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz."}, {"name": "HackRF One", "url": "https://greatscottgadgets.com/hackrf/", "description": "Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz (half-duplex)."}, {"name": "YardStick One", "url": "https://greatscottgadgets.com/yardstickone/", "description": "Half-duplex sub-1 GHz wireless transceiver."}, {"name": "LimeSDR", "url": "https://www.crowdsupply.com/lime-micro/limesdr", "description": "Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex)."}, {"name": "BladeRF 2.0", "url": "https://www.nuand.com/bladerf-2-0-micro/", "description": "Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex)."}, {"name": "USRP B Series", "url": "https://www.ettus.com/product-categories/usrp-bus-series/", "description": "Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex)."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 RFID NFC Tools", "entries": [{"name": "Proxmark 3 RDV4", "url": "https://www.proxmark.com/", "description": "Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags."}, {"name": "ChamaleonMini", "url": "http://chameleontiny.com/", "description": "Programmable, portable tool for NFC security analysis."}, {"name": "HydraNFC", "url": "https://hydrabus.com/hydranfc-1-0-specifications/", "description": "Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate."}, {"name": "Binary Hardening in IoT products", "url": "https://cyber-itl.org/2019/08/26/iot-data-writeup.html", "description": ""}, {"name": "Cracking Linksys \u201cEncryption\u201d", "url": "http://www.devttys0.com/2014/02/cracking-linksys-crypto/", "description": ""}, {"name": "Deadly Sins Of Development", "url": "https://youtu.be/nXyglaY9N9w", "description": "Conference talk presenting several real world examples on real bad implementations :tv:."}, {"name": "Dumping firmware from a device's SPI flash with a buspirate", "url": "https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html", "description": ""}, {"name": "Hacking the DSP-W215, Again", "url": "http://www.devttys0.com/2014/05/hacking-the-dspw215-again/", "description": ""}, {"name": "Hacking the PS4", "url": "https://cturt.github.io/ps4.html", "description": "Introduction to PS4's security."}, {"name": "IoT Security@CERN", "url": "https://doi.org/10.5281/zenodo.1035034", "description": ""}, {"name": "Multiple vulnerabilities found in the D-link DWR-932B", "url": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", "description": ""}, {"name": "Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol", "url": "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html", "description": ""}, {"name": "PWN Xerox Printers (...again)", "url": "https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf", "description": ""}, {"name": "Reversing Firmware With Radare", "url": "https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html", "description": ""}, {"name": "Reversing the Huawei HG533", "url": "http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/", "description": ""}, {"name": "CSAW Embedded Security Challenge 2019", "url": "https://github.com/TrustworthyComputing/csaw_esc_2019", "description": "CSAW 2019 Embedded Security Challenge (ESC).", "stars": "33"}, {"name": "Embedded Security CTF", "url": "https://microcorruption.com", "description": "Microcorruption: Embedded Security CTF."}, {"name": "Hardware Hacking 101", "url": "https://github.com/rdomanski/hardware_hacking/tree/master/my_talks/Hardware_Hacking_101", "description": "Workshop @ BSides Munich 2019.", "stars": "37"}, {"name": "IoTGoat", "url": "https://github.com/scriptingxss/IoTGoat", "description": "IoTGoat is a deliberately insecure firmware based on OpenWrt.", "stars": "177"}, {"name": "Rhme-2015", "url": "https://github.com/Riscure/RHme-2015", "description": "First riscure Hack me hardware CTF challenge.", "stars": "105"}, {"name": "Rhme-2016", "url": "https://github.com/Riscure/Rhme-2016", "description": "Riscure Hack me 2 is a low level hardware CTF challenge.", "stars": "286"}, {"name": "Rhme-2017/2018", "url": "https://github.com/Riscure/Rhme-2017", "description": "Riscure Hack Me 3 embedded hardware CTF 2017-2018.", "stars": "84"}, {"name": "Hacking Printers Wiki", "url": "http://hacking-printers.net/wiki/index.php/Main_Page", "description": "All things printer."}, {"name": "OWASP Embedded Application Security Project", "url": "https://owasp.org/www-project-embedded-application-security/", "description": "Development best practices and list of hardware and software tools."}, {"name": "OWASP Internet of Things Project", "url": "https://owasp.org/www-project-internet-of-things/", "description": "IoT common vulnerabilities and attack surfaces."}, {"name": "Router Passwords", "url": "https://192-168-1-1ip.mobi/default-router-passwords-list/", "description": "Default login credential database sorted by manufacturer."}, {"name": "Siliconpr0n", "url": "https://siliconpr0n.org/", "description": "A Wiki/Archive of all things IC reversing."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Blogs", "entries": [{"name": "RTL-SDR", "url": "https://www.rtl-sdr.com/", "description": ""}, {"name": "/dev/ttyS0's Embedded Device Hacking", "url": "http://www.devttys0.com/blog/", "description": ""}, {"name": "Exploiteers", "url": "https://www.exploitee.rs/", "description": ""}, {"name": "Hackaday", "url": "https://hackaday.com", "description": ""}, {"name": "jcjc's Hack The World", "url": "https://jcjc-dev.com/", "description": ""}, {"name": "Quarkslab", "url": "https://blog.quarkslab.com/", "description": ""}, {"name": "wrong baud", "url": "https://wrongbaud.github.io/", "description": ""}, {"name": "Firmware Security", "url": "https://firmwaresecurity.com/", "description": ""}, {"name": "PenTestPartners", "url": "https://www.pentestpartners.com/internet-of-things/", "description": ""}, {"name": "Attify", "url": "https://blog.attify.com/", "description": ""}, {"name": "Patayu", "url": "https://payatu.com/blog", "description": ""}, {"name": "GracefulSecurity - Hardware tag", "url": "https://gracefulsecurity.com/category/hardware/", "description": ""}, {"name": "Black Hills - Hardware Hacking tag", "url": "https://www.blackhillsinfosec.com/tag/hardware-hacking/", "description": ""}], "notes": []}, {"name": "Embedded and Iot Security \u2014 Tutorials and Technical Background", "entries": [{"name": "Azeria Lab", "url": "https://azeria-labs.com/", "description": "Miscellaneous ARM related Tutorials."}, {"name": "JTAG Explained", "url": "https://blog.senr.io/blog/jtag-explained#", "description": "A walkthrough covering UART and JTAG bypassing a protected login shell."}, {"name": "Reverse Engineering Serial Ports", "url": "http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/", "description": "Detailed tutorial about how to spot debug pads on a PCB."}, {"name": "UART explained", "url": "https://www.mikroe.com/blog/uart-serial-communication", "description": "An in depth explanation of the UART protocol."}], "notes": []}, {"name": "Embedded and Iot Security \u2014 YouTube Channels", "entries": [{"name": "Flashback Team", "url": "https://www.youtube.com/c/FlashbackTeam", "description": "A duo of hackers explaining their step by step approach to finding and exploiting vulnerabilities in embedded devices."}, {"name": "StackSmashing", "url": "https://www.youtube.com/c/stacksmashing", "description": "Reverse engineering and hardware hacking of embedded devices."}, {"name": "Hardwear.io", "url": "https://hardwear.io/", "description": ""}], "notes": []}], "total_entries": 104}, {"name": "Pci Dss", "subcategories": [{"name": "Pci Dss", "entries": [{"name": "Official Resources", "url": "#official-resources", "description": ""}, {"name": "Self-Assessment Questionnaires (SAQs)", "url": "#self-assessment-questionnaires-saqs", "description": ""}, {"name": "Tooling & Frameworks", "url": "#tooling--frameworks", "description": ""}, {"name": "Cloud Compliance", "url": "#cloud-compliance", "description": ""}, {"name": "Implementation Guides", "url": "#implementation-guides", "description": ""}, {"name": "Tools for PCI DSS 6.4.3 and 11.6.1 Compliance", "url": "#tools-for-pci-dss-643-and-1161-compliance", "description": ""}, {"name": "Policy Templates & Resources", "url": "#policy-templates--resources", "description": ""}, {"name": "API Security", "url": "#api-security", "description": ""}, {"name": "Training & Certification", "url": "#training--certification", "description": ""}, {"name": "Community & Forums", "url": "#community--forums", "description": ""}, {"name": "Example Projects", "url": "#example-projects", "description": ""}, {"name": "Books & Publications", "url": "#books--publications", "description": ""}, {"name": "Related Projects", "url": "#related-projects", "description": ""}, {"name": "Contributing", "url": "#contributing", "description": ""}, {"name": "PCI SSC Document Library", "url": "https://www.pcisecuritystandards.org/document_library", "description": "Central hub for all PCI standards and materials"}, {"name": "PCI DSS v4.0.1 Standard", "url": "https://www.pcisecuritystandards.org/document_library?document=PCI_DSS_v4", "description": "Latest release (June 2024)"}, {"name": "PCI DSS Quick Reference Guide", "url": "https://www.pcisecuritystandards.org/documents/PCIDSS_QRGv3.pdf", "description": "High-level overview"}, {"name": "PIN Transaction Security (PTS)", "url": "https://www.pcisecuritystandards.org/assessors_and_solutions/pin_transaction_security", "description": "Requirements for POI devices"}, {"name": "PCI SSC Blog", "url": "https://blog.pcisecuritystandards.org/", "description": "Official insights and updates"}, {"name": "SAQ A", "url": "https://www.pcisecuritystandards.org/documents/SAQ_A_v3.pdf", "description": "For fully outsourced e-commerce"}, {"name": "SAQ A-EP", "url": "https://listings.pcisecuritystandards.org/documents/PCI-DSS-v4-0-SAQ-A-EP.pdf", "description": "Partial e-commerce outsourcing"}, {"name": "SAQ D", "url": "https://listings.pcisecuritystandards.org/documents/PCI-DSS-v4-0-SAQ-D-Merchant.pdf", "description": "All other merchants and service providers"}, {"name": "ROC Template", "url": "https://www.pcisecuritystandards.org/assessors_and_solutions/report_on_compliance", "description": "For QSA assessments"}], "notes": []}, {"name": "Pci Dss \u2014 Open Source", "entries": [{"name": "Wazuh", "url": "https://documentation.wazuh.com/current/compliance/pci-dss/index.html", "description": "HIDS, log analysis, file integrity"}, {"name": "OpenControl", "url": "https://github.com/opencontrol/standards/blob/master/pci-dss.yaml", "description": "Compliance-as-code catalog"}, {"name": "Vault", "url": "https://www.vaultproject.io/", "description": "Secrets management (Req. 3)"}, {"name": "OpenVAS", "url": "https://www.openvas.org/", "description": "Vulnerability scanning"}, {"name": "OSSEC", "url": "https://www.ossec.net/", "description": "Host-based intrusion detection"}, {"name": "Mozilla SSL Configuration Generator", "url": "https://ssl-config.mozilla.org/", "description": "TLS hardening"}], "notes": []}, {"name": "Pci Dss \u2014 Commercial", "entries": [{"name": "Qualys", "url": "https://www.qualys.com/", "description": "Vulnerability scanning, asset inventory, and PCI DSS compliance monitoring"}, {"name": "Tripwire", "url": "https://www.tripwire.com/", "description": "File integrity monitoring, security configuration management, and continuous compliance"}, {"name": "Splunk", "url": "https://www.splunk.com/", "description": "Log management, SIEM, and compliance reporting"}, {"name": "Trustwave", "url": "https://www.trustwave.com/", "description": "Managed PCI compliance services and security solutions"}, {"name": "Tenable", "url": "https://www.tenable.com/solutions/pci", "description": "Comprehensive PCI DSS compliance platform with vulnerability management"}, {"name": "SolarWinds Security Event Manager", "url": "https://www.solarwinds.com/security-event-manager", "description": "Log management, event correlation, and built-in PCI DSS reports"}, {"name": "Secureframe", "url": "https://secureframe.com/", "description": "Automated compliance management, policy enforcement, and risk assessment"}, {"name": "Drata", "url": "https://drata.com/", "description": "Compliance automation, evidence collection, and audit readiness"}, {"name": "Vanta", "url": "https://vanta.com/", "description": "Automated compliance workflows, risk assessment, and live dashboards"}, {"name": "Rapid7 InsightVM", "url": "https://www.rapid7.com/products/insightvm/", "description": "Vulnerability assessment and risk prioritization"}, {"name": "Thales CipherTrust", "url": "https://cpl.thalesgroup.com/encryption", "description": "Data encryption and tokenization solutions"}, {"name": "Imperva WAF", "url": "https://www.imperva.com/products/web-application-firewall-waf/", "description": "Web application firewall for protecting payment applications"}, {"name": "CyberArk", "url": "https://www.cyberark.com/", "description": "Privileged access management for secure authentication"}, {"name": "Okta", "url": "https://www.okta.com/", "description": "Identity and access management for PCI environments"}, {"name": "TokenEx", "url": "https://www.tokenex.com/", "description": "Cloud tokenization for protecting cardholder data"}, {"name": "Orca Security", "url": "https://orca.security/", "description": "Cloud compliance, vulnerability monitoring, and risk prioritization"}, {"name": "AWS Config Conformance Packs", "url": "https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-pci-dss-4.html", "description": "AWS compliance templates"}, {"name": "AWS PCI DSS Level 1 FAQs", "url": "https://aws.amazon.com/compliance/pci-dss-level-1-faqs/", "description": "Cloud compliance guidance"}, {"name": "Cloud Security Alliance Guide", "url": "https://cloudsecurityalliance.org/artifacts/pci-dss-guidance/", "description": "Cloud-specific compliance"}, {"name": "Multi-Cloud Compliance", "url": "https://orca.security/resources/blog/5-best-practices-pci-dss-compliance-cloud/", "description": "Cross-cloud management"}, {"name": "NIST SP 800-53 Mapping", "url": "https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final", "description": "PCI DSS control mappings"}, {"name": "OWASP Secure Coding Practices", "url": "https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/", "description": "Requirement 6 guidance"}, {"name": "SANS PCI DSS Checklist", "url": "https://www.sans.org/white-papers/32969/", "description": "Implementation checklist"}, {"name": "E-commerce Requirements", "url": "https://blog.pcisecuritystandards.org/coffee-with-the-council-podcast-guidance-for-pci-dss-e-commerce-requirements-effective-after-31-march-2025", "description": "Post-March 2025 guidance"}, {"name": "PylonSec", "url": "https://pylonsec.com/", "description": "Comprehensive script governance, real-time tamper detection, automated unauthorized script detection"}, {"name": "Imperva Client-Side Protection", "url": "https://www.imperva.com/products/client-side-protection-csp/", "description": "Discovers and inventories scripts, enforces authorization, verifies integrity via cryptographic hashing"}, {"name": "Feroot", "url": "https://www.feroot.com/", "description": "Script authorization, integrity verification, inventory management, real-time change detection"}, {"name": "DataDome Page Protect", "url": "https://datadome.co/products/page-protect/", "description": "Automated script discovery, inventory, authorization, integrity monitoring, real-time tamper detection"}, {"name": "SecurityMetrics Shopping Cart Monitor", "url": "https://www.securitymetrics.com/shopping-cart-monitor", "description": "Cloud-based Web Integrity Monitoring without installation or configuration"}, {"name": "Foregenix File Integrity Monitoring", "url": "https://www.foregenix.com/services/compliance-and-risk/pci-dss", "description": "Cryptographic hashing to verify and monitor script integrity"}, {"name": "SourceDefense", "url": "https://sourcedefense.com/", "description": "Script inventory, authorization, integrity monitoring with free tier for single page"}, {"name": "Visualping", "url": "https://visualping.io/", "description": "Automated change and tamper detection for payment pages, monitors content and HTTP headers"}, {"name": "CHEQ Privacy Compliance", "url": "https://www.cheq.ai/", "description": "Monitors and intercepts script requests, detects unauthorized changes"}, {"name": "Akamai Client-Side Protection", "url": "https://www.akamai.com/solutions/security/client-side-protection", "description": "JavaScript security, client-side script monitoring, integrity checks"}], "notes": []}, {"name": "Pci Dss \u2014 Free Templates", "entries": [{"name": "WithPCI Policy Templates", "url": "https://withpci.com/resources/templates", "description": "Comprehensive PCI DSS v4.0-aligned templates including Information Security Policy, Incident Response Plan, Change Management, and many more"}, {"name": "FRSecure PCI Policy Template", "url": "https://frsecure.com/pci-policy-template/", "description": "Comprehensive template covering account management, authentication, vendor access, and more"}, {"name": "PCI V4 Policy Templates Sample", "url": "https://pcipolicies.com/products/pci-v4-policy-templates-sample", "description": "Free sample pack including Access Control Policy, Information Security Policy, and more"}, {"name": "SecurityMetrics PCI Templates", "url": "https://www.securitymetrics.com/pci-policies", "description": "Customizable templates for firewall configuration, incident response, and security policies"}, {"name": "Strike Graph PCI DSS Policy", "url": "https://www.strikegraph.com/blog/pci-dss-policy", "description": "Robust, customizable policy template framework covering the 12 core requirements"}, {"name": "SANS Security Policy Templates", "url": "https://www.sans.org/information-security-policy/", "description": "General security policy templates that can be adapted for PCI DSS compliance"}, {"name": "paulveillard/PCI-DSS-Compliance-Toolkit", "url": "https://github.com/paulveillard/PCI-DSS-Compliance-Toolkit", "description": "Checklists, policy templates, and data flow diagram guides"}], "notes": []}, {"name": "Pci Dss \u2014 Paid Solutions", "entries": [{"name": "PCI Policies", "url": "https://pcipolicies.com/", "description": "Professional templates for merchants and service providers with 30+ documents covering all requirements"}, {"name": "IT Governance PCI DSS Documentation Toolkit", "url": "https://www.itgovernance.co.uk/shop/product/pci-dss-documentation-toolkit", "description": "Comprehensive toolkit created by a Qualified Security Assessor"}, {"name": "PCI Policy Portal", "url": "https://pcipolicyportal.com/", "description": "Industry-leading templates for PCI DSS compliance"}, {"name": "NordLayer PCI Compliance Templates", "url": "https://nordlayer.com/learn/pci-dss/pci-compliance-policy/", "description": "Templates tailored for cloud/hybrid environments"}], "notes": []}, {"name": "Pci Dss \u2014 Implementation Tips", "entries": [{"name": "PCI DSS v4.0 API Security Compliance", "url": "https://www.akamai.com/blog/security/meet-pci-dss-v40-api-security-compliance", "description": "Overview of new API security requirements in PCI DSS v4.0"}, {"name": "Requirement 6.2.3 Compliance", "url": "https://www.akamai.com/blog/security/meet-pci-dss-v40-api-security-compliance", "description": "Guide to implementing PCI DSS requirement 6.2.3 for secure custom application code"}, {"name": "Requirement 6.3.2 Implementation", "url": "https://www.akamai.com/blog/security/meet-pci-dss-v40-api-security-compliance", "description": "How to maintain an inventory of custom software components for vulnerability management"}, {"name": "Requirement 6.2.2 for Developers", "url": "https://www.akamai.com/blog/security/meet-pci-dss-v40-api-security-compliance", "description": "Training requirements for software development personnel working on custom software"}, {"name": "PCI SSC Training", "url": "https://www.pcisecuritystandards.org/program_training/", "description": "Official programs"}, {"name": "Cybrary: PCI DSS Practitioner", "url": "https://www.cybrary.it/course/pci-practitioner", "description": "Deep-dive modules"}, {"name": "QSA Qualification", "url": "https://www.pcisecuritystandards.org/assessors_and_solutions/qualified_security_assessors", "description": "Assessor certification"}, {"name": "Security Journey Blog", "url": "https://www.securityjourney.com/post/free-vs.-paid-pci-training-which-is-best-for-your-organization", "description": "Training resources"}, {"name": "r/pcicompliance", "url": "https://www.reddit.com/r/pcicompliance/", "description": "Reddit community"}, {"name": "Stack Exchange - PCI DSS", "url": "https://security.stackexchange.com/questions/tagged/pci-dss", "description": "Technical Q\\&A"}, {"name": "PCI DSS LinkedIn Group", "url": "https://www.linkedin.com/groups/2577511/", "description": "Professional networking"}, {"name": "PCI Perspectives", "url": "https://blog.pcisecuritystandards.org/", "description": "Official blog"}, {"name": "praiseordu/PCI-DSS-Compliance-Toolkit", "url": "https://github.com/praiseordu/PCI-DSS-Compliance-Toolkit", "description": "Compliance toolkit"}, {"name": "paulveillard/cybersecurity-pci-dss-compliance", "url": "https://github.com/paulveillard/cybersecurity-pci-dss-compliance", "description": "Best practices library"}, {"name": "captbrando/PCI-Compliance-5th-Edition", "url": "https://github.com/captbrando/PCI-Compliance-5th-Edition", "description": "Comprehensive guide"}, {"name": "AWS PCI Templates", "url": "https://github.com/strongjz/aws-pci-dss", "description": "Cloud architectures"}, {"name": "PCI DSS: A Pocket Guide", "url": "https://www.amazon.com/PCI-DSS-Pocket-Guide-Compliance/dp/1787780755", "description": "By Alan Calder"}, {"name": "Payment Card Industry Data Security Standard Handbook", "url": "https://www.amazon.com/dp/111823622X", "description": "By Branden Williams"}, {"name": "PCI Compliance, 5th Edition", "url": "https://www.amazon.com/PCI-Compliance-Fifth-Understanding-Requirements/dp/0128118938", "description": "Comprehensive guide"}, {"name": "Awesome Security", "url": "https://github.com/sbilly/awesome-security", "description": "General security resources"}, {"name": "Awesome Cybersecurity", "url": "https://github.com/fabacab/awesome-cybersecurity", "description": "Broader security topics"}], "notes": []}], "total_entries": 95}, {"name": "Evm Security", "subcategories": [{"name": "Evm Security", "entries": [{"name": "Guides", "url": "#guides", "description": ""}, {"name": "Governance", "url": "#governance", "description": ""}, {"name": "Architecture", "url": "#architecture", "description": ""}, {"name": "Standards", "url": "#standards", "description": ""}, {"name": "System Assets", "url": "#system-assets", "description": ""}, {"name": "Threats", "url": "#threats", "description": ""}, {"name": "Vulnerabilities", "url": "#vulnerabilities", "description": ""}, {"name": "Controls", "url": "#controls", "description": ""}, {"name": "Ecosystem", "url": "#ecosystem", "description": ""}, {"name": "CryptoSec.info", "url": "https://cryptosec.info/", "description": "Information to help beginners learn how to protect their funds against hackers and scammers."}, {"name": "Simplified Roadmap for Blockchain Security", "url": "https://devansh.xyz/blockchain-security/2021/09/17/genesis-0x01.html", "description": "Covers all rudimentary topics that one needs to know in order to get into the field of Blockchain Security."}, {"name": "How to become a smart contract auditor", "url": "https://cmichel.io/how-to-become-a-smart-contract-auditor/", "description": "Frequently asked questions that are related to auditing and auditors can get their first job."}, {"name": "A beginner's guide to DAOs", "url": "https://linda.mirror.xyz/Vh8K4leCGEO06_qSGx-vS5lvgUqhqkCz9ut81WwCP2o", "description": "Gives a high level overview of what DAOs are, why they are interesting and some of their use cases."}, {"name": "Deep DAO", "url": "https://deepdao.io/#/deepdao/dashboard", "description": "Lists, ranks and analyzes top DAOs across multiple metrics."}, {"name": "SAFT Agreements", "url": "https://saftproject.com/", "description": "A commercial instrument used to convey rights in tokens prior to the development of the tokens' functionality."}, {"name": "Voting Options in DAOs", "url": "https://medium.com/daostack/voting-options-in-daos-b86e5c69a3e3", "description": "Voting Options in DAOs."}, {"name": "The Wyoming DAO bill", "url": "https://twitter.com/awrigh01/status/1369328856260354051", "description": "A thread about Wyoming DAOs ."}, {"name": "It Takes a Cryptonetwork", "url": "https://medium.com/primedao/it-takes-a-cryptonetwork-2ae9ab541c17", "description": "Prime's Strategy for DAO to DAO Relations."}, {"name": "DAOs, Democracy and Governance", "url": "https://merkle.com/papers/DAOdemocracyDraft.pdf", "description": "A paper by Ralph Merkle about DAOs."}, {"name": "Shelling Out: The Origins of Money", "url": "https://nakamotoinstitute.org/shelling-out/", "description": "Illustrates the value of collectibles in reducing social transaction costs."}, {"name": "Foundations of Cryptoeconomic Systems", "url": "https://epub.wu.ac.at/7309/8/Foundations%20of%20Cryptoeconomic%20Systems.pdf", "description": "This paper explores why the term"}, {"name": "Towards a Practice of Token Engineering", "url": "https://blog.oceanprotocol.com/towards-a-practice-of-token-engineering-b02feeeff7ca", "description": "How do we design tokenized ecosystems, their incentives and how do we analyze or verify them?"}, {"name": "A Crash Course in Mechanism Design for Cryptoeconomic Applications", "url": "https://medium.com/blockchannel/a-crash-course-in-mechanism-design-for-cryptoeconomic-applications-a9f06ab6a976", "description": "Introduces the basic concepts of mechanism design, and gives a taste for their usefulness in the cryptocurrency world."}, {"name": "WTF Is QF", "url": "https://wtfisqf.com/?grant=\\&grant=\\&grant=\\&grant=\\&match=1000", "description": "A simple explanation of quadratic funding."}, {"name": "Bonding Curves Explained", "url": "https://yos.io/2018/11/10/bonding-curves", "description": "What bonding curves are and their potential applications."}, {"name": "DeFi Safety", "url": "https://www.defisafety.com/", "description": "Best practices security score reviews."}, {"name": "DASP Top 10 of 2018", "url": "https://dasp.co/", "description": "Decentralized Application Security Project Top 10 vulnerabilities."}, {"name": "IVSCS", "url": "https://immunefi.com/severity-updated/", "description": "Immunefi Vulnerability Severity Classification System."}, {"name": "Smart Contract Security Verification Standard", "url": "https://securing.github.io/SCSVS/", "description": "A free 14-part checklist created to standardize the security of smart contracts for developers, architects, security reviewers and vendors."}, {"name": "Secureth guidelines", "url": "https://guidelines.secureth.org/", "description": "Aid you in formulating your own software engineering process by giving a complete picture of all the different concerns and expectations in your software projects."}, {"name": "CryptoCurrency Security Standard (CCSS)", "url": "https://cryptoconsortium.github.io/CCSS/", "description": "A set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions."}, {"name": "The Solcurity Standard", "url": "https://github.com/Rari-Capital/solcurity", "description": "Opinionated security and code quality standard for Solidity smart contracts.", "stars": "972"}, {"name": "Security Considerations in the Solidity documentation", "url": "https://docs.soliditylang.org/en/v0.8.6/security-considerations.html", "description": "Lists some pitfalls and general security recommendations."}, {"name": "Ethereum 2.0 Specifications Security Audit Report", "url": "https://leastauthority.com/static/publications/LeastAuthority-Ethereum-2.0-Specifications-Audit-Report.pdf", "description": "Security Audit Report of the Eth2.0 spec by Least Authority."}, {"name": "Getting Deep Into EVM", "url": "https://hackernoon.com/getting-deep-into-evm-how-ethereum-works-backstage-ac7efa1f0015", "description": "An Ultimate, In-depth Explanation of How EVM Works."}, {"name": "Ethereum EVM illustrated", "url": "https://takenobu-hs.github.io/downloads/ethereum_evm_illustrated.pdf", "description": "Exploring some mental models and implementations."}, {"name": "Ethereum Blockspace: Who Gets What and Why", "url": "https://www.aniccaresearch.tech/blog/ethereum-blockspace-who-gets-what-and-why", "description": "Ethereum blockspace market structure."}, {"name": "What Is Uniswap and How Does It Work?", "url": "https://academy.binance.com/en/articles/what-is-uniswap-and-how-does-it-work", "description": "What Uniswap is, how it works, and how you can swap tokens on it simply with an Ethereum wallet."}, {"name": "Scaling EVM (Ethereum Virtual Machine)", "url": "https://capitalgram.com/posts/scaling-evm/", "description": "How fast and far can the EVM based blockchain architecture still take us."}, {"name": "L2Beat", "url": "https://l2beat.com/", "description": "Transparent and verifiable insights into emerging layer two (L2) technologies."}, {"name": "The Non-Fungible Token Bible", "url": "https://opensea.io/blog/guides/non-fungible-tokens", "description": "Everything you need to know about NFTs."}, {"name": "KEVM", "url": "https://github.com/kframework/evm-semantics", "description": "A formal model of the EVM in the K framework.", "stars": "377"}, {"name": "Blockchain Graveyard", "url": "https://magoo.github.io/Blockchain-Graveyard/", "description": "A list of all massive security breaches or thefts involving blockchains."}, {"name": "List of Bitcoin Heists", "url": "https://bitcointalk.org/index.php?topic=576337", "description": "Research on prior Bitcoin-related thefts."}, {"name": "Blockchain Threat Intelligence", "url": "https://www.blockthreat.io/", "description": "The latest in blockchain, DeFi and cryptocurrency threat intelligence, vulnerabilities, security tools, and events."}, {"name": "Rekt News", "url": "https://rekt.news/", "description": "Investigative journalism, creative commentary, and incident analysis."}, {"name": "DeFiYield's REKT db", "url": "https://defiyield.app/rekt-database", "description": "Database of Crypto Hacks, Exploit, Scam."}, {"name": "CryptoScamDB", "url": "https://cryptoscamdb.org/scams", "description": "Keeping track of cryptocurrency scams in an open-source database."}, {"name": "Mudit Gupta's Twitter threads", "url": "https://mudit.blog/twitter-threads/", "description": "Early analysis and educational content on Twitter."}, {"name": "Flash Boys 2.0 Paper", "url": "https://ieeexplore.ieee.org/document/9152675", "description": "Frontrunning in Decentralized Exchanges, Miner Extractable Value, and Consensus Instability."}, {"name": "MEV-explore", "url": "https://explore.flashbots.net/", "description": "Help the community understand and quantify the significance of \"Dark Forest activities\" and their impact on the Ethereum network."}, {"name": "Flashloan monitor", "url": "https://monitor.blocksecteam.com/", "description": "Dashboard that helps you monitor flashloan transactions."}, {"name": "Known Attacks", "url": "https://consensys.github.io/smart-contract-best-practices/known_attacks/", "description": "A list of known attacks which you should be aware of, from Consensys."}, {"name": "Solidity Security", "url": "https://blog.sigmaprime.io/solidity-security.html", "description": "Comprehensive list of known attack vectors and common anti-patterns."}, {"name": "SWC Registry", "url": "https://swcregistry.io/", "description": "Smart Contract Weakness Classification and Test Cases."}, {"name": "246 Findings", "url": "https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/", "description": "246 Findings From Trail of Bits Smart Contract Audits."}, {"name": "A Survey of Security Vulnerabilities in Ethereum Smart Contracts", "url": "https://arxiv.org/pdf/2105.06974.pdf", "description": "Explains eight vulnerabilities that are specific to the application level of blockchain technology by analyzing the past exploitation case scenarios of these security vulnerabilities."}, {"name": "List of Security Vulnerabilities", "url": "https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities", "description": "A comprehensive list of common smart contract security vulnerabilities, compiled from various sources.", "stars": "535"}, {"name": "List of Known Bugs", "url": "https://docs.soliditylang.org/en/v0.8.1/bugs.html", "description": "A JSON-formatted list of some of the known security-relevant bugs in the Solidity compiler."}, {"name": "Simple Security Toolkit", "url": "https://github.com/nascentxyz/simple-security-toolkit", "description": "Opinionated recommendations that the team at Nascent find to be appropriate,  particularly for teams developing and managing early versions of a protocol.", "stars": "586"}, {"name": "Gnosis Safe", "url": "https://docs.gnosis-safe.io", "description": "Multi-sig. Require multiple team members to confirm every transaction in order to execute it, which helps prevent unauthorized access to company crypto."}, {"name": "List of DeFi auditors", "url": "https://www.defisafety.com/auditors", "description": "List of DeFi auditors maintained by DeFiSafety."}, {"name": "State of DeFi Audits", "url": "https://medium.com/conflux-network/the-overlooked-element-of-defi-adoption-e3b29829e3da", "description": "Article taking a look at the auditing space and its importance in onboarding users by properly securing new DeFi protocols."}, {"name": "Building Secure Contracts", "url": "https://github.com/crytic/building-secure-contracts/", "description": "Trail of Bits' guidelines and best practices on how to write secure smart contracts.", "stars": "1.2k"}, {"name": "Solidity Patterns", "url": "https://fravoll.github.io/solidity-patterns/", "description": "A compilation of patterns and best practices for the smart contract programming language Solidity."}, {"name": "Security Pattern for Ethereum and Solidity", "url": "https://docs.google.com/spreadsheets/d/1PF4QZudW6Z7EV4hqQfwPo3A43AVqPrsuzzzey5yRYcs/edit#gid=0", "description": "Google Sheets Checklists."}, {"name": "Solidity Best Practices for Smart Contract Security", "url": "https://consensys.net/blog/developers/solidity-best-practices-for-smart-contract-security/", "description": "Pro tips from Consensys to ensure your Ethereum smart contracts are fortified."}, {"name": "CERtified", "url": "https://cer.live/", "description": "Top 100 exchanges by Cybersecurity rating."}, {"name": "Smart Contract Security Registry", "url": "https://github.com/ethereum-lists/contracts", "description": "An effort to identify deployed contracts instances given their chain and address, by listing the project they belong to.", "stars": "82"}, {"name": "Forta", "url": "https://docs.forta.network/", "description": "Community-based runtime security network for smart contracts."}, {"name": "People to follow on Twitter", "url": "https://twitter.com/i/lists/1453086258436128770", "description": "Twitter list to an overview of the web3 ecosystem and security people."}, {"name": "Videos to watch on YouTube", "url": "https://www.youtube.com/playlist?list=PLox242_JhiuEe64LzW1M8XpiQ2-N5bZsX", "description": "YouTube playlist of web3 security videos."}], "notes": []}, {"name": "Evm Security \u2014 See Also", "entries": [{"name": "Awesome BlockSec CTF", "url": "https://github.com/0xjeffsec/awesome-blocksec-ctf", "description": "Blockchain security Capture the Flag (CTF) competitions.", "stars": "7"}, {"name": "Awesome Buggy ERC20 Tokens", "url": "https://github.com/sec-bit/awesome-buggy-erc20-tokens", "description": "Vulnerabilities in ERC20 Smart Contracts With Tokens Affected.", "stars": "494"}, {"name": "Awesome Cryptoeconomics", "url": "https://github.com/jpantunes/awesome-cryptoeconomics", "description": "Cryptoeconomic research and learning materials.", "stars": "1.5k"}, {"name": "Awesome Zero-Knowledge Proofs (ZKP)", "url": "https://github.com/matter-labs/awesome-zero-knowledge-proofs", "description": "A curated list of awesome things related to learning Zero-Knowledge Proofs (ZKP).", "stars": "3k"}, {"name": "Officer CIA's Ultimate DeFi Research Base", "url": "https://github.com/OffcierCia/ultimate-defi-research-base", "description": "Curated DeFI & Blockchain research papers and tools.", "stars": "929"}, {"name": "Awesome MEV resources", "url": "https://github.com/0xalpharush/awesome-MEV-resources", "description": "", "stars": "696"}], "notes": []}], "total_entries": 78}, {"name": "Gdpr", "subcategories": [{"name": "Gdpr", "entries": [{"name": "Legal text", "url": "#legal-text", "description": ""}, {"name": "Guidelines", "url": "#Guidelines", "description": ""}, {"name": "Rights of the data subject (art. 12 - 23)", "url": "#rights-of-the-data-subject-art-12---23", "description": ""}, {"name": "Privacy by Design - Guides for developers (art. 25)", "url": "#privacy-by-design---guides-for-developers-art-25", "description": ""}, {"name": "Records of Processing (art. 30)", "url": "#records-of-processing-art-30", "description": ""}, {"name": "Security (art. 32)", "url": "#security-art-32", "description": ""}, {"name": "Incident management (art. 33 and 34)", "url": "#incident-management-art-33-and-34", "description": ""}, {"name": "Data Protection Impact Assessments (DPIA, art. 35)", "url": "#data-protection-impact-assessments-dpia-art-35", "description": ""}, {"name": "Tools", "url": "#tools", "description": ""}, {"name": "Data Protection Authorities", "url": "#data-protection-authorities-art-51--59", "description": ""}, {"name": "Organisations / Projects", "url": "#organisations--projects", "description": ""}, {"name": "Publications", "url": "#Publications", "description": ""}, {"name": "Solutions providers", "url": "#Solutions-providers", "description": ""}, {"name": "Related", "url": "#Related", "description": ""}, {"name": "GDPR (2016/679)", "url": "https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679\\&from=EN", "description": "Official version of GDPR."}, {"name": "GDPR-info", "url": "https://gdpr-info.eu/", "description": "GDPR linked to relevant articles and section in the preamble (Non-official site)."}, {"name": "GDPR-expert", "url": "https://www.gdpr-expert.com/home.html?mid=5", "description": "Compare the Regulation, Directive and National legislation. Linked to relevant section in preamble (Non-official site)."}, {"name": "GDPRhub -> GDPR Articles", "url": "https://gdprhub.eu/index.php?title=Category:GDPR_Articles", "description": "GDPR articles included commentary."}, {"name": "Guidelines", "url": "https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en", "description": ""}, {"name": "ICO: Guide to GDPR", "url": "https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/", "description": ""}, {"name": "Handbook on European data protection law", "url": "https://publications.europa.eu/en/publication-detail/-/publication/5b0cfa83-63f3-11e8-ab9c-01aa75ed71a1", "description": "Handbook issued by EU."}, {"name": "Factsheets", "url": "https://edps.europa.eu/data-protection/our-work/our-work-by-type/factsheets_en", "description": "Factsheets from EU Data Protection Supervisor."}, {"name": "Open source privacy notice template (Juro)", "url": "https://github.com/juro-privacy/free-privacy-notice", "description": "", "stars": "179"}, {"name": "CNIL - GDPR Developer Guide", "url": "https://github.com/LINCnil/GDPR-Developer-Guide", "description": "", "stars": "353"}, {"name": "Norwegian DPA - Software development with Data Protection by Design and by Default", "url": "https://www.datatilsynet.no/en/about-privacy/virksomhetenes-plikter/data-protection-by-design-and-by-default/", "description": ""}, {"name": "Data Pseudonymisation: Advanced Techniques and Use Cases", "url": "https://www.enisa.europa.eu/publications/data-pseudonymisation-advanced-techniques-and-use-cases/", "description": "Report on pseudonymisation techniques from ENISA."}, {"name": "Anonymisation, pseudonymisation and privacy enhancing technologies guidance - ICO", "url": "https://ico.org.uk/about-the-ico/ico-and-stakeholder-consultations/ico-call-for-views-anonymisation-pseudonymisation-and-privacy-enhancing-technologies-guidance/", "description": ""}, {"name": "dstack", "url": "https://github.com/Dstack-TEE/dstack", "description": "Open-source confidential computing framework enabling privacy by design through hardware-enforced isolation for GDPR-compliant data processing.", "stars": "458"}, {"name": "Iubenda - Register of data processing activities", "url": "https://www.iubenda.com/en/internal-privacy-management", "description": ""}, {"name": "OWASP Top 10", "url": "https://owasp.org/www-project-top-ten/", "description": "Top 10 Web Application Security Risks."}, {"name": "OWASP Cheat Sheet Series", "url": "https://cheatsheetseries.owasp.org/", "description": "Concise collection of high value information on specific application security topics."}, {"name": "Anonymisation, pseudonymisation and privacy enhancing technologies guidance", "url": "https://ico.org.uk/about-the-ico/ico-and-stakeholder-consultations/ico-call-for-views-anonymisation-pseudonymisation-and-privacy-enhancing-technologies-guidance/", "description": ""}, {"name": "ENISA: Recommendations for a methodology of the assessment of severity of personal data breaches", "url": "https://www.enisa.europa.eu/publications/dbn-severity", "description": ""}, {"name": "Google, SRE: Managing Incidents", "url": "https://landing.google.com/sre/sre-book/chapters/managing-incidents/", "description": ""}, {"name": "Troy Hunt: Data breach disclosure 101", "url": "https://www.troyhunt.com/data-breach-disclosure-101-how-to-succeed-after-youve-failed/", "description": ""}, {"name": "Awesome Incident Response", "url": "https://github.com/meirwah/awesome-incident-response", "description": "", "stars": "8.9k"}, {"name": "GDPR Enforcement Tracker", "url": "http://www.enforcementtracker.com/", "description": "Overview of fines and penalties."}, {"name": "Open-source DPIA software from the French DPA", "url": "https://www.cnil.fr/en/open-source-pia-software-helps-carry-out-data-protection-impact-assesment", "description": ""}, {"name": "Guidelines on Data Protection Impact Assessment (WP29)", "url": "https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=611236", "description": ""}, {"name": "ISO-standard: Guidelines for privacy impact assessment", "url": "https://www.iso.org/standard/86012.html", "description": ""}, {"name": "DPIA template from ICO", "url": "https://iapp.org/resources/article/sample-dpia-template/", "description": ""}, {"name": "Public DPIA Teams OneDrive SharePoint and Azure AD", "url": "https://www.rijksoverheid.nl/documenten/publicaties/2022/02/21/public-dpia-teams-onedrive-sharepoint-and-azure-ad", "description": "DPIA of Microsoft Teams in combination with OneDrive, SharePoint Online and the Azure Active Directory."}, {"name": "Website Evidence Collector (WEC)", "url": "https://www.edps.europa.eu/edps-inspection-software_en", "description": "EDPS Inspection Software."}, {"name": "Data protection around the world", "url": "https://www.cnil.fr/en/data-protection-around-the-world", "description": "(CNIL) Map of the level of data protection in each country."}, {"name": "Data Protection Laws of the world", "url": "https://www.dlapiperdataprotection.com/", "description": "(DLA Piper) Compare data protection laws around the world."}, {"name": "European Data Protection Board", "url": "https://edpb.europa.eu/", "description": "EDPB."}, {"name": "European Data Protection Supervisor", "url": "https://edps.europa.eu/", "description": "EDPS."}, {"name": "European Union Agency for Network and Information Security (ENISA)", "url": "https://www.enisa.europa.eu/topics/data-protection", "description": "ENISA."}, {"name": "List of Data Protection Authorities", "url": "https://pdpecho.com/the-list/", "description": ""}, {"name": "Electronic Frontier Foundation", "url": "https://www.eff.org/", "description": "Nonprofit defending digital privacy, free speech, and innovation."}, {"name": "International Association of Privacy Professionals", "url": "https://iapp.org/", "description": "A resource for privacy professionals."}, {"name": "Privacy International", "url": "https://www.privacyinternational.org", "description": "Charity that challenges the governments and companies that want to know everything about individuals, groups, and whole societies."}, {"name": "NOYB", "url": "https://noyb.eu/", "description": "Organisation that brings important issues to the attention of DPAs, enforces the law in civil court or directly engages with companies."}, {"name": "GDPR.eu", "url": "https://gdpr.eu/", "description": "Resource for organisations and individuals researching the GDPR (Not official website)."}, {"name": "CyLab Usable Privacy and Security Laboratory", "url": "https://cups.cs.cmu.edu/", "description": "Research related to understand and improving the usability of privacy and security."}, {"name": "EPIC", "url": "https://epic.org/", "description": "Electronic Privacy Information Center."}, {"name": "Future of Privacy Forum", "url": "https://fpf.org/", "description": "Catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies."}, {"name": "W3C Privacy Interest Group", "url": "https://www.w3.org/Privacy/", "description": "Leading the web to its full potential."}, {"name": "CISPE Code of Conduct", "url": "https://www.codeofconduct.cloud/", "description": "Pan-European sector-specific code for cloud infrastructure service providers under Article 40."}, {"name": "GDPR Today", "url": "https://www.gdprtoday.org/", "description": "Privacy news from the Open Rights Group."}, {"name": "Spread Privacy", "url": "https://spreadprivacy.com/", "description": "DuckDuckGo Blog."}, {"name": "Freedom To Tinker", "url": "https://freedom-to-tinker.com/", "description": "Blog from Princeton's CITP, a research center that studies digital technologies in public life."}, {"name": "pdpEcho", "url": "https://pdpecho.com/", "description": "All about personal data protection and privacy, by Gabriela Zanfir-Fortuna."}, {"name": "GDPRhub", "url": "https://gdprhub.eu/", "description": "Free and open wiki that allows anyone to find and share GDPR insights across Europe."}, {"name": "Privacy Respecting", "url": "https://github.com/nikitavoloboev/privacy-respecting", "description": "", "stars": "2k"}, {"name": "Awesome: Security", "url": "https://github.com/sindresorhus/awesome#security", "description": "", "stars": "446k"}, {"name": "Awesome: Humane Tech", "url": "https://github.com/humanetech-community/awesome-humane-tech#readme", "description": "", "stars": "3.1k"}, {"name": "Awesome: Privacy", "url": "https://github.com/pluja/awesome-privacy#readme", "description": "List of free, open source and privacy respecting services and alternatives to privative services.", "stars": "18k"}, {"name": "Developers Guide to HIPAA Compliance", "url": "https://github.com/truevault/hipaa-compliance-developers-guide", "description": "", "stars": "1.7k"}, {"name": "Analytics without cookies", "url": "https://www.gocookieless.com/", "description": ""}, {"name": "European web analytics services", "url": "https://european-alternatives.eu/category/web-analytics-services", "description": ""}, {"name": "EU Alternatives", "url": "https://dasprive.be/eu-alternatives/", "description": ""}], "notes": []}], "total_entries": 72}, {"name": "Lockpicking", "subcategories": [{"name": "Lockpicking", "entries": [{"name": "Books", "url": "#books", "description": ""}, {"name": "Contests, conferences, and events", "url": "#contests-conferences-and-events", "description": ""}, {"name": "Hobby projects", "url": "#hobby-projects", "description": ""}, {"name": "How-to lockpicking guides", "url": "#how-to-lockpicking-guides", "description": ""}, {"name": "Locksport associations and organizations", "url": "#locksport-associations-and-organizations", "description": ""}, {"name": "Novel lock attack techniques and research", "url": "#novel-lock-attack-techniques-and-research", "description": ""}, {"name": "Online communities", "url": "#online-communities", "description": ""}, {"name": "Online resources", "url": "#online-resources", "description": ""}, {"name": "Vendors", "url": "#vendors", "description": ""}, {"name": "Eddie the Wire books", "url": "https://www.dropbox.com/sh/k3z4dm4vyyojp3o/AAAIXQuwMmNuCch_StLPUYm-a?dl=0", "description": ""}, {"name": "Expedient B and E: Tactics and Techniques for Bypassing Alarms and Defeating Locks - Carl Hammer", "url": "https://www.amazon.com/Expedient-Tactics-Techniques-Bypassing-Defeating/dp/0873646886/", "description": ""}, {"name": "Keys to the Kingdom by Deviant Ollam, 2012", "url": "https://www.elsevier.com/books/keys-to-the-kingdom/ollam/978-1-59749-983-5", "description": ""}, {"name": "Lock Picking: Detail Overkill by Solomon", "url": "https://www.dropbox.com/s/y39ix9u9qpqffct/Lockpicking%20Detail%20Overkill.pdf?dl=0", "description": ""}, {"name": "Locks, Safes and Security: An International Police Reference", "url": "https://www.goodreads.com/en/book/show/525753.Locks_Safes_and_Security", "description": "Information on locks, safes and security by Marc Weber Tobias."}, {"name": "Practical Lock Picking by Deviant Ollam, 2012", "url": "https://www.elsevier.com/books/practical-lock-picking/ollam/978-1-59749-989-7", "description": ""}, {"name": "Practical Lock Picking: A Physical Penetration Tester's Training Guide", "url": "https://web.archive.org/web/20200309084722/http://www.rageuniversity.org/PRISONESCAPE/PRISON%20LOCKS%20AND%20KEYS/Practical.Lock.Picking.pdf", "description": "Detailed instructions and exercises designed for professional physical security specialists, consultants, and red teams."}, {"name": "The Use of Locks in Physical Crime Prevention - James M Edgar and William D Mclnerey", "url": "https://www.scribd.com/book/282594402/The-Use-of-Locks-in-Physical-Crime-Prevention-National-Crime-Prevention-Institute", "description": ""}, {"name": "Chaos Communications Congress (CCC)", "url": "https://www.ccc.de/", "description": "CCC hosts the German Lockpicking Championships."}, {"name": "DEF CON", "url": "https://defcon.org/", "description": "Annual infosec industry conference which is popular with many lockpickers featuring a locksport contest."}, {"name": "Hackers On Planet Earth (HOPE)", "url": "https://hope.net/", "description": "Annual conference often featuring a locksport competition and presentations on physical security."}, {"name": "OzSecCon", "url": "https://ozseccon.com/", "description": "Open community event focusing on physical security in Australia, which hosts a lockpicking and handcuff evasion competition."}, {"name": "LockCon", "url": "https://toool.nl/LockCon", "description": "Annual, invitation-only international conference about locks for members of respected locksport organizations."}, {"name": "3D Printed Lock Picks", "url": "http://blog.shop.23b.org/2014/11/3d-printed-lock-picks.html", "description": "Print lock picks made of plastic materials that, while weak, will survive at least several uses. ([Find more digital models](https://www.yeggi.com/q/lockpick/).)"}, {"name": "DIY Lock Pick Set from a Windshield Wiper", "url": "http://www.itstactical.com/skillcom/lock-picking/how-to-make-a-diy-lock-pick-set-from-a-windshield-wiper/", "description": "Illustrated guide to building a custom lock pick and tension wrench from windshield wipers."}, {"name": "How to Make a Set of Lockpicks! (using street sweeper bristles)", "url": "https://www.instructables.com/id/How-to-Make-a-set-of-Lockpicks/", "description": "Instructions for using discarded street sweeper bristles as material for dual-sided turning tools and picks."}, {"name": "Making Tension Wrenches/Turning Tools From Old Windshield Wiper Blades", "url": "https://www.instructables.com/id/Making-Tension-WrenchesTurning-Tools-From-Old-Wind/", "description": "Instructions for turning old windshield wipers into any of a variety of lock pick types and turning tool styles."}, {"name": "Under Door Tool Kit Instructions", "url": "https://web.archive.org/web/20170719053154/http://enterthecore.net/files/CORE_Instructions-Under_Door.pdf", "description": "Short guide to constructing an under-door (\"lever opening\"/\"Mule\") tool using material available at a typical hardware store."}, {"name": "Lock Dice", "url": "http://schuylertowne.com/blog/lockpicking-with-dice", "description": "In this dice-based locksport game, as a budding lock maker you have set out to test your designs against your peers."}, {"name": "Art of Lockpicking", "url": "https://art-of-lockpicking.com/", "description": "Educational website with animations detailing the process of picking locks."}, {"name": "Beginner's Guide to Security Pins", "url": "https://web.archive.org/web/20171210065243/http://www.ninjacache.com:80/secpins_intro", "description": "Short article guiding beginners comfortable with picking padlocks towards an understanding of more complex locks."}, {"name": "BosnianBill's Lock Picking for Beginners", "url": "https://www.youtube.com/playlist?list=PLTSWkYxuSlkXiSBwk3Hvbvx71sg-MH61s", "description": "YouTube playlist of selected instructional videos sorted in order from first principles to techniques for specific locks."}, {"name": "CIA Lock Picking Field Operative Training Manual", "url": "https://archive.org/details/CIA_Lock_Picking_Field_Operative_Training_Manual", "description": "Guidebook covering terminology, tool use, and techniques for picking the vast majority of pin and wafer tumbler locks."}, {"name": "Deviant Ollam's Lockpicking Video Presentations and Advisories", "url": "http://deviating.net/lockpicking/videos.html", "description": "Collection of physec talks and locksport advice for all skill levels from a world-reknowned expert."}, {"name": "Easy Pickings - Mini Lockpicking Manual", "url": "http://index-of.es/Lockpicking/Easy%20Pickings%20-%20Mini%20Lockpicking%20Manual.pdf", "description": "Widely-distributed beginner's manual with diagrams showcasing how to pick various entry-level locks."}, {"name": "MIT Lock Picking Guide", "url": "https://webunraveling.com/public/mit-lock-picking-guide/index.php", "description": "Famous introductory text by Ted the Tool."}, {"name": "Lock Picking: Detail Overkill", "url": "https://web.archive.org/web/20170730120626/http://ninjacache.com/data/uploads/lockpicking-detail-overkill.pdf", "description": "Exceptionally thorough guide \"for those who want more than just the basics.\""}, {"name": "LockLab's Lock Picking Course", "url": "https://locklab.com/locklab-university/lock-picking-course-2/", "description": "Complete start-to-finish course from basic tensioning to speciality lock techniques."}, {"name": "Locksport International Guide to Lock Picking", "url": "https://web.archive.org/web/20070222144748/http://locksport.com:80/LSIGuide/lsiguide.pdf", "description": "Locksport primer in the style of a comic book, with photographs and speech bubbles."}, {"name": "Fraternal Order of Lock Sport (FOOLS)", "url": "http://www.bloomingtonfools.org/", "description": "Lock picking club established to serve Bloomington, Indiana and surrounding areas."}, {"name": "The Open Organization Of Lockpickers (TOOOL)", "url": "https://toool.org/", "description": "Worldwide association of lockpickers with national, regional, and local chapters."}, {"name": "Locksport International", "url": "http://locksport.com", "description": "International association of lockpickers who offer help starting new locksport clubs and groups."}, {"name": "Sportsfreunde der Sperrtechnik - Deutschland e.V.", "url": "https://blog.ssdev.org/", "description": "German lock picking sports club who hosts the german lock picking masters and offers workshops on how to pick locks."}, {"name": "SpiKey", "url": "https://www.comp.nus.edu.sg/\\~junhan/papers/SpiKey_HotMobile20_CamReady.pdf", "description": "Acoustic-based physical key inference."}, {"name": "Keypicking.com", "url": "https://keypicking.com/", "description": "Bustling online forum for the discussion of lockpicking and locksport."}, {"name": "Lockpicking101.com", "url": "https://www.lockpicking101.com/", "description": "One of the longest-running online communities \"dedicated to the fun and ethical hobby of lock picking.\""}, {"name": "LockWiki", "url": "http://lockwiki.com/", "description": "Community-driven reference for both beginners and professionals in the security industry."}, {"name": "/r/lockpicking Subreddit", "url": "https://www.reddit.com/r/lockpicking/", "description": "Subreddit dedicated to the sport of lockpicking."}, {"name": "Dark Sim 905's Lockpicking pages", "url": "https://web.archive.org/web/20191127182007/https://darksim905.com/lockpicking.php", "description": "Personal website of a knowledgable hobbyist discussing a variety of picking and bypass tools."}, {"name": "Lockpicking Forensics", "url": "http://www.lockpickingforensics.com/", "description": "Website \"dedicated to the science and study of forensic locksmithing.\""}, {"name": "Raking Techniques", "url": "https://elvencraft.com/lpd/Raking%20Techniques.html", "description": "Raking techniques illustrated with awesome animations."}, {"name": "Schuyler Towne channel", "url": "https://www.youtube.com/user/SchuylerTowne/", "description": "Lockpicking videos and security talks."}, {"name": "The Amazing King's Lockpicking pages", "url": "http://theamazingking.com/lockpicking.php", "description": "Hobbyist's website with detailed pages about locks, tools, and picking techniques."}, {"name": "Learn Lockpicking", "url": "https://learnlockpicking.com/", "description": "Retailer of speciality practice locks, lock stands, and more."}, {"name": "Lock Pick Canada", "url": "https://www.lockpickcanada.com/", "description": "Canadian retailer carrying a wide range of manufacturers, including [Souber dimple lock picks](https://www.lockpickcanada.com/category_s/4.htm), a manufacturer that only sells to other businesses."}, {"name": "Lockpick Extreme", "url": "https://lockpickextreme.com/", "description": "Retailer notable for their [lockpicking accessories](https://lockpickextreme.com/product-category/accessories/) featuring earrings and other jewelry that also function as sturdy tools."}, {"name": "Peterson Locksmith Tools / Peterson Manufacturing, Inc.", "url": "https://www.thinkpeterson.com/", "description": "Manufacturer of precision lock picking tools and accessories; their top-of-keyway turning tools are famous but overpriced (you can make your own)."}, {"name": "Safe Ventures, Inc.", "url": "http://safeventures.com/", "description": "Retailer for safe-opening tools who also offer paid training courses."}, {"name": "Security Snobs", "url": "https://securitysnobs.com/", "description": "Retailer of numerous high-security, collector, and cutaway locks who also maintain some informational pages about locksmithing."}, {"name": "Southern Ordinance / Exit 10, Inc.", "url": "https://www.southord.com/", "description": "SouthOrd\u00ae is a manufacturer of lock picks and professional locksmith tools; individual replacement picks as low as $1.50 USD."}, {"name": "Southern Specialities", "url": "http://www.lockpicktools.com/", "description": "Retailer of numerous lockpicking sets, pick guns, and more."}, {"name": "Sparrows Lock Picks", "url": "https://www.sparrowslockpicks.com/", "description": "Manufacturer of specialty and quality lock pick tools; their [King Pin](http://www.sparrowslockpicks.com/product_p/t1.htm) pinning tweezer is particularly useful."}, {"name": "Spooxe", "url": "http://spooxe.com/", "description": "German retailer of lock picking tools, tool cases and locks."}], "notes": []}], "total_entries": 62}, {"name": "Malware Persistence", "subcategories": [{"name": "Malware Persistence", "entries": [{"name": "Techniques", "url": "#techniques", "description": ""}, {"name": "Persistence Removal", "url": "#persistence-removal", "description": ""}, {"name": "Detection Testing", "url": "#detection-testing", "description": ""}, {"name": "Prevention", "url": "#prevention", "description": ""}, {"name": "Collection", "url": "#collection", "description": ""}], "notes": []}, {"name": "Malware Persistence \u2014 Generic", "entries": [{"name": "MITRE ATT\\&CK tactic \"TA0003 - Persistence\"", "url": "https://attack.mitre.org/tactics/TA0003/", "description": "Persistence tactic information in the MITRE ATT\\&CK framework."}, {"name": "Forensic Artifact repository", "url": "https://github.com/ForensicArtifacts/artifacts", "description": "A free, community-sourced, machine-readable knowledge base of digital forensic artifacts.", "stars": "1.2k"}, {"name": "Sigma rules", "url": "https://github.com/Neo23x0/sigma/tree/master/rules", "description": "Repository of detection rules, covering persistence techniques as well. You can even use filters such as `--filter tag=attack.persistence` or specifically for one technique `tag=attack.t1084`.", "stars": "10k"}], "notes": []}, {"name": "Malware Persistence \u2014 Linux", "entries": [{"name": "Linux Malware Persistence with Cron", "url": "https://www.sandflysecurity.com/blog/linux-malware-persistence-with-cron/", "description": "Blog post about Linux persistence using cron jobs."}, {"name": "Linux Persistence Techniques", "url": "https://research.splunk.com/stories/linux_persistence_techniques/", "description": "List of persistence techniques."}, {"name": "Linux Red Team Persistence Techniques", "url": "https://www.linode.com/docs/guides/linux-red-team-persistence-techniques/", "description": "List of persistence techniques."}, {"name": "PANIX - Persistence Against \\*NIX - Features", "url": "https://github.com/Aegrah/PANIX?tab=readme-ov-file#features", "description": "List of persistence techniques.", "stars": "856"}, {"name": "Linux Detection Engineering -  A primer on persistence mechanisms", "url": "https://www.elastic.co/security-labs/primer-on-persistence-mechanisms", "description": "List of Linux persistence mechanisms."}, {"name": "ebpfkit", "url": "https://github.com/Gui774ume/ebpfkit", "description": "Rootkit leveraging eBPF.", "stars": "838"}, {"name": "TripleCross", "url": "https://github.com/h3xduck/TripleCross", "description": "Rootkit leveraging eBPF.", "stars": "2k"}, {"name": "Linux LKM Persistence", "url": "https://righteousit.com/2024/11/18/linux-lkm-persistence/", "description": "Rootkit leveraging Linux loadable kernel module (LKM)."}], "notes": []}, {"name": "Malware Persistence \u2014 macOS", "entries": [{"name": "theevilbit's series \"Beyond the good ol' LaunchAgents\"", "url": "https://theevilbit.github.io/tags/beyond/", "description": "List of macOS persistence beyond just the LaunchDaemons or LaunchAgents."}, {"name": "KnockKnock", "url": "https://github.com/objective-see/KnockKnock/blob/main/Plugins", "description": "A persistence detection tool for macOS to scan for persistence mechanisms on macOS. Specific persistence locations are found in the [plugins (\u2b50698)](https://github.com/objective-see/KnockKnock/tree/main/Plugins) folder, e.g. [LaunchItems (\u2b50698)](https://github.com/objective-see/KnockKnock/blob/main/Plugins/LaunchItems.m#L21) or [StartupScripts (\u2b50698)](https://github.com/objective-see/KnockKnock/blob/main/Plugins/StartupScripts.m#L22).", "stars": "698"}, {"name": "PoisonApple", "url": "https://github.com/CyborgSecurity/PoisonApple/blob/master/poisonapple/techniques.py", "description": "Learn about various macOS persistence techniques by looking at the source code of PoisonApple.", "stars": "229"}, {"name": "How malware persists on macOS", "url": "https://www.sentinelone.com/blog/how-malware-persists-on-macos/", "description": "List of macOS persistence mechanisms."}], "notes": []}, {"name": "Malware Persistence \u2014 Windows", "entries": [{"name": "Hexacorn's blog", "url": "http://www.hexacorn.com/blog/category/autostart-persistence/", "description": "Blog series \"Beyond good ol' Run key\" covering a lot of Windows persistence mechanisms."}, {"name": "Autoruns", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns", "description": "You can learn which Windows persistence mechanisms are checked by looking at the output of Autoruns on your own client. Categories and the different locations where things were found are seen in the output. A disassembly of Autoruns lists a subset of the entries which are scanned."}, {"name": "PowerShell implementation of Autoruns", "url": "https://github.com/p0w3rsh3ll/AutoRuns/blob/master/AutoRuns.psm1", "description": "Another way to find Windows persistence locations is to look at the source code of the PowerShell version of Autoruns. Bonus: A history of the covered persistence locations for each Autoruns version is found at the end of the module file too, which is so awesome!", "stars": "292"}, {"name": "Common malware persistence mechanisms", "url": "https://resources.infosecinstitute.com/common-malware-persistence-mechanisms/", "description": "Different persistence mechanisms for different vectors are described."}, {"name": "Malware persistence techniques", "url": "https://www.andreafortuna.org/2017/07/06/malware-persistence-techniques/", "description": "Good summary of multiple persistence mechanisms, ranging from multiple registry keys to more advanced one, like COM hijacking."}, {"name": "Detecting & Removing an Attacker's WMI Persistence", "url": "https://medium.com/threatpunter/detecting-removing-wmi-persistence-60ccbb7dff96", "description": "Blog post about detecting and removing WMI persistence."}, {"name": "Windows Persistence using WinLogon", "url": "https://www.hackingarticles.in/windows-persistence-using-winlogon/", "description": "Blog post about abusing WinLogon."}, {"name": "Untangling Kovter's persistence methods", "url": "https://blog.malwarebytes.com/threat-analysis/2016/07/untangling-kovter/", "description": "Blog post about Kovter's persistens methos, among others, hiding in registry. Another one is [Threat Spotlight: Kovter Malware Fileless Persistence Mechanism](https://threatvector.cylance.com/en_us/home/threat-spotlight-kovter-malware-fileless-persistence-mechanism.html)."}, {"name": "Persistence using GlobalFlags in Image File Execution Options \u2013 Hidden from Autoruns.exe", "url": "https://oddvar.moe/2018/04/10/persistence-using-globalflags-in-image-file-execution-options-hidden-from-autoruns-exe/", "description": "Blog post about abusing GlobalFlag for process execution."}, {"name": "Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response", "url": "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-a-mykings-variant-with-bootloader-persistence-via-managed-detection-and-response/", "description": "Blog post about bootloader persistence."}, {"name": "Hunting for persistence via Microsoft Exchange Server or Outlook", "url": "https://speakerdeck.com/heirhabarov/hunting-for-persistence-via-microsoft-exchange-server-or-outlook", "description": "Blog post about Microsoft Exchange server persistence."}], "notes": []}, {"name": "Malware Persistence \u2014 Cloud", "entries": [{"name": "Shadow Linking: The Persistence Vector of SaaS Identity Threat", "url": "https://www.obsidiansecurity.com/blog/shadow-linking-the-persistence-vector-of-saas-identity-threat/", "description": "Abuse of additional identity providers to persist in an environment."}, {"name": "Persisting on Entra ID applications and User Managed Identities with Federated Credentials", "url": "https://dirkjanm.io/persisting-with-federated-credentials-entra-apps-managed-identities/", "description": "Persist on Entra ID applications and User Managed Identities with Federated Credentials."}, {"name": "AWSDoor: Persistence on AWS", "url": "https://github.com/OtterHacker/AWSDoor", "description": "Access persistence tool for AWS. The [corresponding article](https://www.riskinsight-wavestone.com/en/2025/09/awsdoor-persistence-on-aws/) describes the techniques adversaries can use to hide themselves within a cloud environment and its AWSDoor implementation to simplify and automate the deployment of persistence techniques in AWS environments.", "stars": "31"}], "notes": []}, {"name": "Malware Persistence \u2014 Firmware", "entries": [{"name": "MoonBounce: the dark side of UEFI firmware", "url": "https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468", "description": "An in-depth write up about one particular UEFI bootkit."}], "notes": []}, {"name": "Malware Persistence \u2014 Databases", "entries": [{"name": "Database Triggers as Persistence Mechanisms", "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-attack-vector-database-triggers-as-persistence-mechanisms/", "description": "An in-depth write up about database triggers providing persistence."}], "notes": []}, {"name": "Malware Persistence \u2014 Generic", "entries": [{"name": "Awesome Incident Response", "url": "https://github.com/meirwah/awesome-incident-response", "description": "Use the tools and resources for security incident response, aimed to help security analysts and DFIR teams.", "stars": "8.9k"}], "notes": []}, {"name": "Malware Persistence \u2014 Windows", "entries": [{"name": "PowerSponse", "url": "https://github.com/swisscom/PowerSponse", "description": "A incident response tool covering various commands for cleanup of persistence mechanisms as well.", "stars": "40"}, {"name": "Removing Backdoors \u2013 Powershell Empire Edition", "url": "https://www.n00py.io/2017/01/removing-backdoors-powershell-empire-edition/", "description": "Various blog posts handle the removal of WMI implants."}, {"name": "RegDelNull", "url": "https://docs.microsoft.com/en-us/sysinternals/downloads/regdelnull", "description": "Removal of registry keys with null bytes - used e.g. in run keys for evasion."}], "notes": []}, {"name": "Malware Persistence \u2014 Generic", "entries": [{"name": "Atomic Red Team", "url": "https://github.com/redcanaryco/atomic-red-team", "description": "A red team attack techniques framework supporting also the MITRE ATT\\&CK persistence techniques, see e.g. [T1044 \"File System Permissions Weakness\" (\u2b5012k)](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1044/T1044.yaml).", "stars": "12k"}], "notes": []}, {"name": "Malware Persistence \u2014 Linux", "entries": [{"name": "PANIX", "url": "https://github.com/Aegrah/PANIX", "description": "A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL.", "stars": "856"}, {"name": "Diamorphine", "url": "https://github.com/m0nad/Diamorphine", "description": "A loadable kernel module (LKM) rootkit for Linux Kernels (x86/x86\\_64 and ARM64).", "stars": "2.3k"}], "notes": []}, {"name": "Malware Persistence \u2014 macOS", "entries": [{"name": "PoisonApple", "url": "https://github.com/CyborgSecurity/PoisonApple", "description": "Perform various persistence techniques on macOS.", "stars": "229"}], "notes": []}, {"name": "Malware Persistence \u2014 Windows", "entries": [{"name": "hasherezade persistence demos", "url": "https://github.com/hasherezade/persistence_demos", "description": "Various (also non standard) persistence methods used by malware for testing own detection, among others COM hijacking demo is found in the repo.", "stars": "224"}], "notes": []}, {"name": "Malware Persistence \u2014 macOS", "entries": [{"name": "BlockBlock", "url": "https://github.com/objective-see/BlockBlock", "description": "A tool which provides continual protection by monitoring persistence locations and protects them accordingly. Similar to KnockKnock but for blocking.", "stars": "769"}], "notes": []}, {"name": "Malware Persistence \u2014 Generic", "entries": [{"name": "Awesome Forensics", "url": "https://github.com/Cugu/awesome-forensics", "description": "Use the tools from this list which includes awesome free (mostly open source) forensic analysis tools and resources. They help collecting the persistence mechanisms at scale, e.g. by using remote forensics tools.", "stars": "5k"}, {"name": "osquery", "url": "https://osquery.readthedocs.io", "description": "Query persistence mechanisms on clients."}, {"name": "OSSEC", "url": "https://github.com/ossec/ossec-hids", "description": "Use rules and logs from the HIDS to detection configuration changes.", "stars": "5k"}], "notes": []}, {"name": "Malware Persistence \u2014 Linux", "entries": [{"name": "Linux Security and Monitoring Scripts", "url": "https://github.com/sqall01/LSMS", "description": "Security and monitoring scripts you can use to monitor your Linux installation for security-related events or for an investigation. Among other finding systemd unit files used for malware persistence.", "stars": "329"}], "notes": []}, {"name": "Malware Persistence \u2014 macOS", "entries": [{"name": "KnockKnock", "url": "https://www.objective-see.com/products/knockknock.html", "description": "A tool to uncover persistently installed software in order to generically reveal such malware. See [GitHub repository too for the source code (\u2b50698)](https://github.com/objective-see/KnockKnock)."}, {"name": "Dylib Hijack Scanner or DHS", "url": "https://www.objective-see.com/products/dhs.html", "description": "A simple utility that will scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked. See [GitHub repository too for the source code (\u2b50116)](https://github.com/objective-see/DylibHijackScanner)."}], "notes": []}, {"name": "Malware Persistence \u2014 Windows", "entries": [{"name": "Autoruns", "url": "http://technet.microsoft.com/en-us/sysinternals/bb963902", "description": "A powerful persistence collection tool on Windows is Autoruns. It collects different categories and persistence information from a live system and [in"}, {"name": "AutorunsToWinEventLog.ps1", "url": "https://github.com/palantir/windows-event-forwarding/blob/master/AutorunsToWinEventLog/AutorunsToWinEventLog.ps1", "description": "Instead of using CSV output and copy these file to the server, you can use the AutorunsToWinEventLog script to convert the Autoruns output to Windows event logs and rely on standard Windows event log forwarding.", "stars": "1.3k"}, {"name": "PowerShell Autoruns", "url": "https://github.com/p0w3rsh3ll/AutoRuns", "description": "A PowerShell version of Autoruns.", "stars": "292"}, {"name": "PersistenceSniper", "url": "https://github.com/last-byte/PersistenceSniper", "description": "Powershell module to hunt for persistence implanted in Windows machines.", "stars": "2.1k"}, {"name": "RegRipper", "url": "https://github.com/keydet89/RegRipper2.8", "description": "Extracts various persistence mechanisms from the registry files directly."}, {"name": "RECmd", "url": "https://github.com/EricZimmerman/RECmd", "description": "Extract various persistence mechanisms, e.g. by using the config file [UserClassesASEPs (\u2b50167)](https://github.com/EricZimmerman/RECmd/blob/master/BatchExamples/UserClassesASEPs.reb) to extract user's CLSID information.", "stars": "167"}, {"name": "KAPE", "url": "https://www.kroll.com/en/insights/publications/cyber/kroll-artifact-parser-extractor-kape", "description": "The tool allows collecting various predefined artifactgs using targets and modules, see [KapeFiles (\u2b50827)](https://github.com/EricZimmerman/KapeFiles) which include persistence mechanisms, among others there's a collection of [LNK files (\u2b50827)](https://github.com/EricZimmerman/KapeFiles/blob/master/Targets/Windows/LNKFilesAndJumpLists.tkape), [scheduled task files (\u2b50827)](https://github.com/EricZimmerman/KapeFiles/blob/master/Targets/Windows/ScheduledTasks.tkape) and [scheduled task listing (\u2b50827)](https://github.com/EricZimmerman/KapeFiles/blob/master/Modules/LiveResponse/schtasks.mkape) or a [WMI repository auditing (\u2b50827)](https://github.com/EricZimmerman/KapeFiles/blob/master/Modules/LiveResponse/WMI-Repository-Auditing.mkape) module."}, {"name": "PyrsistenceSniper", "url": "https://github.com/Hexastrike/PyrsistenceSniper", "description": "A Python-based offline Windows persistence detection tool. Point it at a KAPE dump, a Velociraptor collection, or a mounted disk image and get offline Windows persistence detection. Runs on Windows, Linux, and macOS.", "stars": "78"}], "notes": []}], "total_entries": 60}, {"name": "Hacking Locations", "subcategories": [{"name": "Hacking Locations \u2014 Index", "entries": [{"name": "Awesome Hacking Spots", "url": "#awesome-hacking-spots-", "description": ""}, {"name": "Austria \ud83c\udde6\ud83c\uddf9", "url": "#austria-", "description": ""}, {"name": "Belgium \ud83c\udde7\ud83c\uddea", "url": "#belgium-", "description": ""}, {"name": "Brazil \ud83c\udde7\ud83c\uddf7", "url": "#brazil-", "description": ""}, {"name": "Bulgaria \ud83c\udde7\ud83c\uddec", "url": "#bulgaria-", "description": ""}, {"name": "Cameroon \ud83c\udde8\ud83c\uddf2", "url": "#cameroon-", "description": ""}, {"name": "Canada \ud83c\udde8\ud83c\udde6", "url": "#canada-", "description": ""}, {"name": "Denmark \ud83c\udde9\ud83c\uddf0", "url": "#denmark-", "description": ""}, {"name": "Estonia \ud83c\uddea\ud83c\uddea", "url": "#estonia-", "description": ""}, {"name": "France \ud83c\uddeb\ud83c\uddf7", "url": "#france-", "description": ""}, {"name": "Germany \ud83c\udde9\ud83c\uddea", "url": "#germany-", "description": ""}, {"name": "Hong Kong \ud83c\udded\ud83c\uddf0", "url": "#hong-kong-", "description": ""}, {"name": "India \ud83c\uddee\ud83c\uddf3", "url": "#india-", "description": ""}, {"name": "Italy \ud83c\uddee\ud83c\uddf9", "url": "#italy-", "description": ""}, {"name": "Japan \ud83c\uddef\ud83c\uddf5", "url": "#japan-", "description": ""}, {"name": "Lithuania \ud83c\uddf1\ud83c\uddf9", "url": "#lithuania-", "description": ""}, {"name": "Netherlands \ud83c\uddf3\ud83c\uddf1", "url": "#netherlands-", "description": ""}, {"name": "Norway \ud83c\uddf3\ud83c\uddf4", "url": "#norway-", "description": ""}, {"name": "Poland \ud83c\uddf5\ud83c\uddf1", "url": "#poland-", "description": ""}, {"name": "Portugal \ud83c\uddf5\ud83c\uddf9", "url": "#portugal-", "description": ""}, {"name": "Singapore \ud83c\uddf8\ud83c\uddec", "url": "#singapore-", "description": ""}, {"name": "Slovenia \ud83c\uddf8\ud83c\uddee", "url": "#slovenia-", "description": ""}, {"name": "South Korea \ud83c\uddf0\ud83c\uddf7", "url": "#south-korea-", "description": ""}, {"name": "Spain \ud83c\uddea\ud83c\uddf8", "url": "#spain-", "description": ""}, {"name": "Sweden \ud83c\uddf8\ud83c\uddea", "url": "#sweden-", "description": ""}, {"name": "Switzerland \ud83c\udde8\ud83c\udded", "url": "#switzerland-", "description": ""}, {"name": "Turkey \ud83c\uddf9\ud83c\uddf7", "url": "#turkey-", "description": ""}, {"name": "United Kingdom \ud83c\uddec\ud83c\udde7", "url": "#united-kingdom-", "description": ""}, {"name": "United States \ud83c\uddfa\ud83c\uddf8", "url": "#united-states-", "description": ""}], "notes": []}, {"name": "Hacking Locations \u2014 London", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Edinburgh", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Tucson, AZ <a id=\"tucson-az\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Los Angeles, CA <a id=\"los-angeles-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 San Diego, CA <a id=\"san-diego-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Mountain View, CA <a id=\"mountain-view-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Oakland, CA <a id=\"oakland-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Palo Alto, CA <a id=\"palo-alto-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 San Francisco, CA <a id=\"san-francisco-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 San Jose, CA", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Santa Monica, CA <a id=\"santa-monica-ca\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Chicago, IL <a id=\"chicago-il\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Baltimore, MD <a id=\"baltimore-md\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Boston, MA <a id=\"boston-ma\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Cambridge, MA <a id=\"cambridge-ma\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Somerville, MA <a id=\"somerville-ma\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Minneapolis, MN <a id=\"minneapolis-mn-\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Columbia, South Carolina <a id=\"columbia-sc-\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Austin, TX", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 New York, NY <a id=\"new-york-ny\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Richmond, VA <a id=\"richmond-va\"></a>", "entries": [], "notes": []}, {"name": "Hacking Locations \u2014 Bellevue, WA <a id=\"bellevue-wa\"></a>", "entries": [], "notes": []}], "total_entries": 29}, {"name": "Honeypots", "subcategories": [{"name": "Honeypots", "entries": [{"name": "Awesome Honeypots", "url": "#awesome-honeypots-", "description": ""}, {"name": "Contents", "url": "#contents", "description": ""}, {"name": "awesome-pcaptools", "url": "https://github.com/caesar0301/awesome-pcaptools", "description": "Useful in network traffic analysis.", "stars": "3.2k"}, {"name": "awesome-malware-analysis", "url": "https://github.com/rshipp/awesome-malware-analysis", "description": "Some overlap here for artifact analysis.", "stars": "12k"}, {"name": "T-Pot: A Multi-Honeypot Platform", "url": "https://dtag-dev-sec.github.io/mediator/feature/2015/03/17/concept.html", "description": ""}, {"name": "Honeypot (Dionaea and kippo) setup script", "url": "https://github.com/andrewmichaelsmith/honeypot-setup-script/", "description": "", "stars": "84"}], "notes": []}], "total_entries": 6}], "list_count": 24, "total_entries": 6242, "subcategory_count": 24}