-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
fbctf
Discontinued Platform to host Capture the Flag competitions [Moved to: https://github.com/facebookarchive/fbctf] (by facebook)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
hack-the-arch
Welcome to HackTheArch! A free open source scoring server for cyber Capture the Flag competitions!
-
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
-
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
-
padding-oracle-attacker
🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
-
RsaCtfTool
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
-
JohnTheRipper
Discontinued John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs [Moved to: https://github.com/openwall/john]
-
qira
Discontinued QEMU Interactive Runtime Analyser [Moved to: https://github.com/geohot/qira] (by BinaryAnalysisPlatform)
-
ROPgadget
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, and RISC-V Compressed architectures.
-
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
-
nipe
Discontinued An engine to make Tor network your default gateway [Moved to: https://github.com/htrgouvea/nipe] (by GouveaHeitor)
-
apk2gold
CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
-
binwalk
Discontinued Firmware Analysis Tool [Moved to: https://github.com/ReFirmLabs/binwalk] (by devttys0)
-
demovfuscator
Discontinued A work-in-progress deobfuscator for movfuscated binaries [Moved to: https://github.com/leetonidas/demovfuscator]
-
gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
-
plasma
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
-
radare2
Discontinued UNIX-like reverse engineering framework and command-line toolset [Moved to: https://github.com/radareorg/radare2] (by radare)
-
Triton
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. (by JonathanSalwan)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Metasploit - Penetration testing software.
Dnscat2 - Hosts communication through DNS.
CTFd - Platform to host Jeopardy-style CTFs from ISISLab, NYU Tandon.
Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys. apt-get install aircrack-ng
FBCTF - Platform to host Capture the Flag competitions from Facebook.
ApkTool - Android Decompiler.
Haaukins- A Highly Accessible and Automated Virtualization Platform for Security Education.
Hashcat - Password Cracker
HackTheArch - CTF scoring platform.
CyberChef - Web app for analyzing and decoding data.
Mellivora - A CTF engine written in PHP.
NightShade - A simple security CTF framework.
OpenCTF - CTF in a box. Minimal setup required.
PicoCTF - The platform used to run picoCTF. A great framework to host any CTF.
PyChallFactory - Small framework to create/manage/package jeopardy CTF challenges.
RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager).
Scorebot - Platform for CTFs by Legitbs (Defcon).
SecGen - Security Scenario Generator. Creates randomly vulnerable virtual machines.
Uglify
Bettercap - Framework to perform MITM (Man in the Middle) attacks.
Yersinia - Attack various protocols on layer 2.
FeatherDuster - An automated, modular cryptanalysis tool.
Hash Extender - A utility tool for performing hash length extension attacks.
padding-oracle-attacker - A CLI tool to execute padding oracle attacks.
RSACTFTool - A tool for recovering RSA private keys with various attacks.
RSATool - Generate private key with knowledge of p and q.
XORTool - A tool to analyze multi-byte xor cipher.
John The Jumbo - Community enhanced version of John the Ripper.
Nozzlr - Nozzlr is a brute-force framework, truly modular and script-friendly.
Patator - Patator is a multi-purpose brute-forcer, with a modular design.
DLLInjector - Inject DLLs in processes.
libformatstr - Simplify format string exploitation.
one_gadget - A tool to find the one gadget execve('/bin/sh', NULL, NULL) call.
Pwntools - CTF Framework for writing exploits.
Qira - QEMU Interactive Runtime Analyser.
ROP Gadget - Framework for ROP exploitation.
V0lt - Security CTF Toolkit.
Creddump - Dump windows credentials.
DVCS Ripper - Rips web-accessible (distributed) version control systems.
Fibratus - Tool for exploration and tracing of the Windows kernel.
Shellbags - Investigate NT_USER.dat files.
USBRip - Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux.
Volatility - To investigate memory dumps.
Masscan - Mass IP port scanner, TCP port scanner.
Nipe - Nipe is a script to make Tor Network your default gateway.
Androguard - Reverse engineer Android applications.
Apk2Gold - Yet another Android decompiler.
Barf - Binary Analysis and Reverse engineering Framework.
BinWalk - Analyze, reverse engineer, and extracting firmware images.
Boomerang - Decompile x86 binaries to C.
ctf_import – run basic functions from stripped binaries cross-platform.
cwe_checker - cwe_checker finds vulnerable patterns in binary executables.
demovfuscator - A work-in-progress deobfuscator for movfuscated binaries.
GEF - GDB plugin.
Jadx - Decompile Android files.
Krakatau - Java decompiler and disassembler.
Objection - Runtime Mobile Exploration.
PEDA - GDB plugin (only python2.7).
PINCE - GDB front-end/reverse engineering tool, focused on game-hacking and automation.
PinCTF - A tool that uses intel pin for Side-Channel Analysis.
Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
radare2 - A portable reversing framework.
Triton - Dynamic Binary Analysis (DBA) framework.
Uncompyle - Decompile Python 2.7 binaries (.pyc).
Z3 - A theorem prover from Microsoft Research.
RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disassembler.
SmartDeblur - Used to deblur and fix defocused images.
StegCracker - Steganography brute-force utility to uncover hidden data inside files.
stegextract - Detect hidden files and text in images.
Zsteg - PNG/BMP analysis.