/stars

“The brightest stars burn the fastest, so we must love them while we can.”

Creative Commons Zero v1.0 UniversalCC0-1.0

Awesome Stars Awesome

A curated list of my GitHub stars! Generated by starred.

Contents

C

C#

C++

CMake

Go

  • dryark/stf_ios_support - Central repo to connect and document components/repos needed for IOS stf support
  • hack-different/ipsw - iOS/macOS Research Swiss Army Knife
  • codesenberg/bombardier - Fast cross-platform HTTP benchmarking tool written in Go
  • acouvreur/traefik-modsecurity-plugin - Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
  • containerd/containerd - An open and reliable container runtime
  • moby/swarmkit - A toolkit for orchestrating distributed systems at any scale. It includes primitives for node discovery, raft-based consensus, task scheduling and more.
  • moby/moby - The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
  • FleexSecurity/fleex - Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
  • gitleaks/gitleaks - Protect and discover secrets using Gitleaks 🔑
  • majd/ipatool - Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
  • cybozu-go/usocksd - SOCKS4/5 server library and command in Go
  • cybozu-go/transocks - Transparent SOCKS5 / HTTP proxy in Go
  • KingOfBugbounty/KingOfBugBountyTips - Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish t
  • globocom/huskyCI - Performing security tests inside your CI
  • jpillora/chisel - A fast TCP/UDP tunnel over HTTP
  • kgretzky/evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
  • michenriksen/aquatone - A Tool for Domain Flyovers

HCL

HTML

  • yogeshojha/rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon
  • subspacecloud/subspace - A simple WireGuard VPN server GUI

Java

JavaScript

Jinja

  • splunk/attack_range - A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Kotlin

MATLAB

Meson

Nim

OCaml

Objective-C

  • maycon/Pacman - A very buggy Pacman game written in C with OpenGL

Others

PHP

  • 10up/wp-scrubber - BETA: This plugin provides a command-line interface for scrubbing sensitive user and comment data from a WordPress installation.
  • projectsend/projectsend - ProjectSend is a free, open source software that lets you share files with your clients, focused on ease of use and privacy. It supports clients groups, system users roles, statistics, multiple langua
  • DiogoMRSilva/websitesVulnerableToSSTI - Simple websites vulnerable to Server Side Template Injections(SSTI)

Pascal

Perl

  • htrgouvea/zarn - A lightweight static security analysis tool for modern Perl Apps

PowerShell

Python

  • rtcatc/Packer-Fuzzer - Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
  • corkami/collisions - Hash collisions and exploitations
  • ccxt/ccxt - A JavaScript / TypeScript / Python / C# / PHP cryptocurrency trading API with support for more than 100 bitcoin/altcoin exchanges
  • JeffLIrion/adb_shell - A Python implementation of ADB with shell and FileSync functionality.
  • google/python-adb - Python ADB + Fastboot implementation
  • justfoxing/ghidra_bridge - Python 3 bridge to Ghidra's Python scripting
  • Pennyw0rth/NetExec - The Network Execution Tool
  • RhinoSecurityLabs/CVEs - A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
  • f0cker/crackq - CrackQ: A Python Hashcat cracking queue system
  • lk-geimfari/mimesis - Mimesis is a robust data generator for Python that can produce a wide range of fake data in multiple languages.
  • pallets/flask - The Python micro framework for building web applications.
  • sintezcs/flask-threads - A helper library to work with threads in Flask
  • google/android-emulator-container-scripts -
  • cosad3s/hfinder - Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE
  • kubernetes-client/python - Official Python client library for kubernetes
  • dpgaspar/Flask-AppBuilder - Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome
  • SK-CERT/Taranis-NG - Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains a user portal for simple self asset management. Taranis NG was
  • sensity-ai/dot - The Deepfake Offensive Toolkit
  • MandConsultingGroup/porch-pirate - Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collec
  • mushorg/conpot - ICS/SCADA honeypot
  • androguard/androguard - Reverse engineering and pentesting for Android applications
  • fyoorer/ShadowClone - Unleash the power of cloud
  • honoki/bbrf-client - The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  • Ciphey/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
  • crytic/slither - Static Analyzer for Solidity and Vyper
  • ansible-collections/community.docker - Community Docker Collection for Ansible: modules and plugins for working with Docker
  • ashutosh1206/Crypton - Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges f
  • maycon/fastapi-microservices - Fully Python async FastAPI project! 🚀
  • maycon/freqtrade - Free, open source crypto trading bot
  • dhondta/dronesploit - Drone pentesting framework console
  • racerxdl/h2hc-rfvillage - H2HC 2022 - Radio Frequency Village
  • nccgroup/ScoutSuite - Multi-Cloud Security Auditing Tool
  • knownsec/pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  • ansible/ansible - Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud
  • paurakhsharma/python-microservice-fastapi - Learn to build your own microservice using Python and FastAPI
  • christophetd/CloudFlair - 🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
  • bazad/ida_kernelcache - An IDA Toolkit for analyzing iOS kernelcaches.
  • 0x36/ghidra_kernelcache - a Ghidra framework for iOS kernelcache reverse engineering
  • meolu/walle-web - walle - 瓦力 Devops开源项目代码部署平台
  • nginx-proxy/nginx-proxy - Automated nginx proxy for Docker containers using docker-gen
  • Allen7D/mini-shop-server - 基于 Flask 框架开发的微信小程序后端项目,用于构建小程序商城后台 (电商相关;rbac权限管理;附带自动生成Swagger 风格的API 文档;可作「Python 项目毕设」)---- 相关博客链接:🌟
  • tonyseek/simple-rbac - A simple role based access control utility for Python.
  • Rikj000/MoniGoMani - Isn't that what we all want? Our money to go many? Well that's what this framework/strategy hopes to do for you! By giving you & HyperOpt a lot of signals to alter the weights from.
  • werkkrew/freqtrade-strategies - Trading Strategies for Freqtrade
  • froggleston/cryptofrog-strategies - Strategies for freqtrade
  • jaungiers/LSTM-Neural-Network-for-Time-Series-Prediction - LSTM built using Keras Python package to predict time series steps and sequences. Includes sin wave and stock market data
  • caioluders/DPWO - DPWO
  • freqtrade/freqtrade-strategies - Free trading strategies for Freqtrade bot
  • freqtrade/freqtrade - Free, open source crypto trading bot
  • angr/angr - A powerful and user-friendly binary analysis platform!
  • umermansoor/microservices - Example of Microservices written using Flask.
  • hummingbot/hummingbot - Open source software that helps you create and deploy high-frequency crypto trading bots
  • yasinkuyu/binance-trader - 💰 Cryptocurrency Trading Bot for Binance (Experimental)
  • sensepost/objection - 📱 objection - runtime mobile exploration
  • OWASP/owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls
  • nccgroup/keimpx - Check for valid credentials across a network over SMB
  • SECFORCE/Tunna - Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
  • m8sec/nullinux - Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
  • sensepost/reGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
  • ReFirmLabs/binwalk - Firmware Analysis Tool
  • lgandx/Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication
  • hugsy/gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Ruby

  • maycon/grinder - Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.
  • stephenfewer/grinder - Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.

Rust

Shell

  • qemus/qemu-docker - QEMU in a Docker container.
  • sknux/extractSplittedApps -
  • writeups/iOS - Here you can find write ups for iOS Vulnerabilities that have been released.
  • linuxserver/docker-baseimage-kasmvnc - Base Images for remote web based Linux desktops using KasmVNC for many popular distros.
  • MegaManSec/SSH-Snake - SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
  • six2dez/reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
  • bruzistico/zigwaf - The purpose of this tool is to try to validate if real IPs (predefined list) resolve to the site behind the WAF.
  • screetsec/Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
  • chesteroni/kitgen - Linux bootkit generator
  • trimstray/multitor - Create multiple TOR instances with a load-balancing.
  • pry0cc/axiom - The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
  • maycon/mikrotik-tools - Tools for Mikrotik devices
  • dockcross/dockcross - Cross compiling toolchains in Docker images
  • devttys0/sasquatch -

Solidity

Swift

TypeScript

  • nhn/tui.editor - 🍞📝 Markdown WYSIWYG Editor. GFM Standard + Chart & UML Extensible.
  • modagavr/pancake-wizard - 🐱🪄🥞 Bot for PancakeSwap Prediction – 26 technical indicators. Make smarter predictions with Pancake Wizard – trust math, not emotions!

VBA

License

CC0

To the extent possible under law, maycon has waived all copyright and related or neighboring rights to this work.