A collection of awesome lists for hackers, pentesters & security researchers.
Your contributions are always welcome !
| Repository | Description |
|---|---|
| Android Security | Collection of Android security related resources |
| AppSec | Resources for learning about application security |
| Asset Discovery | List of resources which help during asset discovery phase of a security assessment engagement |
| Bug Bounty | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters |
| Celluar Hacking | This is a list of hacking research in the 3G/4G/5G cellular security space. |
| CI/CD Attacks | Offensive research of CI/CD systems and deployment processes |
| CTF | List of CTF frameworks, libraries, resources and softwares |
| Cyber Security University | Free educational resources that focus on learning cybersecurity by doing |
| Cyber Skills | Curated list of hacking environments where you can train your cyber skills legally and safely |
| Cybersources | A collection of all types of tools and resources for cybersecurity |
| Detection Engineering | Resources for designing, building, and operating detective cybersecurity controls |
| DevSecOps | List of awesome DevSecOps tools with the help from community experiments and contributions |
| Embedded and IoT Security | A curated list of awesome resources about embedded and IoT security |
| Fuzzing | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis |
| Hacking | List of awesome Hacking tutorials, tools and resources |
| Honeypots | List of honeypot resources |
| Incident Response | List of tools for incident response |
| Industrial Control System Security | List of resources related to Industrial Control System (ICS) security |
| InfoSec | List of awesome infosec courses and training resources |
| IoT and Hardware Security | Collection of tools, books, resources and software about IoT and hardware security |
| Mainframe Hacking | List of Awesome Mainframe Hacking/Pentesting Resources |
| Malware Analysis | List of awesome malware analysis tools and resources |
| Malware Persistence | Techniques adversaries use to maintain system access across restarts |
| Node.js Security | Curated list of tools, security incidents and other resources around Node.js security |
| OSINT | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources |
| OSX and iOS Security | OSX and iOS related security tools |
| Password Cracking | Tools and resources for recovering passwords |
| Pcaptools | Collection of tools developed by researchers in the Computer Science area to process network traces |
| Pentest | List of awesome penetration testing resources, tools and other shiny things |
| PHP Security | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities |
| Prompt Injection | Prompt injection vulnerabilities targeting AI and LLM systems |
| Real-time Communications hacking & pentesting resources | Covers VoIP, WebRTC and VoLTE security related topics |
| Red Teaming Toolkit | Cutting-edge open-source security tools (OST) for red teamers and threat hunters |
| Reinforcement Learning for Cyber Security | List of awesome reinforcement learning for security resources |
| Reversing | Collection of resources to learn Reverse Engineering from start |
| Sec Talks | List of awesome security talks |
| SecLists | Collection of multiple types of lists used during security assessments |
| Security | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security |
| Social Engineering | List of awesome social engineering resources |
| Static Analysis | List of static analysis tools, linters and code quality checkers for various programming languages |
| The Art of Hacking Series | List of resources includes thousands of cybersecurity-related references and resources |
| Threat Intelligence | List of Awesome Threat Intelligence resources |
| Vehicle Security | List of resources for learning about vehicle security and car hacking |
| Web Hacking | List of web application security |
| Web3 Security | A curated list of web3 Security materials and resources For Pentesters and Bug Hunters. |
| YARA | List of awesome YARA rules, tools, and people |
| Repository | Description |
|---|---|
| AI Security | Curated list of AI security resources |
| Annual Security Reports | Cybersecurity trends, insights, and challenges from annual reports |
| API Security Checklist | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
| APT Notes | Various public documents, whitepapers and articles about APT campaigns |
| Bug Bounty Reference | List of bug bounty write-up that is categorized by the bug nature |
| Capsulecorp Pentest | Vagrant+Ansible virtual network penetration testing lab. Companion to "The Art of Network Penetration Testing" by Royce Davis |
| Cryptography | Cryptography resources and tools |
| CVE PoC | List of CVE Proof of Concepts (PoCs) updated daily by Trickest |
| CyberChef | A simple, intuitive web app for analysing and decoding data without having to deal with complex tools or programming languages. |
| Detection Lab | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices |
| Executable Packing | Resources about executable packing and unpacking |
| Forensics | List of awesome forensic analysis tools and resources |
| Free Programming Books | Free programming books for developers |
| GTFOBins | A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions |
| Hacker101 | A free class for web security by HackerOne |
| Infosec Getting Started | A collection of resources, documentation, links, etc to help people learn about Infosec |
| Infosec Reference | Information Security Reference That Doesn't Suck |
| IOC | Collection of sources of indicators of compromise |
| Linux Kernel Exploitation | A bunch of links related to Linux kernel fuzzing and exploitation |
| Machine Learning for Cyber Security | Curated list of tools and resources related to the use of machine learning for cyber security |
| Payloads | Collection of web attack payloads |
| PayloadsAllTheThings | List of useful payloads and bypass for Web Application Security and Pentest/CTF |
| Pentest Wiki | A free online security knowledge library for pentesters / researchers |
| Probable Wordlists | Wordlists sorted by probability originally created for password generation and testing |
| Red Team Physical Tools | Curated list of tools for physical security, red teaming, and tactical covert entry |
| Reverse Engineering | List of Reverse Engineering articles, books, and papers |
| RFSec-ToolKit | Collection of Radio Frequency Communication Protocol Hacktools |
| Security Cheatsheets | OWASP Cheat Sheet Series for application security |
| Shell | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell |
| Suricata | Suricata IDS/IPS and network security monitoring resources |
| ThreatHunter-Playbook | A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns |
| Tor | Resources about the Tor network and anonymous communication |
| Vulhub | Pre-Built Vulnerable Environments Based on Docker-Compose |
| Web Security | Curated list of Web Security materials and resources |
Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.
- Twitter : @HackwithGithub
- Facebook : HackwithGithub
Please have a look at contributing.md