Skip to content

Cybersecurity oriented awesome list

License

Notifications You must be signed in to change notification settings

0xor0ne/awesome-list

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 

Repository files navigation

My Awesome List

My personal awesome list of interesting repos, libraries and tools.

See also the following lists dedicated to specifics sub-topics:

  • Cybersecurity: links to blog posts, writeups and papers dedicated to cybersecurity
  • Exploitation: resources dedicated to the world of binary exploitation
  • Linux Kernel: collection of resources dedicated to Linux kernel (internals)
  • Wireless: resources dedicated to wireless technologies and security

Content

Awesome Lists

  • Analysis Tools (dynamic): curated list of dynamic analysis tools for all programming languages.
  • Analysis Tools (static): curated list of static analysis (SAST) tools.
  • Bash: curated list of delightful Bash scripts and resources
  • Bash OneLiners: collection of handy Bash One-Liners.
  • Bash Handbook: for those who wanna learn Bash.
  • BSK: the book of secret knowledge.
  • C: A curated list of C good stuff.
  • C Preprocessor: C preprocessor stuff
  • ChatGPT prompts: ChatGPT prompt curation to use ChatGPT better.
  • eBPF: curated list of awesome projects related to eBPF.
  • Docker: curated list of Docker resources and projects.
  • ELF: awesome ELF resources by tmp.out.
  • Embedded: curated list of awesome embedded programming.
  • Embedded and IoT: curated list of awesome embedded and IoT security resources.
  • Embedded fuzzing: A list of resources (papers, books, talks, frameworks, tools) for understanding fuzzing for IoT/embedded devices.
  • Embedded Rust: list of resources for Embedded and Low-level development in the Rust programming language.
  • Executable Packing: curated list of awesome resources related to executable packing.
  • Firmware Security: curated list of platform firmware resources
  • FlipperZero: awesome resources for the Flipper Zero device.
  • Fuzzing: curated list of fuzzing resources.
  • Fuzzing paper collection: papers related to fuzzing, binary analysis, and exploit dev.
  • Golang: curated list of awesome Go frameworks, libraries and software.
  • Hacking: collection of awesome lists for hackers, pentesters & security researchers.
  • ICS Security: tools, tips, tricks, and more for exploring ICS Security.
  • IoT Security 101: curated list of IoT Security Resources.
  • IoT: list of great resources about IoT Framework, Library, OS, Platforms.
  • Linux-Bash-Commands: list of Linux bash commands, cheatsheets and resources.
  • Malware Analysis: malware analysis tools and resources.
  • Modern Unix: collection of modern/faster/saner alternatives to common unix commands.
  • NeoVim: collections of awesome neovim plugins.
  • Network stuff: resources about network security.
  • Prompt Engineering: hand-curated resources for Prompt Engineering.
  • Prompt Engineering Guides: guides, papers, lecture, notebooks and resources for prompt engineering.
  • Pure Bash: collection of pure bash alternatives to external processes.
  • Raspberry Pi: Raspberry Pi tools, projects, images and resources.
  • RAT: RAT And C&C Resources.
  • Reverse Engineering: reversing resources.
  • Reverse Engineering (alphaSeclab): Reverse Engineering Resources About All Platforms.
  • Reverse Engineering (onethawt): Reverse Engineering articles, books, and papers
  • Reverse Engineering (wtsxDev): reverse engineering resources
  • Rust: curated list of Rust code and resources.
  • rust security: list of awesome projects and resources related to Rust and computer security.
  • Search engines: list of search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more.
  • Secure a Linux server: evolving how-to guide for securing a Linux server.
  • Shell: command-line frameworks, toolkits, guides and gizmos.
  • System Design: learn how to design systems at scale.
  • Tech Interview: curated coding interview preparation materials.
  • The Art of Command Line: Master the command line.
  • tmux: awesome resources for tmux
  • Tunneling: ngrok alternatives and other ngrok-like tunneling software and services.
  • Vim: all things vim.
  • WAF: everything about web-application firewalls (WAF).
  • You-Dont-Need-GUI: list some common tasks that you might be tempted to do in GUI.

Blogs and Tutorials

Compilers and Toolchains

  • clang: C language family frontend for LLVM.
  • Cross-compilation toolchains (Bootlin): large number of ready-to-use cross-compilation toolchains, targetting the Linux operating system on a large number of architectures.
  • Dockcross: cross compiling toolchains in Docker images.
  • gcc: GNU Compiler Collection.

Databases

Debuggers

  • drgn: Programmable debugger
  • GDB: GNU Project Debugger.
    • gdb-dashboard: modular visual interface for GDB in Python.
    • gdb-frontend: easy, flexible and extensible gui debugger.
    • gdbgui: browser-based frontend to gdb.
    • GEF: plugin with set of commands to assis exploit developers and reverse-engineers.
    • pwndbg: Exploit Development and Reverse Engineering with GDB Made Easy.
  • lldb: next generation, high-performance debugger.
  • llef: plugin for LLDB to make it more useful for RE and VR.
  • rr: Record and Replay Framework.
    • rd: reimplementation in rust.
  • Scout: instruction based research debugger.
  • voltron: hacky debugger UI for hackers.

eBPF

  • BumbleBee: simplifies building eBPF tools and allows you to package, distribute, and run them anywhere.
  • Cilium ebpf: Pure-Go library to read, modify and load eBPF programs.
  • epbf.io: official website.
  • pulsar: runtime security framework for the IoT, powered by eBPF.
  • tetragon: eBPF-based Security Observability and Runtime Enforcement.

Embedded and IoT

  • Binwalk: firmware Analysis Tool.
  • Buildroot: simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
  • EMBA: firmware security analyzer.
    • Embark: firmware security scanning environment.
  • FACT: Firmware Analysis and Comparison Tool.
  • Firmwalker: Script for searching the extracted firmware file system for goodies.
  • Firmware mod kit: collection of scripts and utilities to extract and rebuild linux based firmware images.
  • Flashrom: utility for detecting, reading, writing, verifying and erasing flash chips.
  • Frankenstein: Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
  • FuzzWare: automated, self-configuring fuzzing of firmware images.
  • HardwareAllTheThings: list of useful payloads and bypasses for Hardware and IOT Security.
  • KataOS: embedded OS written most enrtirely in rust.
  • InternalBlue: bluetooth experimentation framework for Broadcom and Cypress chips.
  • LLP University: Low Level Programming University.
  • Low level: misc documentation about low level development.
  • NexMon: C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips.
  • nvram-faker: simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.
  • OFRAK: unpack, modify, and repack binaries.
  • OpenOCD: Open On-Chip Debugger.
  • OpenWRT: Linux operating system targeting embedded devices.
  • OS Kernel Lab: OS kernel labs based on Rust/C Lang & RISC-V 64/X86-32.
  • OWASP-FSTM: OWASP Firmware Security Testing Methodology.
  • unblob: curate, fast, and easy-to-use extraction suite.

Emulators and Dynamic Analysis

  • Avatar2: target orchestration framework with focus on dynamic analysis of embedded devices' firmware!
  • EMUX: Firmware Emulation Framework.
  • Firmadyne: platform for emulation and dynamic analysis of Linux-based firmware.
  • QEMU: open source machine emulator and virtualizer.
    • quickemu: create and run optimised Windows, macOS and Linux desktop.
  • Panda: platform for Architecture-Neutral Dynamic Analysis.
  • Qiling: Qiling Advanced Binary Emulation Framework.
  • Renode: virtual development framework for complex embedded systems.
  • Triton: dynamic binary analysis library.
  • Unicorn: CPU emulator framework.

Exploit Development

  • Exploit mitigations: knowledge base of exploit mitigations available across numerous operating systems.
  • how2heap: repository for learning various heap exploitation techniques.
  • kernel-exploit-factory: Linux kernel CVE exploit analysis report and relative debug environment.
  • libc-database: database of libc offsets to simplify exploitation.
  • Linux Kernel Exploit: links related to Linux kernel exploitation.
  • Linux Kernel Exploitation: collection of links related to Linux kernel security and exploitation.
  • one_gadget: tool for finding one gadget RCE in libc.so.6.
  • pwndocker: docker environment for pwn in ctf.
  • pwninit: automate starting binary exploit challenges.
  • pwntools: framework and exploit development library.
  • ronin-exploits: A Ruby micro-framework for writing and running exploits and payloads.
  • ROPGadget: search your gadgets on your binaries to facilitate your ROP exploitation.
  • ropr: fast multithreaded ROP Gadget finder.
  • Ropper: find gadgets to build rop chains for different architectures.
  • ZDI PoCs: the Zero Day Initiative Proofs-of-concept.

Fuzzing and Vulnerability Research

  • AFLplusplus: improved version of AFL.
  • afl-training: Exercises to learn how to fuzz with American Fuzzy Lop.
  • appsec (Testing Handbook): configuring, optimizing, and automating many of the static and dynamic analysis tools.
  • Arbitrary: Generating structured data from arbitrary, unstructured input.
  • BinAbsInspector: Vulnerability Scanner for Binaries.
  • boofuzz: fork and successor of the Sulley Fuzzing Framework.
  • cargo-fuzz: Command line helpers for fuzzing.
  • CodeQL: semantic code analysis engine.
  • cwe_ckecker: finds vulnerable patterns in binary executables.
  • difuze: fuzzer for Linux Kernel Drivers.
  • ferofuzz: structure-aware HTTP fuzzing library.
  • fuzz-introspector: introspect, extend and optimise fuzzers.
  • fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis.
  • fuzzing: Tutorials, examples, discussions, research proposals, and other resources related to fuzzing.
  • fuzzTest: testing framework for writing and executing fuzz tests (replaces libfuzzer).
  • fuzzing101: step by step fuzzing tutorial.
  • Fuzzing Book: tools and techniques for generating software tests.
  • FuzzingPaper: Recent Fuzzing Papers
  • halfempty: fast, parallel test case minimization tool.
  • Healer: kernel fuzzer inspired by Syzkaller.
  • Honggfuzz: evolutionary, feedback-driven fuzzing based on code coverage.
  • iCicle: grey-box firmware fuzzing
  • joern: Open-source code analysis platform.
  • krf: kernelspace syscall interceptor and randomized faulter.
  • lain: fuzzer framework built in Rust.
  • LibAFL: fuzzing library.
  • libfuzzer: in-process, coverage-guided, evolutionary fuzzing engine
  • libfuzzer (rust): Rust bindings and utilities for LLVM’s libFuzzer.
  • Nautilus: A grammar based feedback Fuzzer.
  • netzob: Protocol Reverse Engineering, Modeling and Fuzzing.
  • MATE: suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++.
  • onefuzz: self-hosted Fuzzing-As-A-Service platform.
  • oss-fuzz: continuous fuzzing for open source software.
  • papers collection: Academic papers related to fuzzing.
  • propfuzz: Rust toolkit to combine property-based testing and fuzzing.
  • Radamsa: general purpose fuzzer.
  • Rusty-Radamsa: Radamsa fuzzer ported to rust lang.
  • Safirefuzz: same-Architecture Firmware Rehosting and Fuzzing.
  • SemGrep: lightweight static analysis for many languages.
  • silifuzz: finds CPU defects by fuzzing software proxies.
  • Syzkaller: unsupervised coverage-guided kernel fuzzer.
    • Syzbot: continuously fuzzes main Linux kernel branches and automatically reports found bugs
    • SyzScope: automatically uncover high-risk impacts given a bug with only low-risk impacts.
  • weggli: fast and robust semantic search tool for C and C++ codebases.

Misc

  • Arti: implementation of Tor, in Rust.
  • bat: A cat(1) clone with wings.
  • broot: A new way to see and navigate directory trees
  • Caddy: fast, multi-platform web server with automatic HTTPS.
  • CoreUtils: Cross-platform Rust rewrite of the GNU coreutils.
  • delta: syntax-highlighting pager for git, diff, and grep output.
  • difftastic: structural diff that understands syntax.
  • e9patch: static binary rewriting tool.
  • esphome.io: control your ESP8266/ESP32.
  • f4pga: fully open source toolchain for the development of FPGAs of multiple vendors.
  • fccid: information resource for all wireless device applications filed with the FCC.
  • fd: A simple, fast and user-friendly alternative to 'find'
  • FlipperZero: portable multi-tool for pentesters and geeks in a toy-like body.
  • fx: Terminal JSON viewer & processor
  • fzf: command-line fuzzy finder.
  • Googl Home: smart home ecosystem.
  • httpie (cli): modern, user-friendly command-line HTTP client for the API era.
  • jless: command-line JSON viewer designed for reading, exploring, and searching through JSON data.
  • klgrth: pastebin alternative.
  • jnv: interactive JSON filter using jq
  • jq: Command-line JSON processor
  • lazygit: simple terminal UI for git commands.
  • lsd: next gen ls command.
  • makefiletutorial: makefile tutorial
  • miller: like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON.
  • miniserve: serve some files over HTTP right now.
  • OpenSK: open-source implementation for security keys written in Rust.
  • partialzip: download single files from inside online zip archives.
  • Pastebin: store any text online for easy sharing.
  • patents: patents db from Google.
  • Polypyus: locate functions in raw binaries by extracting known functions from similar binaries.
  • procs: modern replacement for ps written in Rust.
  • pspy: monitor linux processes without root permissions.
  • ranger: VIM-inspired filemanager for the console
  • ripgrep: line-oriented search tool.
  • sd: Intuitive find & replace CLI.
  • sniffglue: Secure multithreaded packet sniffer (in rust).
  • sniffle: sniffer for Bluetooth 5 and 4.x LE.
  • temp.sh: alternative to transfer.sh.
  • transfer.sh: easy file sharing from the command line.
  • uhr: Universal Radio Hacker.
  • wabt: WebAssembly Binary Toolkit.
  • yazi: terminal file manager written in Rus
  • ZeroBin: open source online pastebin where the server has zero knowledge of pasted data.

Networking

  • Illustrated Connections:
  • Misc:
    • innernet: private network system that uses WireGuard under the hood.
    • nebula: scalable overlay networking tool.
    • netbird: connect your devices into a single secure private WireGuard®-based mesh network.
    • netmaker: makes networks with WireGuard.
    • tailscale: zero config VPN.
    • scapy: Python-based interactive packet manipulation program & library.
    • zeek: network analysis framework.
    • zerotier: secure networks between devices.
  • Network Scanners:
    • masscan: TCP port scanner, spews SYN packets asynchronously.
    • nmap: utility for network scanning and discovery and security auditing
    • RustScan: quick port scanner implemented in rust.
    • skanuvaty: fast DNS/network/port scanner.
    • ZGrab2: fast, modular application-layer network scanner.
    • ZMap: fast single packet network scanner.

Programming Languages

Reverse Engineering

  • Angr: user-friendly binary analysis platform.
  • BAP: binary analysis platform.
  • binary-parsing: list of generic tools for parsing binary data.
  • bincat: Binary code static analyser.
  • BinDiff: compare executables by identifying identical and similar functions.
  • BinExport: export disassemblies into Protocol Buffers.
  • CAPA: tool to identify capabilities in executable files.
    • lancelot-flirt: library for parsing, compiling, and matching Fast Library Identification and Recognition Technology (FLIRT) signatures.
  • Capstone Engine: disassembly/disassembler framework.
  • cpu_rec: recognize cpu instructions in an arbitrary binary file.
  • CyberChef: web app for encryption, encoding, compression and data analysis.
  • decomp2dbg: plugin to introduce interactive symbols into your debugger from your decompiler.
  • Diffing (quarkslab): resources on binary diffing which is handy for reverse-engineering.
  • Diffware: configurable tool providing a summary of the changes between two files or directories
  • DogBolt: decompiler explorer.
  • ELFKickers: collection of programs that access and manipulate ELF files.
  • ESP32-reversing: curated list of ESP32 related reversing resources
  • esp32knife: Tools for ESP32 firmware dissection.
  • flare-emu: easy to use and flexible interface for scripting emulation tasks.
  • FLOSS: FLARE Obfuscated String Solver.
  • fq: jq for binary formats.
  • Ghidra: software reverse engineering (SRE) framework.
    • AngryGhidra: use angr in Ghidra.
    • APIs
    • BinDiffHelper: Ghidra Extension to integrate BinDiff for function matching.
    • BTIGhidra: Binary Type Inference Ghidra Plugin.
    • Cartographer: Code Coverage Exploration Plugin for Ghidra.
    • docker-ghidra: Ghidra Client/Server Docker Image.
    • ghidra-findcrypt: Ghidra analysis plugin to locate cryptographic constants.
    • ghidra-firmware-utils: Ghidra utilities for firmware reverse engineering.
    • ghidra_kernelcache: framework for iOS kernelcache reverse engineering.
    • ghidra2dwarf: Export ghidra decompiled code to dwarf sections inside ELF binary.
    • Ghidralligator: multi-architecture pcode emulator based on the Ghidra libsla.
    • Ghidrathon: Python 3 scripting to Ghidra.
    • GhidraEmu: Native Pcode emulator
    • GhidraScripts: Scripts to run within Ghidra, maintained by the Trellix ARC team.
    • GhidraSnippets: Python snippets for Ghidra's Program and Decompiler APIs.
    • ghidrecomp: Python Command-Line Ghidra Decompiler.
    • ghidriff: Python Command-Line Ghidra Binary Diffing Engine.
    • IDAObjcTypes: collection of types & functions definitions useful for Objective-C binaries analysis.
    • pyhidra: Ghidra API within a native CPython interpreter using jpype.
    • pypcode: Python bindings to Ghidra's SLEIGH library for disassembly and lifting to P-Code IR
    • refinery: transformations of binary data
    • Sekiryu: comprehensive toolkit for Ghidra headless.
    • SVD-Loader-Ghidra: SVD loader for Ghidra.
      • cmsis-svd: Aggegration of ARM Cortex-M (and other) CMSIS SVDs and related tools
      • keil (devices): Keil devices SVDs
  • hexyl: command-line hex viewer
  • ImHex: Hex Editor for Reverse Engineers.
  • kaiju: binary analysis framework extension for Ghidra.
  • Kaitai Struct: declarative language to generate binary data parsers.
  • Keystone Engine: assembler framework.
  • Linux syscalls: Linux kernel syscall tables
  • mgika: detect file content types with deep learning.
  • McSema: Framework for lifting program binaries to LLVM bitcode.
  • Metasm: a free assembler / disassembler / compiler.
  • Miasm: reverse engineering framework in Python.
  • Objection: runtime mobile exploration.
  • Radare2: UNIX-like reverse engineering framework and command-line toolset.
  • REMnux: Linux toolkit for reverse-engineering.
  • RetDec: retargetable machine-code decompiler based on LLVM.
  • ret-sync: synchronize a debugging session with disassemblers.
  • Yara: pattern matching swiss knife for malware researchers.
  • z3: high-performance theorem prover being developed at Microsoft

RTOS

  • FreeRTOS: open source, real-time operating system for microcontrollers.
  • MangooseOS: IoT operating system and networking library.
  • MyNewt: OS to build, deploy and securely manage billions of device
  • NuttX: mature, real-time embedded operating system (RTOS)
  • RIOT: Operating System for the Internet of Things
  • ThreadX: advanced real-time operating system (RTOS) designed specifically for deeply embedded applications.
  • Tock: secure embedded operating system for microcontrollers.
  • Zephyr: mall, scalable, real-time operating system (RTOS).
    • Docs: zephyt project documentation.

Sandboxing

  • Code Sandboxing: code execution isolation and containment with sandbox solutions.
  • gvisor: application Kernel for Containers.
  • Firecracker: secure and fast microVMs for serverless computing.
  • KAta containers: standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
  • nano: kernel designed to run one and only one application in a virtualized environment.
  • ops: build and run nanos unikernels.
  • RustyHermit: rust-based, lightweight unikernel.
  • sandboxed-api: generates sandboxes for C/C++ libraries automatically.
  • Unikraft: automated system for building specialized OSes known as unikernels.

Tools

  • curl: command line tool and library for transferring data with URL syntax.
  • patchelf: small utility to modify the dynamic linker and RPATH of ELF executables.
  • tcpdump: command-line packet analyzer.
  • wireshark: network protocol analyzer.
    • tshark: CLI tool for analyzing network traffic.
    • tshark.dev: guide to working with packet captures on the command-line.

Tracing, Hooking and Instrumentation

  • bcc: rools for BPF-based Linux IO analysis, networking, monitoring, and more.
  • bpftrace: high-level tracing language for Linux eBPF.
  • cannoli: high-performance QEMU memory and instruction tracing.
  • DynamoRIO: runtime code manipulation system.
  • Falco: cloud native runtime security tool.
  • Frida: instrumentation toolkit for developers, reverse-engineers, and security researchers.
    • frida-gum: Cross-platform instrumentation and introspection library written in C.
    • frida-snippets: Hand-crafted Frida examples
    • frida-tools: Frida CLI tools
    • medusa: Binary instrumentation framework based on FRIDA
    • r2frida: plugin for radare2
  • LIEF: library to Instrument Executable Formats.
  • ltrace: intercepts and records both the dynamic library calls and signals.
  • QDBI: a Dynamic Binary Instrumentation framework based on LLVM.
  • Reverie: ergonomic and safe syscall interception framework for Linux (Rust).
  • S2E: platform for multi-path program analysis with selective symbolic execution.
  • strace: diagnostic, debugging and instructional userspace utility for Linux.
  • TinyInst: lightweight dynamic instrumentation library.
  • Tracee: Linux Runtime Security and Forensics using eBPF.

Trusted Execution Environment

  • OP-TEE: Open Portable Trusted Execution Environment.
    • TrustedFirmware: reference implementation of secure software for Armv8-A, Armv9-A and Armv8-M.
    • Docs: official OP-TEE documentation.
  • TEE-reversing: A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices.

Other Lists