My personal awesome list of interesting repos, libraries and tools.
See also the following lists dedicated to specifics sub-topics:
- Cybersecurity: links to blog posts, writeups and papers dedicated to cybersecurity
- Exploitation: resources dedicatd to the world of binary exploitation
- Linux Kernel: collection of resources dedicated to Linux kernel (internals)
- Analysis Tools (dynamic): curated list of dynamic analysis tools for all programming languages.
- Analysis Tools (static): curated list of static analysis (SAST) tools.
- Bash: curated list of delightful Bash scripts and resources
- Bash OneLiners: collection of handy Bash One-Liners.
- Bash Handbook: for those who wanna learn Bash.
- BSK: the book of secret knowledge.
- C: A curated list of C good stuff.
- ChatGPT prompts: ChatGPT prompt curation to use ChatGPT better.
- eBPF: curated list of awesome projects related to eBPF.
- Docker: curated list of Docker resources and projects.
- ELF: awesome ELF resources by tmp.out.
- Embedded: curated list of awesome embedded programming.
- Embedded and IoT: curated list of awesome embedded and IoT security resources.
- Embedded fuzzing: A list of resources (papers, books, talks, frameworks, tools) for understanding fuzzing for IoT/embedded devices.
- Embedded Rust: list of resources for Embedded and Low-level development in the Rust programming language.
- Executable Packing: curated list of awesome resources related to executable packing.
- Firmware Security: curated list of platform firmware resources
- FlipperZero: awesome resources for the Flipper Zero device.
- Fuzzing: curated list of fuzzing resources.
- Fuzzing paper collection: papers related to fuzzing, binary analysis, and exploit dev.
- Hacking: collection of awesome lists for hackers, pentesters & security researchers.
- ICS Security: tools, tips, tricks, and more for exploring ICS Security.
- IoT Security 101: curated list of IoT Security Resources.
- IoT: list of great resources about IoT Framework, Library, OS, Platforms.
- Golang: curated list of awesome Go frameworks, libraries and software.
- Malware Analysis: malware analysis tools and resources.
- Modern Unix: collection of modern/faster/saner alternatives to common unix commands.
- NeoVim: collections of awesome neovim plugins.
- Network stuff: resources about network security.
- Prompt Engineering: hand-curated resources for Prompt Engineering.
- Prompt Engineering Guides: guides, papers, lecture, notebooks and resources for prompt engineering.
- Pure Bash: collection of pure bash alternatives to external processes.
- Raspberry Pi: Raspberry Pi tools, projects, images and resources.
- RAT: RAT And C&C Resources.
- Reverse Engineering: reversing resources.
- Rust: curated list of Rust code and resources.
- rust security: list of awesome projects and resources related to Rust and computer security.
- Search engines: list of search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more.
- Secure a Linux server: evolving how-to guide for securing a Linux server.
- Shell: command-line frameworks, toolkits, guides and gizmos.
- System Design: learn how to design systems at scale.
- Tech Interview: curated coding interview preparation materials.
- The Art of Command Line: Master the command line.
- Tunneling: ngrok alternatives and other ngrok-like tunneling software and services.
- Vim: all things vim.
- WAF: everything about web-application firewalls (WAF).
- 0x00sec: malware, Reverse Engineering, and Computer Science.
- 0x434b: low level adventures.
- a13xp0p0v: exploit development and vulnerability research (mostly Linux).
- Alex Plaskett: Random Security Research.
- Andrey Konovalov: uzzers, exploits, and mitigations for Linux and Android kernels.
- apps3c: cybersecurity research focused on offensive security.
- Arch Wiki: official Arch wiki.
- Connof McGarr: exploit development and vulnerability research (mostly Windows).
- CS6038/CS5138 Malware Analysis: Introduction to Malware Analysis and
Reverse Engineering.
- blog.malware.re: reverse engineering related blog.
- CVE North Star: CVEs as North Stars in vulnerability discovery and comprehension.
- [Dmitry.gr]: reverse engineering, embedded and hardware.
- epi052: epi's personal blog.
- Gentoo Wiki: official Gentoo wiki.
- GitHub Security Lab: GitHub security research.
- Google Security Blog: latest news and insights from Google on security.
- Google Security Research: ecurity advisories and their accompanying proof-of-concepts related to research conducted at Google.
- grsecurity blog: blog from GRSecurity.
- [Grapl Security Blog][289]: blog from Grapl security.
- How to exploit a double free: exploit a double free vulnerability in 2021.
- ir0nstone: binary exploitation notes.
- Linux From Scratch: with step-by-step instructions for building your own custom Linux system.
- malwareMustDie: white-hat security research workgroup.
- Malware traffic analysis: source for packet capture (pcap) files and malware samples.
- maxwelldulin: exploitation blog posts (heap)
- n1ght-w0lf: Malware Analysis & Reverse Engineering Adventures.
- Nightmare: intro to binary exploitation / reverse engineering course based around ctf challenges.
- Outflux: @kees_cook's blog.
- OWASP CSS: OWASP Cheat Sheet Series Project.
- Pawnyable: middle to advance binary exploitation.
- Phrack: e-zine written by and for hackers.
- Project Zero: news and updates from the Project Zero team at Google.
- Rust OSDev: rhis Month in Rust OSDev.
- Sam4k: linux, security, games and other nerdery.
- School of SRE: school of Sire Reliability Engineers.
- System Overlord: security engineering, research, and general hacking.
- ThePhd: (c) programming.
- tmp.out: ELF research group.
- Will's Root: Pentesting, CTFs and Writeups.
- xilokar: embedded development.
- Zero Day Initiative: encourage the reporting of 0-day vulnerabilities privately to the affected vendors.
- clang: C language family frontend for LLVM.
- Cross-compilation toolchains (Bootlin): large number of ready-to-use cross-compilation toolchains, targetting the Linux operating system on a large number of architectures.
- Dockcross: cross compiling toolchains in Docker images.
- gcc: GNU Compiler Collection.
- 0day.today: exploits database.
- CVE Details: security vulnerability datasource.
- ExploitAlert: exploits found on the internet.
- ExploitDB: the exploit database.
- iot-malware: source code of samples leaked online.
- MalwareBazaar: sharing malware samples with the infosec community.
- SeeBug: exploit database.
- Sploitus: exploit database.
- vx-underground: malware collections.
- drgn: Programmable debugger
- GDB: GNU Project Debugger.
- gdb-dashboard: modular visual interface for GDB in Python.
- gdb-frontend: easy, flexible and extensible gui debugger.
- gdbgui: browser-based frontend to gdb.
- GEF: plugin with set of commands to assis exploit developers and reverse-engineers.
- pwndbg: Exploit Development and Reverse Engineering with GDB Made Easy.
- lldb: next generation, high-performance debugger.
- llef: plugin for LLDB to make it more useful for RE and VR.
- rr: Record and Replay Framework.
- rd: reimplementation in rust.
- Scout: instruction based research debugger.
- voltron: hacky debugger UI for hackers.
- BumbleBee: simplifies building eBPF tools and allows you to package, distribute, and run them anywhere.
- Cilium ebpf: Pure-Go library to read, modify and load eBPF programs.
- epbf.io: official website.
- pulsar: runtime security framework for the IoT, powered by eBPF.
- tetragon: eBPF-based Security Observability and Runtime Enforcement.
- Binwalk: firmware Analysis Tool.
- Buildroot: simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
- EMBA: firmware security analyzer.
- Embark: firmware security scanning environment.
- FACT: Firmware Analysis and Comparison Tool.
- Firmwalker: Script for searching the extracted firmware file system for goodies.
- Firmware mod kit: collection of scripts and utilities to extract and rebuild linux based firmware images.
- Flashrom: utility for detecting, reading, writing, verifying and erasing flash chips.
- Frankenstein: Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
- FuzzWare: automated, self-configuring fuzzing of firmware images.
- HardwareAllTheThings: list of useful payloads and bypasses for Hardware and IOT Security.
- KataOS: embedded OS written most enrtirely in rust.
- InternalBlue: bluetooth experimentation framework for Broadcom and Cypress chips.
- LLP University: Low Level Programming University.
- Low level: misc documentation about low level development.
- NexMon: C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips.
- nvram-faker: simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.
- OFRAK: unpack, modify, and repack binaries.
- OpenOCD: Open On-Chip Debugger.
- OpenWRT: Linux operating system targeting embedded devices.
- OS Kernel Lab: OS kernel labs based on Rust/C Lang & RISC-V 64/X86-32.
- OWASP-FSTM: OWASP Firmware Security Testing Methodology.
- unblob: curate, fast, and easy-to-use extraction suite.
- Avatar2: target orchestration framework with focus on dynamic analysis of embedded devices' firmware!
- EMUX: Firmware Emulation Framework.
- Firmadyne: platform for emulation and dynamic analysis of Linux-based
firmware.
- scraper: firmwares scraper.
- QEMU: open source machine emulator and virtualizer.
- quickemu: create and run optimised Windows, macOS and Linux desktop.
- Panda: platform for Architecture-Neutral Dynamic Analysis.
- Qiling: Qiling Advanced Binary Emulation Framework.
- Renode: virtual development framework for complex embedded systems.
- Triton: dynamic binary analysis library.
- Unicorn: CPU emulator framework.
- Exploit mitigations: knowledge base of exploit mitigations available across numerous operating systems.
- how2heap: repository for learning various heap exploitation techniques.
- kernel-exploit-factory: Linux kernel CVE exploit analysis report and relative debug environment.
- libc-database: database of libc offsets to simplify exploitation.
- Linux Kernel Exploit: links related to Linux kernel exploitation.
- Linux Kernel Exploitation: collection of links related to Linux kernel security and exploitation.
- one_gadget: tool for finding one gadget RCE in libc.so.6.
- pwndocker: docker environment for pwn in ctf.
- pwninit: automate starting binary exploit challenges.
- pwntools: framework and exploit development library.
- ROPGadget: search your gadgets on your binaries to facilitate your ROP exploitation.
- ropr: fast multithreaded ROP Gadget finder.
- Ropper: find gadgets to build rop chains for different architectures.
- ZDI PoCs: the Zero Day Initiative Proofs-of-concept.
- AFLplusplus: improved version of AFL.
- Grammar-mutator: A grammar-based custom mutator for AFL++.
- afl-training: Exercises to learn how to fuzz with American Fuzzy Lop.
- Arbitrary: Generating structured data from arbitrary, unstructured input.
- BinAbsInspector: Vulnerability Scanner for Binaries.
- boofuzz: fork and successor of the Sulley Fuzzing Framework.
- cargo-fuzz: Command line helpers for fuzzing.
- CodeQL: semantic code analysis engine.
- Use case example: One day short of a full chain.
- cwe_ckecker: finds vulnerable patterns in binary executables.
- difuze: fuzzer for Linux Kernel Drivers.
- ferofuzz: structure-aware HTTP fuzzing library.
- fuzz-introspector: introspect, extend and optimise fuzzers.
- fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis.
- fuzzing: Tutorials, examples, discussions, research proposals, and other resources related to fuzzing.
- fuzzTest: testing framework for writing and executing fuzz tests (replaces libfuzzer).
- fuzzing101: step by step fuzzing tutorial.
- Fuzzing Book: tools and techniques for generating software tests.
- FuzzingPaper: Recent Fuzzing Papers
- halfempty: fast, parallel test case minimization tool.
- Healer: kernel fuzzer inspired by Syzkaller.
- Honggfuzz: evolutionary, feedback-driven fuzzing based on code coverage.
- iCicle: grey-box firmware fuzzing
- krf: kernelspace syscall interceptor and randomized faulter.
- lain: fuzzer framework built in Rust.
- LibAFL: fuzzing library.
- libfuzzer: in-process, coverage-guided, evolutionary fuzzing engine
- Tutorial: learn how to use libFuzzer.
- libfuzzer (rust): Rust bindings and utilities for LLVM’s libFuzzer.
- Nautilus: A grammar based feedback Fuzzer.
- netzob: Protocol Reverse Engineering, Modeling and Fuzzing.
- MATE: suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++.
- onefuzz: self-hosted Fuzzing-As-A-Service platform.
- oss-fuzz: continuous fuzzing for open source software.
- papers collection: Academic papers related to fuzzing.
- propfuzz: Rust toolkit to combine property-based testing and fuzzing.
- Radamsa: general purpose fuzzer.
- Rusty-Radamsa: Radamsa fuzzer ported to rust lang.
- Safirefuzz: same-Architecture Firmware Rehosting and Fuzzing.
- SemGrep: lightweight static analysis for many languages.
- 0xdea rules
- Rules: Semgrep rules to facilitate vulnerability research.
- Trail-of-bits rules
- silifuzz: finds CPU defects by fuzzing software proxies.
- Syzkaller: unsupervised coverage-guided kernel fuzzer.
- weggli: fast and robust semantic search tool for C and C++ codebases.
- Arti: implementation of Tor, in Rust.
- Caddy: fast, multi-platform web server with automatic HTTPS.
- CoreUtils: Cross-platform Rust rewrite of the GNU coreutils.
- difftastic: structural diff that understands syntax.
- esphome.io: control your ESP8266/ESP32.
- f4pga: fully open source toolchain for the development of FPGAs of multiple vendors.
- fccid: information resource for all wireless device applications filed with the FCC.
- FlipperZero: portable multi-tool for pentesters and geeks in a toy-like body.
- Googl Home: smart home ecosystem.
- klgrth: pastebin alternative.
- jless: command-line JSON viewer designed for reading, exploring, and searching through JSON data.
- makefiletutorial: makefile tutorial
- OpenSK: open-source implementation for security keys written in Rust.
- Pastebin: store any text online for easy sharing.
- patents: patents db from Google.
- Polypyus: locate functions in raw binaries by extracting known functions from similar binaries.
- pspy: monitor linux processes without root permissions.
- sniffglue: Secure multithreaded packet sniffer (in rust).
- sniffle: sniffer for Bluetooth 5 and 4.x LE.
- temp.sh: alternative to transfer.sh.
- transfer.sh: easy file sharing from the command line.
- uhr: Universal Radio Hacker.
- wabt: WebAssembly Binary Toolkit.
- ZeroBin: open source online pastebin where the server has zero knowledge of pasted data.
- Illustrated Connections:
- Misc:
- innernet: private network system that uses WireGuard under the hood.
- nebula: scalable overlay networking tool.
- netbird: connect your devices into a single secure private WireGuard®-based mesh network.
- netmaker: makes networks with WireGuard.
- tailscale: zero config VPN.
- tailscale github: the easiest, most secure way to use WireGuard and 2FA.
- scapy: Python-based interactive packet manipulation program & library.
- zeek: network analysis framework.
- zerotier: secure networks between devices.
- ZeroTierOne: smart ethernet switch for earth.
- Network Scanners:
- masscan: TCP port scanner, spews SYN packets asynchronously.
- nmap: utility for network scanning and discovery and security auditing
- RustScan: quick port scanner implemented in rust.
- skanuvaty: fast DNS/network/port scanner.
- ZGrab2: fast, modular application-layer network scanner.
- ZMap: fast single packet network scanner.
- Assembly:
- ARM:
- Docs: official documentation.
- Instructions Reference: official instruction reference.
- A Guide to ARM64 / AArch64 Assembly on Linux
- MIPS:
- Manuals: official manuals.
- RISC-V:
- Book assembly: introduction to Assembly Programming with RISC-V.
- Manuals: official specifications.
- RISC-V card: unofficial assembly reference for RISC-V.
- x86:
- felixcloutier.com: instructions reference.
- Software Developer Manuals: official manuals.
- ARM:
- C: C reference
- libc implementations:
- Libraries:
- libaco: blazing fast and lightweight C asymmetric coroutine library.
- libdill: structured concurrency in C.
- linux-syscall-support: low level C API for making direct Linux syscalls.
- sc: common libraries and data structures for C.
- Go: open source programming language supported by Google.
- Docs: official documentation.
- pkg.go.dev: packages documentation.
- Python: official website
- Rust: secure system programming language.
- aquascope: Interactive visualizations of Rust at compile-time and run-time
- API guidelines: set of recommendations on how to design and present APIs for the Rust programming.
- AreWeRustYet: Awesome list of "Are We thing Yet" for Rust
- Black Hat Rust: applied offensive security with Rust.
- Book: introductory book about Rust.
- Book (Brown univ): Rust book experiment.
- Cargo Book: official cargo book.
- Cheats: Rust language cheat sheet.
- Clippy: lints to catch common mistakes and improve your Rust code.
- crates.io: rust community's crate registry.
- cryptography.rs: list of actively maintained, high-quality cryptography libraries.
- Design patterns: catalogue of Rust design patterns, anti-patterns and idioms.
- docker-rust: Docker official image for rust.
- Easy Rust: rust explained using easy English.
- Editions: editions guide.
- Embedded Rust Book: introductory book about using the Rust Programming Language on "Bare Metal" embedded systems.
- esp-rs: Rust on ESP.
- How to learn modern Rust: guide to rust adventurer.
- Macros: the little book of rust macros.
- min-sized-rust: how to minimize Rust binary size.
- Offensive Rust: Rust Weaponization for Red Team Engagements.
- Official Repository: official Rust repository.
- Performance: Rust Performance Book.
- Practice: easily diving into and get skilled with Rust.
- Raspberrypi OS Tutorials: learn to write an embedded OS in Rust.
- Redox OS: Unix-like Operating System written in Rust.
- RFCs: RFCs for changes to Rust.
- Rust by Example: collection of runnable examples.
- Rust Embedded: Rust on Embedded Devices Working Group.
- rust-musl-cross: Docker images for compiling static Rust binaries using musl-cross.
- Rust cookbook: collection of simple examples in Rust
- Rust for professionals: short introduction to Rust
- Rust to Assembly: Understanding the Inner Workings of Rust.
- RustBooks: List of Rust books
- Rustonomicon: awful details that you need to understand when writing Unsafe Rust programs.
- rust-learning: links to blog posts, articles, videos, etc for learning Rust.
- Rust Reference: primary reference for the Rust programming language.
- rustup: installer for the systems programming language Rust.
- std: standard library documentation.
- Usafe Code Guidelines: "guide" for writing unsafe code
- Windows RS: Rust for Windows.
- This Week In Rust: handpicked Rust updates, delivered to your inbox.
- Libraries:
- Async Runtimes:
- avml: Acquire Volatile Memory for Linux.
- Aya: eBPF library for the Rust programming language.
- cbindgen: project for generating C bindings from Rust code.
- cross: “Zero setup” cross compilation and “cross testing” of Rust crates.
- embassy: framework for embedded applications.
- Goblin: cross-platform binary parsing crate, written in Rust.
- libp2p: Rust Implementation of the libp2p networking stack.
- nix: rust friendly bindings to *nix APIs.
- py03: Rust bindings for the Python interpreter.
- redbpf: Rust library for building and running BPF/eBPF modules.
- redhook: dynamic function call interposition / hooking (LD_PRELOAD) for Rust.
- Rustix: Safe Rust bindings to POSIX/Unix/Linux/Winsock2 syscalls.
- rust-bindgen: Automatically generates Rust FFI bindings to C (and some C++) libraries.
- teloxide: Telegram bots framework for Rust.
- tui: terminal user interfaces and dashboards using Rust.
- Shell:
- Shell Scripting Primer: shell programming guide from Apple.
- Angr: user-friendly binary analysis platform.
- BAP: binary analysis platform.
- bincat: Binary code static analyser.
- BinDiff: compare executables by identifying identical and similar
functions.
- Source code: source code of BinDiff
- BinExport: export disassemblies into Protocol Buffers.
- CAPA: tool to identify capabilities in executable files.
- lancelot-flirt: library for parsing, compiling, and matching Fast Library Identification and Recognition Technology (FLIRT) signatures.
- Capstone Engine: disassembly/disassembler framework.
- cpu_rec: recognize cpu instructions in an arbitrary binary file.
- CyberChef: web app for encryption, encoding, compression and data analysis.
- decomp2dbg: plugin to introduce interactive symbols into your debugger from your decompiler.
- Diffing (quarkslab): resources on binary diffing which is handy for reverse-engineering.
- Diffware: configurable tool providing a summary of the changes between
two files or directories
- Diffoscope: directory differ.
- DogBolt: decompiler explorer.
- ELFKickers: collection of programs that access and manipulate ELF files.
- flare-emu: easy to use and flexible interface for scripting emulation tasks.
- FLOSS: FLARE Obfuscated String Solver.
- fq: jq for binary formats.
- Ghidra: software reverse engineering (SRE) framework.
- Sekiryu: comprehensive toolkit for Ghidra headless.
- Ghidralligator: multi-architecture pcode emulator based on the Ghidra libsla.
- ghidriff: Python Command-Line Ghidra Binary Diffing Engine.
- Kaitai Struct: declarative language to generate binary data parsers.
- Keystone Engine: assembler framework.
- Linux syscalls: Linux kernel syscall tables
- McSema: Framework for lifting program binaries to LLVM bitcode.
- Metasm: a free assembler / disassembler / compiler.
- Miasm: reverse engineering framework in Python.
- Radare2: UNIX-like reverse engineering framework and command-line
toolset.
- Book: radare2 official book.
- Cutter: GUI based on Rizin.
- pwntools-r2: launch radare2 like a boss from pwntools in tmux.
- Rizin: radare2 fork.
- REMnux: Linux toolkit for reverse-engineering.
- RetDec: retargetable machine-code decompiler based on LLVM.
- Yara: pattern matching swiss knife for malware researchers.
- FreeRTOS: open source, real-time operating system for microcontrollers.
- MangooseOS: IoT operating system and networking library.
- MyNewt: OS to build, deploy and securely manage billions of device
- NuttX: mature, real-time embedded operating system (RTOS)
- RIOT: Operating System for the Internet of Things
- ThreadX: advanced real-time operating system (RTOS) designed specifically for deeply embedded applications.
- Tock: secure embedded operating system for microcontrollers.
- Zephyr: mall, scalable, real-time operating system (RTOS).
- Docs: zephyt project documentation.
- Code Sandboxing: code execution isolation and containment with sandbox solutions.
- gvisor: application Kernel for Containers.
- Firecracker: secure and fast microVMs for serverless computing.
- KAta containers: standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
- nano: kernel designed to run one and only one application in a virtualized environment.
- ops: build and run nanos unikernels.
- RustyHermit: rust-based, lightweight unikernel.
- sandboxed-api: generates sandboxes for C/C++ libraries automatically.
- Unikraft: automated system for building specialized OSes known as unikernels.
- curl: command line tool and library for transferring data with URL syntax.
- patchelf: small utility to modify the dynamic linker and RPATH of ELF executables.
- tcpdump: command-line packet analyzer.
- wireshark: network protocol analyzer.
- tshark: CLI tool for analyzing network traffic.
- tshark.dev: guide to working with packet captures on the command-line.
- bcc: rools for BPF-based Linux IO analysis, networking, monitoring, and more.
- bpftrace: high-level tracing language for Linux eBPF.
- cannoli: high-performance QEMU memory and instruction tracing.
- DynamoRIO: runtime code manipulation system.
- Falco: cloud native runtime security tool.
- Frida: instrumentation toolkit for developers, reverse-engineers, and security researchers.
- LIEF: library to Instrument Executable Formats.
- ltrace: intercepts and records both the dynamic library calls and signals.
- QDBI: a Dynamic Binary Instrumentation framework based on LLVM.
- Reverie: ergonomic and safe syscall interception framework for Linux (Rust).
- S2E: platform for multi-path program analysis with selective symbolic execution.
- strace: diagnostic, debugging and instructional userspace utility for Linux.
- Tracee: Linux Runtime Security and Forensics using eBPF.
- OP-TEE: Open Portable Trusted Execution Environment.
- TrustedFirmware: reference implementation of secure software for Armv8-A, Armv9-A and Armv8-M.
- Docs: official OP-TEE documentation.
- TEE-reversing: A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices.