xhp-lib - Class libraries for XHP

•    Hack

XHP augments the syntax of Hack such that XML document fragments become valid PHP expressions. This allows you to use Hack as a stricter templating engine and offers much more straightforward implementation of reusable components.Take note of the syntax on line 3, this is not a string. This is the major new syntax that XHP introduces to Hack.

hack - ⛷ Dead simple CSS framework.

•    CSS

It's also available on CDNJS, jsDelivr and UNPKG.A list of projects that use hack.

proxychains-ng - proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies

•    C

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.

xhp-lib - Class libraries for XHP

•    Hack

XHP augments the syntax of Hack such that XML document fragments become valid PHP expressions. This allows you to use Hack as a stricter templating engine and offers much more straightforward implementation of reusable components. In addition, you will need to use hhvm-autoload as your autoloader.

arachni - Web Application Security Scanner Framework

•    Ruby

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.

goprowifihack - Unofficial GoPro WiFi API Documentation - HTTP GET requests for commands, status, livestreaming and media query

Note: HERO4 camera is now the base for the future API, since the calls will be the same for HERO4 and above. They did offer a mobile library - but they shut it down. This repository will continue to be updated until GoPro stops releasing cameras and ceases operations.

Hack - A typeface designed for source code

•    Shell

Don't like the development noise from the repository but want to keep up with changes? Check out our gitter Hack channel. Have a quick question that doesn't require an issue report? Drop by our gitter Help channel and ask away. Hack is designed to be a workhorse typeface for source code. It has deep roots in the free, open source typeface community and expands upon the contributions of the Bitstream Vera & DejaVu projects. The large x-height + wide aperture + low contrast design make it legible at commonly used source code text sizes with a sweet spot that runs in the 8 - 14 range. The full set of changes to the upstream source are available in the changelog.

pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy

•    Python

Exploit Development and Reverse Engineering with GDB Made Easy

esp8266_deauther - Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners!

•    C

This software allows you to easily perform a variety of actions to test 802.11 wireless networks by using an inexpensive ESP8266 WiFi SoC (System On A Chip). The main feature, the deauthentication attack, is used to disconnect devices from their WiFi network. No one seems to care about this huge vulnerability in the official 802.11 WiFi standard, so I took action and enabled everyone who has less than 10 USD to spare to recreate this project. I hope it raises more attention on the issue. In 2009 the WiFi Alliance actually fixed the problem (see 802.11w), but only a few companies implemented it into their devices and software. To effectively prevent a deauthentication attack, both client and access point must support the 802.11w standard with protected managment frames (PMF). While most client devices seem to support it when the access point forces it, basically no WiFi access point has it enabled.

nuclide - An open IDE for web and native mobile development, built on top of Atom

•    Javascript

Nuclide is a collection of features for Atom to provide IDE-like functionality for a variety of programming languages and technologies. The Nuclide license has certain limitations around distribution and should not be considered an open source license. However, this does not affect your ability to fork the project and make contributions.

awesome-iot-hacks - A Collection of Hacks in IoT Space so that we can address them (hopefully).

A curated list of hacks in IoT space so that researchers and industrial products can address the security vulnerabilities (hopefully). The table of content is generated with doctoc. Make sure you run it and update the table of content before making pull requests.

xssor2 - XSS'OR - Hack with JavaScript.

•    Javascript

XSS'OR - Hack with JavaScript. It contains three major modules: Encode/Decode, Codz, Probe.

Windows-Hacks - Creative and unusual things that can be done with the Windows API.

•    CSharp

Creative and unusual things that can be done with the Windows API. Any window can be shrunk down.

Wi-PWN - ESP8266 firmware for performing deauthentication attacks, with ease.

•    C

ESP8266 firmware for performing deauthentication attacks, with ease. Wi-PWN is a firmware that performs deauth attacks on cheap Arduino boards. The ESP8266 is a cheap micro controller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino.

project_alias - Alias is a teachable “parasite” that is designed to give users more control over their smart assistants, both when it comes to customisation and privacy

•    Python

The Alias software can be flashed onto a micro SD card, for a fast and easy setup. Make sure the respeaker hat is attached to the Raspberry Pi. We recommend to use the Easy Setup but if you wish to install the project from scratch use the Manual Install instructions.

gitbanner - :balloon: Generates a git repo to show a cool banner on your Github profile

•    Javascript

Generates a git repo to show a cool banner on your Github profile.Gitbanner works by creating a new git repository and filling it with dummy commits, with dates set to correspond to the pixels on your Github "Contributions" graph.

ChameleonMini - The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC

•    C

This is the official repository of ChameleonMini, a freely programmable, portable tool for NFC security analysis that can emulate and clone contactless cards, read RFID tags and sniff/log RF data. Thanks to over 1700 backers from our Kickstarter project, the current Revision G has been realized by Kasper & Oswald GmbH. We are aware of various third-party ChameleonMini clones or modified variants that are available on the Internet. Warning: We have evidence that some of these devices are defective or suffer from reading problems et cetera. Please understand that we cannot give support for these non-official devices, as we have no schematics / layout or other information, nor do we know the manufacturers. In case of problems, please contact the manufacturers of your device directly.

wifi_ducky - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4

•    C

It's a Wi-Fi controlled BadUSB device to remotely execute Ducky Scripts. Using a USB device which act as a keyboard to inject keystrokes is well known these days. The USB Rubber Ducky by Hak5 is THE hacker gadget for this kind of attack. It introduced a simple script language called Ducky Script, which this project uses too.

HomePWN - HomePwn - Swiss Army Knife for Pentesting of IoT Devices

•    Python

HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment. It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to those devices. With a strong library of modules you can use this tool to load new features and use them in a vast variety of devices. Discovery modules. These modules provide functionalities related to the discovery stage, regardless of the technology to be used. For example, it can be used to conduct WiFi scans via an adapter in monitor mode, perform discovery of BLE devices, Bluetooth Low-Energy, which other devices are nearby and view their connectivity status, etc. Also, It can be used to discover a home or office IoT services using protocols such as SSDP or Simple Service Discovery Protocol and MDNS or Multicast DNS.

mimikatz - A little tool to play with Windows security

•    C

mimikatz is a tool to extract windows password or hashes from memory. It is now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. It can be used to dump memory contents.