IPAPatch - Patch iOS Apps, The Easy Way, Without Jailbreak.

•    Objective-C

IPAPatch provide a simple way to patch iOS Apps, without needing to jailbreak. You can run your own code inside ipa file as a dynamic library. So you can change behavior of that app by utilizing Objective-C runtime.

Infosec_Reference - An Information Security Reference That Doesn't Suck

•    Python

An Information Security Reference That Doesn't Suck

hacker101 - Hacker101

•    Ruby

Hacker101 is a free class for web security. Whether you're a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you. Hacker101 is structured as a set of video lessons -- some covering multiple topics, some covering a single one -- and can be consumed in two different ways. You can either watch them in the order produced as in a normal class (§ Sessions), or you can watch individual videos (§ Vulnerabilities). If you're new to security, we recommend the former; this provides a guided path through the content and covers more than just individual bugs.

awesome-sec-talks - A collected list of awesome security talks

A collected list of awesome security talks

arachni - Web Application Security Scanner Framework

•    Ruby

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.

movies-for-hackers - 🎬 A curated list of movies every hacker & cyberpunk must watch.

•    Shell

A curated list of movies every hacker & cyberpunk must watch. Check out my blog and follow me on Twitter.

kickthemout - 💤 Kick devices off your network by performing an ARP Spoof attack.

•    Python

A tool to kick devices out of your network and enjoy all the bandwidth for yourself. It allows you to select specific or all devices and ARP spoofs them off your local area network. Compatible with Python 3+ 🎉.

nishang - Nishang - Offensive PowerShell for penetration testing and offensive security.

•    PowerShell

Import all the scripts in the current PowerShell session (PowerShell v3 onwards). Use the individual scripts with dot sourcing.

EQGRP - Decrypted content of eqgrp-auction-file.tar.xz

•    Perl

Nested Tar archives have been uncompressed in the archive_files folder.

awesome-hacking - A curated list of awesome Hacking tutorials, tools and resources

A curated list of awesome Hacking tutorials, tools and resources

Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers

A collection of awesome lists for hackers, pentesters & security researchers. Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.

Free-Security-eBooks - Free Security and Hacking eBooks

A curated list of free Security and Pentesting related E-Books available on the Internet. If you want to contribute to this list (please do), send a pull request. All contributors will be recognized and appreciated.

bettercap - The Swiss Army knife for 802

•    Go

bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks. A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary.

NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.

•    Python

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".

Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing

•    Python

A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).

Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning

•    Python

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.

pentest-wiki - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers

•    Python

is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks.

•    Shell

This is a multi-use bash script for Linux systems to audit wireless networks. All the needed info about how to "install | use | enjoy" airgeddon is present at Github's Wiki.

Sn1per - Automated Pentest Recon Scanner

•    PHP

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.

wifi-cracking - Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat 🖧

Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat. This is a brief walk-through tutorial that illustrates how to crack Wi-Fi networks that are secured using weak passwords. It is not exhaustive, but it should be enough information for you to test your own network's security or break into one nearby. The attack outlined below is entirely passive (listening only, nothing is broadcast from your computer) and it is impossible to detect provided that you don't actually use the password that you crack. An optional active deauthentication attack can be used to speed up the reconnaissance process and is described at the end of this document.