sqlmap by sqlmapproject

Automatic SQL injection and database takeover tool

created at June 26, 2012, 9:52 a.m.

1,088 -2

30,519 +63

5,532 +8

pwntools by Gallopsled

CTF framework and exploit development library

created at April 29, 2013, 2:43 p.m.

292 +1

11,456 +20

1,657 +2

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

369 +0

10,146 +18

1,469 +1

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

185 +0

7,202 +18

1,032 +2

objection by sensepost

📱 objection - runtime mobile exploration

created at June 29, 2017, 11:21 a.m.

159 +0

6,980 +15

807 +1

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

309 +0

6,917 +18

1,247 +2

pwndbg by pwndbg

Exploit Development and Reverse Engineering with GDB Made Easy

created at Feb. 22, 2015, 9:35 p.m.

139 +0

6,695 +28

834 +2

gef by hugsy

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

created at March 26, 2015, 10:25 p.m.

134 +0

6,476 +24

700 +1

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

206 +0

5,745 +9

788 +1

CTFd by CTFd

CTFs as you need them

created at Jan. 1, 2015, 5:36 a.m.

113 +0

5,300 +11

1,959 +3

RsaCtfTool by RsaCtfTool

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

created at March 7, 2015, 5:29 p.m.

67 +0

5,233 +10

884 +7

androguard by androguard

Reverse engineering and pentesting for Android applications

created at Sept. 12, 2014, 8:48 a.m.

240 -1

4,933 +17

1,041 +2

w3af by andresriancho

w3af: web application attack and audit framework, the open source web vulnerability scanner.

created at Aug. 31, 2011, 11:20 p.m.

193 +0

4,445 +7

1,206 +1

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

created at March 20, 2015, 8:38 a.m.

161 +0

4,325 +8

799 +2

ROPgadget by JonathanSalwan

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, and RISC-V Compressed architectures.

created at Aug. 19, 2011, 3:30 p.m.

120 +0

3,715 +5

542 +0

patator by lanjelot

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

created at Aug. 25, 2014, 12:56 a.m.

149 +0

3,463 +2

773 +1

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,040 +1

278 +0

Raccoon by evyatarmeged

A high performance offensive security tool for reconnaissance and vulnerability scanning

created at May 13, 2018, 5:05 p.m.

109 +0

3,000 +3

387 +0

SecGen by cliffe

Create randomly insecure VMs

created at Jan. 29, 2015, 4:33 p.m.

111 -1

2,574 +2

314 +0

PINCE by korcankaraokcu

Reverse engineering tool for linux games

created at Feb. 19, 2016, 7:33 p.m.

42 +0

1,918 +10

145 +0