Skip to content

SPIRSCSIC/awesome-list

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits
 
 
 
 
 
 

Repository files navigation

My Awesome List

My personal awesome list of interesting repos, libraries and tools.

In-Depth Topics

Content

Awesome Lists

  • Analysis Tools (dynamic): curated list of dynamic analysis tools for all programming languages.
  • Analysis Tools (static): curated list of static analysis (SAST) tools.
  • BSK: the book of secret knowledge.
  • C: A curated list of C good stuff.
  • eBPF: curated list of awesome projects related to eBPF.
  • Docker: curated list of Docker resources and projects.
  • ELF: awesome ELF resources by tmp.out.
  • Embedded: curated list of awesome embedded programming.
  • Embedded and IoT: curated list of awesome embedded and IoT security resources.
  • Embedded fuzzing: A list of resources (papers, books, talks, frameworks, tools) for understanding fuzzing for IoT/embedded devices.
  • Embedded Rust: list of resources for Embedded and Low-level development in the Rust programming language.
  • Executable Packing: curated list of awesome resources related to executable packing.
  • Firmware Security: curated list of platform firmware resources
  • FlipperZero: awesome resources for the Flipper Zero device.
  • Fuzzing: curated list of fuzzing resources.
  • Fuzzing paper collection: papers related to fuzzing, binary analysis, and exploit dev.
  • Hacking: collection of awesome lists for hackers, pentesters & security researchers.
  • ICS Security: tools, tips, tricks, and more for exploring ICS Security.
  • IoT Security 101: curated list of IoT Security Resources.
  • IoT: list of great resources about IoT Framework, Library, OS, Platforms.
  • Golang: curated list of awesome Go frameworks, libraries and software.
  • Malware Analysis: malware analysis tools and resources.
  • Network stuff: resources about network security.
  • Raspberry Pi: Raspberry Pi tools, projects, images and resources.
  • RAT: RAT And C&C Resources.
  • Reverse Engineering: reversing resources.
  • Rust: curated list of Rust code and resources.
  • rust security: list of awesome projects and resources related to Rust and computer security.
  • Search engines: list of search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more.
  • Secure a Linux server: evolving how-to guide for securing a Linux server.
  • Shell: command-line frameworks, toolkits, guides and gizmos.
  • System Design: learn how to design systems at scale.
  • Tech Interview: curated coding interview preparation materials.
  • Tunneling: ngrok alternatives and other ngrok-like tunneling software and services.
  • Vim: all things vim.
  • WAF: everything about web-application firewalls (WAF).

Blogs and Tutorials

Compilers and Toolchains

  • clang: C language family frontend for LLVM.
  • Cross-compilation toolchains (Bootlin): large number of ready-to-use cross-compilation toolchains, targetting the Linux operating system on a large number of architectures.
  • Dockcross: cross compiling toolchains in Docker images.
  • gcc: GNU Compiler Collection.

Databases

Debuggers

  • GDB: GNU Project Debugger.
    • gdb-dashboard: modular visual interface for GDB in Python.
    • gdbgui: browser-based frontend to gdb.
    • GEF: plugin with set of commands to assis exploit developers and reverse-engineers.
  • rr: Record and Replay Framework.
    • rd: reimplementation in rust.
  • Scout: instruction based research debugger.

eBPF

  • BumbleBee: simplifies building eBPF tools and allows you to package, distribute, and run them anywhere.
  • Cilium ebpf: Pure-Go library to read, modify and load eBPF programs.
  • epbf.io: official website.
  • pulsar: runtime security framework for the IoT, powered by eBPF.
  • tetragon: eBPF-based Security Observability and Runtime Enforcement.

Embedded and IoT

  • Binwalk: firmware Analysis Tool.
  • Buildroot: simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
  • EMBA: firmware security analyzer.
  • FACT: Firmware Analysis and Comparison Tool.
  • Firmwalker: Script for searching the extracted firmware file system for goodies.
  • Firmware mod kit: collection of scripts and utilities to extract and rebuild linux based firmware images.
  • Flashrom: utility for detecting, reading, writing, verifying and erasing flash chips.
  • Frankenstein: Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
  • FuzzWare: automated, self-configuring fuzzing of firmware images.
  • HardwareAllTheThings: list of useful payloads and bypasses for Hardware and IOT Security.
  • KataOS: embedded OS written most enrtirely in rust.
  • InternalBlue: bluetooth experimentation framework for Broadcom and Cypress chips.
  • LLP University: Low Level Programming University.
  • Low level: misc documentation about low level development.
  • NexMon: C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips.
  • nvram-faker: simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.
  • OFRAK: unpack, modify, and repack binaries.
  • OpenOCD: Open On-Chip Debugger.
  • OpenWRT: Linux operating system targeting embedded devices.
  • OS Kernel Lab: OS kernel labs based on Rust/C Lang & RISC-V 64/X86-32.
  • OWASP-FSTM: OWASP Firmware Security Testing Methodology.
  • unblob: curate, fast, and easy-to-use extraction suite.

Emulators and Dynamic Analysis

  • Avatar2: target orchestration framework with focus on dynamic analysis of embedded devices' firmware!
  • EMUX: Firmware Emulation Framework.
  • Firmadyne: platform for emulation and dynamic analysis of Linux-based firmware.
  • QEMU: open source machine emulator and virtualizer.
  • Panda: platform for Architecture-Neutral Dynamic Analysis.
  • Qiling: Qiling Advanced Binary Emulation Framework.
  • Renode: virtual development framework for complex embedded systems.
  • Triton: dynamic binary analysis library.
  • Unicorn: CPU emulator framework.

Exploit Development

  • CodeQL: semantic code analysis engine.
  • cwe_ckecker: finds vulnerable patterns in binary executables.
  • Exploit mitigations: knowledge base of exploit mitigations available across numerous operating systems.
  • how2heap: repository for learning various heap exploitation techniques.
  • kernel-exploit-factory: Linux kernel CVE exploit analysis report and relative debug environment.
  • libc-database: database of libc offsets to simplify exploitation.
  • Linux Kernel Exploit: links related to Linux kernel exploitation.
  • Linux Kernel Exploitation: collection of links related to Linux kernel security and exploitation.
  • one_gadget: tool for finding one gadget RCE in libc.so.6.
  • pwndocker: docker environment for pwn in ctf.
  • pwninit: automate starting binary exploit challenges.
  • pwntools: framework and exploit development library.
  • ROPGadget: search your gadgets on your binaries to facilitate your ROP exploitation.
  • ropr: fast multithreaded ROP Gadget finder.
  • Ropper: find gadgets to build rop chains for different architectures.
  • weggli: fast and robust semantic search tool for C and C++ codebases.
  • ZDI PoCs: the Zero Day Initiative Proofs-of-concept.

Fuzzing

  • AFLplusplus: improved version of AFL.
  • boofuzz: fork and successor of the Sulley Fuzzing Framework.
  • difuze: fuzzer for Linux Kernel Drivers.
  • ferofuzz: structure-aware HTTP fuzzing library.
  • Fuzzing Book: tools and techniques for generating software tests.
  • halfempty: fast, parallel test case minimization tool.
  • Healer: kernel fuzzer inspired by Syzkaller.
  • Honggfuzz: evolutionary, feedback-driven fuzzing based on code coverage.
  • krf: kernelspace syscall interceptor and randomized faulter.
  • lain: fuzzer framework built in Rust.
  • LibAFL: fuzzing library.
  • netzob: Protocol Reverse Engineering, Modeling and Fuzzing.
  • MATE: suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++.
  • onefuzz: self-hosted Fuzzing-As-A-Service platform.
  • propfuzz: Rust toolkit to combine property-based testing and fuzzing.
  • Radamsa: general purpose fuzzer.
  • SemGrep: lightweight static analysis for many languages.
    • Rules: Semgrep rules to facilitate vulnerability research.
  • silifuzz: finds CPU defects by fuzzing software proxies.
  • Syzkaller: unsupervised coverage-guided kernel fuzzer.
    • Syzbot: continuously fuzzes main Linux kernel branches and automatically reports found bugs
    • SyzScope: automatically uncover high-risk impacts given a bug with only low-risk impacts.

Linux Kernel

Misc

  • Arti: implementation of Tor, in Rust.
  • Caddy: fast, multi-platform web server with automatic HTTPS.
  • CoreUtils: Cross-platform Rust rewrite of the GNU coreutils.
  • difftastic: structural diff that understands syntax.
  • esphome.io: control your ESP8266/ESP32.
  • f4pga: fully open source toolchain for the development of FPGAs of multiple vendors.
  • fccid: information resource for all wireless device applications filed with the FCC.
  • FlipperZero: portable multi-tool for pentesters and geeks in a toy-like body.
  • Googl Home: smart home ecosystem.
  • klgrth: pastebin alternative.
  • jless: command-line JSON viewer designed for reading, exploring, and searching through JSON data.
  • OpenSK: open-source implementation for security keys written in Rust.
  • Pastebin: store any text online for easy sharing.
  • patents: patents db from Google.
  • Polypyus: locate functions in raw binaries by extracting known functions from similar binaries.
  • pspy: monitor linux processes without root permissions.
  • sniffglue: Secure multithreaded packet sniffer (in rust).
  • sniffle: sniffer for Bluetooth 5 and 4.x LE.
  • temp.sh: alternative to transfer.sh.
  • transfer.sh: easy file sharing from the command line.
  • uhr: Universal Radio Hacker.
  • wabt: WebAssembly Binary Toolkit.
  • ZeroBin: open source online pastebin where the server has zero knowledge of pasted data.

Networking

  • Misc:
    • innernet: private network system that uses WireGuard under the hood.
    • nebula: scalable overlay networking tool.
    • netbird: connect your devices into a single secure private WireGuard®-based mesh network.
    • netmaker: makes networks with WireGuard.
    • tailscale: zero config VPN.
    • zeek: network analysis framework.
    • zerotier: secure networks between devices.
  • Network Scanners:
    • masscan: TCP port scanner, spews SYN packets asynchronously.
    • nmap: utility for network scanning and discovery and security auditing
    • RustScan: quick port scanner implemented in rust.
    • skanuvaty: fast DNS/network/port scanner.
    • ZGrab2: fast, modular application-layer network scanner.
    • ZMap: fast single packet network scanner.

Programming Languages

  • Assembly:
  • C: C reference
    • libc implementations:
      • glibc: GNU C library.
      • musl: C standard library.
      • uclibc: C library for developing embedded Linux systems.
      • uclibc-ng: small C library for developing embedded Linux systems.
    • Libraries:
      • libaco: blazing fast and lightweight C asymmetric coroutine library.
      • libdill: structured concurrency in C.
      • linux-syscall-support: low level C API for making direct Linux syscalls.
      • sc: common libraries and data structures for C.
  • Go: open source programming language supported by Google.
  • Rust: secure system programming language.
    • aquascope: Interactive visualizations of Rust at compile-time and run-time
    • API guidelines: set of recommendations on how to design and present APIs for the Rust programming.
    • AreWeRustYet: Awesome list of "Are We thing Yet" for Rust
    • Black Hat Rust: applied offensive security with Rust.
    • Book: introductory book about Rust.
    • Cargo Book: official cargo book.
    • Cheats: Rust language cheat sheet.
    • Clippy: lints to catch common mistakes and improve your Rust code.
    • crates.io: rust community's crate registry.
    • cryptography.rs: list of actively maintained, high-quality cryptography libraries.
    • Design patterns: catalogue of Rust design patterns, anti-patterns and idioms.
    • Easy Rust: rust explained using easy English.
    • Editions: editions guide.
    • Embedded Rust Book: introductory book about using the Rust Programming Language on "Bare Metal" embedded systems.
    • esp-rs: Rust on ESP.
    • Macros: the little book of rust macros.
    • min-sized-rust: how to minimize Rust binary size.
    • Offensive Rust: Rust Weaponization for Red Team Engagements.
    • Official Repository: official Rust repository.
    • Performance: Rust Performance Book.
    • Practice: easily diving into and get skilled with Rust.
    • Raspberrypi OS Tutorials: learn to write an embedded OS in Rust.
    • Redox OS: Unix-like Operating System written in Rust.
    • RFCs: RFCs for changes to Rust.
    • Rustonomicon: awful details that you need to understand when writing Unsafe Rust programs.
    • Rust Reference: primary reference for the Rust programming language.
    • rustup: installer for the systems programming language Rust.
    • std: standard library documentation.
    • Windows RS: Rust for Windows.
    • This Week In Rust: handpicked Rust updates, delivered to your inbox.
    • Libraries:
      • Async Runtimes:
        • async-std: async version of the Rust standard library.
        • smol: small and fast async runtime for Rust.
        • Tokio: runtime for writing reliable asynchronous applications with Rust.
      • avml: Acquire Volatile Memory for Linux.
      • Aya: eBPF library for the Rust programming language.
      • embassy: framework for embedded applications.
      • Goblin: cross-platform binary parsing crate, written in Rust.
      • libp2p: Rust Implementation of the libp2p networking stack.
      • nix: rust friendly bindings to *nix APIs.
      • redbpf: Rust library for building and running BPF/eBPF modules.
      • redhook: dynamic function call interposition / hooking (LD_PRELOAD) for Rust.
      • Rustix: Safe Rust bindings to POSIX/Unix/Linux/Winsock2 syscalls.

Reverse Engineering

  • Angr: user-friendly binary analysis platform.
  • BAP: binary analysis platform.
  • BinDiff: compare executables by identifying identical and similar functions.
  • BinExport: export disassemblies into Protocol Buffers.
  • CAPA: tool to identify capabilities in executable files.
    • lancelot-flirt: library for parsing, compiling, and matching Fast Library Identification and Recognition Technology (FLIRT) signatures.
  • Capstone Engine: disassembly/disassembler framework.
  • cpu_rec: recognize cpu instructions in an arbitrary binary file.
  • CyberChef: web app for encryption, encoding, compression and data analysis.
  • decomp2dbg: plugin to introduce interactive symbols into your debugger from your decompiler.
  • Diffware: configurable tool providing a summary of the changes between two files or directories
  • DogBolt: decompiler explorer.
  • ELFKickers: collection of programs that access and manipulate ELF files.
  • flare-emu: easy to use and flexible interface for scripting emulation tasks.
  • FLOSS: FLARE Obfuscated String Solver.
  • fq: jq for binary formats.
  • Ghidra: software reverse engineering (SRE) framework.
  • Kaitai Struct: declarative language to generate binary data parsers.
  • Keystone Engine: assembler framework.
  • Linux syscalls: Linux kernel syscall tables
  • McSema: Framework for lifting program binaries to LLVM bitcode.
  • Metasm: a free assembler / disassembler / compiler.
  • Miasm: reverse engineering framework in Python.
  • Radare2: UNIX-like reverse engineering framework and command-line toolset.
  • REMnux: Linux toolkit for reverse-engineering.
  • RetDec: retargetable machine-code decompiler based on LLVM.
  • Yara: pattern matching swiss knife for malware researchers.

RTOS

  • FreeRTOS: open source, real-time operating system for microcontrollers.
  • MangooseOS: IoT operating system and networking library.
  • ThreadX: advanced real-time operating system (RTOS) designed specifically for deeply embedded applications.
  • Tock: secure embedded operating system for microcontrollers.
  • Zephyr: mall, scalable, real-time operating system (RTOS).
    • Docs: zephyt project documentation.

Sandboxing

  • Code Sandboxing: code execution isolation and containment with sandbox solutions.
  • gvisor: application Kernel for Containers.
  • Firecracker: secure and fast microVMs for serverless computing.
  • KAta containers: standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
  • nano: kernel designed to run one and only one application in a virtualized environment.
  • ops: build and run nanos unikernels.
  • RustyHermit: rust-based, lightweight unikernel.
  • sandboxed-api: generates sandboxes for C/C++ libraries automatically.
  • Unikraft: automated system for building specialized OSes known as unikernels.

Tools

  • curl: command line tool and library for transferring data with URL syntax.
  • patchelf: small utility to modify the dynamic linker and RPATH of ELF executables.
  • tcpdump: command-line packet analyzer.
  • wireshark: network protocol analyzer.
    • tshark: CLI tool for analyzing network traffic.
    • tshark.dev: guide to working with packet captures on the command-line.

Tracing, Hooking and Instrumentation

  • bcc: rools for BPF-based Linux IO analysis, networking, monitoring, and more.
  • bpftrace: high-level tracing language for Linux eBPF.
  • cannoli: high-performance QEMU memory and instruction tracing.
  • DynamoRIO: runtime code manipulation system.
  • Falco: cloud native runtime security tool.
  • Frida: instrumentation toolkit for developers, reverse-engineers, and security researchers.
  • LIEF: library to Instrument Executable Formats.
  • ltrace: intercepts and records both the dynamic library calls and signals.
  • QDBI: a Dynamic Binary Instrumentation framework based on LLVM.
  • Reverie: ergonomic and safe syscall interception framework for Linux (Rust).
  • S2E: platform for multi-path program analysis with selective symbolic execution.
  • strace: diagnostic, debugging and instructional userspace utility for Linux.
  • Tracee: Linux Runtime Security and Forensics using eBPF.

Trusted Execution Environment

  • OP-TEE: Open Portable Trusted Execution Environment.
    • TrustedFirmware: reference implementation of secure software for Armv8-A, Armv9-A and Armv8-M.
    • Docs: official OP-TEE documentation.
  • TEE-reversing: A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices.

Releases

No releases published

Packages

No packages published