My personal awesome list of interesting repos, libraries and tools.
- Awesome Lists
- Blogs ad Tutorials
- Compilers and Toolchains
- Databases
- Debuggers
- eBPF
- Embedded and IoT
- Emulators And Dynamic Analysis
- Exploit Development
- Fuzzing
- Linux Kernel
- Misc
- Networking
- Programming Languages
- Reverse Engineering
- RTOS
- Sandboxing
- Tools
- Tracing, Hooking and Instrumentation
- Trusted Execution Environment
- Analysis Tools (dynamic): curated list of dynamic analysis tools for all programming languages.
- Analysis Tools (static): curated list of static analysis (SAST) tools.
- BSK: the book of secret knowledge.
- C: A curated list of C good stuff.
- eBPF: curated list of awesome projects related to eBPF.
- Docker: curated list of Docker resources and projects.
- ELF: awesome ELF resources by tmp.out.
- Embedded: curated list of awesome embedded programming.
- Embedded and IoT: curated list of awesome embedded and IoT security resources.
- Embedded fuzzing: A list of resources (papers, books, talks, frameworks, tools) for understanding fuzzing for IoT/embedded devices.
- Embedded Rust: list of resources for Embedded and Low-level development in the Rust programming language.
- Executable Packing: curated list of awesome resources related to executable packing.
- Firmware Security: curated list of platform firmware resources
- FlipperZero: awesome resources for the Flipper Zero device.
- Fuzzing: curated list of fuzzing resources.
- Fuzzing paper collection: papers related to fuzzing, binary analysis, and exploit dev.
- Hacking: collection of awesome lists for hackers, pentesters & security researchers.
- ICS Security: tools, tips, tricks, and more for exploring ICS Security.
- IoT Security 101: curated list of IoT Security Resources.
- IoT: list of great resources about IoT Framework, Library, OS, Platforms.
- Golang: curated list of awesome Go frameworks, libraries and software.
- Malware Analysis: malware analysis tools and resources.
- Network stuff: resources about network security.
- Raspberry Pi: Raspberry Pi tools, projects, images and resources.
- RAT: RAT And C&C Resources.
- Reverse Engineering: reversing resources.
- Rust: curated list of Rust code and resources.
- rust security: list of awesome projects and resources related to Rust and computer security.
- Search engines: list of search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more.
- Secure a Linux server: evolving how-to guide for securing a Linux server.
- Shell: command-line frameworks, toolkits, guides and gizmos.
- System Design: learn how to design systems at scale.
- Tech Interview: curated coding interview preparation materials.
- Tunneling: ngrok alternatives and other ngrok-like tunneling software and services.
- Vim: all things vim.
- WAF: everything about web-application firewalls (WAF).
- 0x00sec: malware, Reverse Engineering, and Computer Science.
- 0x434b: low level adventures.
- a13xp0p0v: exploit development and vulnerability research (mostly Linux).
- Alex Plaskett: Random Security Research.
- Andrey Konovalov: uzzers, exploits, and mitigations for Linux and Android kernels.
- apps3c: cybersecurity research focused on offensive security.
- Arch Wiki: official Arch wiki.
- Connof McGarr: exploit development and vulnerability research (mostly Windows).
- CS6038/CS5138 Malware Analysis: Introduction to Malware Analysis and Reverse Engineering.
- CVE North Star: CVEs as North Stars in vulnerability discovery and comprehension.
- [Dmitry.gr]: reverse engineering, embedded and hardware.
- epi052: epi's personal blog.
- Gentoo Wiki: official Gentoo wiki.
- GitHub Security Lab: GitHub security research.
- Google Security Blog: latest news and insights from Google on security.
- Google Security Research: ecurity advisories and their accompanying proof-of-concepts related to research conducted at Google.
- grsecurity blog: blog from GRSecurity.
- [Grapl Security Blog][289]: blog from Grapl security.
- How to exploit a double free: exploit a double free vulnerability in 2021.
- ir0nstone: binary exploitation notes.
- Linux From Scratch: with step-by-step instructions for building your own custom Linux system.
- malwareMustDie: white-hat security research workgroup.
- Malware traffic analysis: source for packet capture (pcap) files and malware samples.
- n1ght-w0lf: Malware Analysis & Reverse Engineering Adventures.
- Nightmare: intro to binary exploitation / reverse engineering course based around ctf challenges.
- Outflux: @kees_cook's blog.
- OWASP CSS: OWASP Cheat Sheet Series Project.
- Pawnyable: middle to advance binary exploitation.
- Phrack: e-zine written by and for hackers.
- Project Zero: news and updates from the Project Zero team at Google.
- Rust OSDev: rhis Month in Rust OSDev.
- Sam4k: linux, security, games and other nerdery.
- School of SRE: school of Sire Reliability Engineers.
- System Overlord: security engineering, research, and general hacking.
- ThePhd: (c) programming.
- tmp.out: ELF research group.
- Will's Root: Pentesting, CTFs and Writeups.
- xilokar: embedded development.
- Zero Day Initiative: encourage the reporting of 0-day vulnerabilities privately to the affected vendors.
- clang: C language family frontend for LLVM.
- Cross-compilation toolchains (Bootlin): large number of ready-to-use cross-compilation toolchains, targetting the Linux operating system on a large number of architectures.
- Dockcross: cross compiling toolchains in Docker images.
- gcc: GNU Compiler Collection.
- 0day.today: exploits database.
- CVE Details: security vulnerability datasource.
- ExploitAlert: exploits found on the internet.
- ExploitDB: the exploit database.
- iot-malware: source code of samples leaked online.
- MalwareBazaar: sharing malware samples with the infosec community.
- SeeBug: exploit database.
- Sploitus: exploit database.
- vx-underground: malware collections.
- GDB: GNU Project Debugger.
- gdb-dashboard: modular visual interface for GDB in Python.
- gdbgui: browser-based frontend to gdb.
- GEF: plugin with set of commands to assis exploit developers and reverse-engineers.
- rr: Record and Replay Framework.
- rd: reimplementation in rust.
- Scout: instruction based research debugger.
- BumbleBee: simplifies building eBPF tools and allows you to package, distribute, and run them anywhere.
- Cilium ebpf: Pure-Go library to read, modify and load eBPF programs.
- epbf.io: official website.
- pulsar: runtime security framework for the IoT, powered by eBPF.
- tetragon: eBPF-based Security Observability and Runtime Enforcement.
- Binwalk: firmware Analysis Tool.
- Buildroot: simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
- EMBA: firmware security analyzer.
- FACT: Firmware Analysis and Comparison Tool.
- Firmwalker: Script for searching the extracted firmware file system for goodies.
- Firmware mod kit: collection of scripts and utilities to extract and rebuild linux based firmware images.
- Flashrom: utility for detecting, reading, writing, verifying and erasing flash chips.
- Frankenstein: Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
- FuzzWare: automated, self-configuring fuzzing of firmware images.
- HardwareAllTheThings: list of useful payloads and bypasses for Hardware and IOT Security.
- KataOS: embedded OS written most enrtirely in rust.
- InternalBlue: bluetooth experimentation framework for Broadcom and Cypress chips.
- LLP University: Low Level Programming University.
- Low level: misc documentation about low level development.
- NexMon: C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips.
- nvram-faker: simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.
- OFRAK: unpack, modify, and repack binaries.
- OpenOCD: Open On-Chip Debugger.
- OpenWRT: Linux operating system targeting embedded devices.
- OS Kernel Lab: OS kernel labs based on Rust/C Lang & RISC-V 64/X86-32.
- OWASP-FSTM: OWASP Firmware Security Testing Methodology.
- unblob: curate, fast, and easy-to-use extraction suite.
- Avatar2: target orchestration framework with focus on dynamic analysis of embedded devices' firmware!
- EMUX: Firmware Emulation Framework.
- Firmadyne: platform for emulation and dynamic analysis of Linux-based
firmware.
- scraper: firmwares scraper.
- QEMU: open source machine emulator and virtualizer.
- Panda: platform for Architecture-Neutral Dynamic Analysis.
- Qiling: Qiling Advanced Binary Emulation Framework.
- Renode: virtual development framework for complex embedded systems.
- Triton: dynamic binary analysis library.
- Unicorn: CPU emulator framework.
- CodeQL: semantic code analysis engine.
- Use case example: One day short of a full chain.
- cwe_ckecker: finds vulnerable patterns in binary executables.
- Exploit mitigations: knowledge base of exploit mitigations available across numerous operating systems.
- how2heap: repository for learning various heap exploitation techniques.
- kernel-exploit-factory: Linux kernel CVE exploit analysis report and relative debug environment.
- libc-database: database of libc offsets to simplify exploitation.
- Linux Kernel Exploit: links related to Linux kernel exploitation.
- Linux Kernel Exploitation: collection of links related to Linux kernel security and exploitation.
- one_gadget: tool for finding one gadget RCE in libc.so.6.
- pwndocker: docker environment for pwn in ctf.
- pwninit: automate starting binary exploit challenges.
- pwntools: framework and exploit development library.
- ROPGadget: search your gadgets on your binaries to facilitate your ROP exploitation.
- ropr: fast multithreaded ROP Gadget finder.
- Ropper: find gadgets to build rop chains for different architectures.
- weggli: fast and robust semantic search tool for C and C++ codebases.
- ZDI PoCs: the Zero Day Initiative Proofs-of-concept.
- AFLplusplus: improved version of AFL.
- boofuzz: fork and successor of the Sulley Fuzzing Framework.
- difuze: fuzzer for Linux Kernel Drivers.
- ferofuzz: structure-aware HTTP fuzzing library.
- Fuzzing Book: tools and techniques for generating software tests.
- halfempty: fast, parallel test case minimization tool.
- Healer: kernel fuzzer inspired by Syzkaller.
- Honggfuzz: evolutionary, feedback-driven fuzzing based on code coverage.
- krf: kernelspace syscall interceptor and randomized faulter.
- lain: fuzzer framework built in Rust.
- LibAFL: fuzzing library.
- netzob: Protocol Reverse Engineering, Modeling and Fuzzing.
- MATE: suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++.
- onefuzz: self-hosted Fuzzing-As-A-Service platform.
- propfuzz: Rust toolkit to combine property-based testing and fuzzing.
- Radamsa: general purpose fuzzer.
- SemGrep: lightweight static analysis for many languages.
- Rules: Semgrep rules to facilitate vulnerability research.
- silifuzz: finds CPU defects by fuzzing software proxies.
- Syzkaller: unsupervised coverage-guided kernel fuzzer.
- Clang Built Linux: building the Linux kernel with Clang.
- Defence Map: relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies.
- kconfig-hardened-check: tool for checking the security hardening options of the Linux kernel.
- kernel-security-learning: Anything about kernel security.
- Kernel documentation: official linux kernel documentation.
- kernel.org: linux kernel archives.
- kernelci.org: test system focused on the upstream Linux kernel.
- kernelconfig: Linux kernel configuration entries.
- like-gdb: fully dockerized Linux kernel debugging environment.
- linux-insides: a book about linux kernel and its insides.
- Linux Kernel Module Cheat: emulation setup to study and develop the Linux kernel.
- LKFT: Linux Kernel Functional Testing.
- lkmpg: The Linux Kernel Module Programming Guide.
- ltp: Linux Test Project.
- [Mailing Lists]:
- Lore kernel: Linux kernel mailing lists.
- Linux hardening: Linux hardening.
- Kernel Hardening: kernel hardening.
- Rust for Linux: rust for Linux.
- Lore kernel: Linux kernel mailing lists.
- Rust:
- Linux crate.
- knock-out: example of a kernel module in Rust.
- Rust for Linux: organization for adding support for the Rust language to the Linux kernel.
- TuxSuite: on-demand APIs and tools for building Linux Kernels.
- Arti: implementation of Tor, in Rust.
- Caddy: fast, multi-platform web server with automatic HTTPS.
- CoreUtils: Cross-platform Rust rewrite of the GNU coreutils.
- difftastic: structural diff that understands syntax.
- esphome.io: control your ESP8266/ESP32.
- f4pga: fully open source toolchain for the development of FPGAs of multiple vendors.
- fccid: information resource for all wireless device applications filed with the FCC.
- FlipperZero: portable multi-tool for pentesters and geeks in a toy-like body.
- Googl Home: smart home ecosystem.
- klgrth: pastebin alternative.
- jless: command-line JSON viewer designed for reading, exploring, and searching through JSON data.
- OpenSK: open-source implementation for security keys written in Rust.
- Pastebin: store any text online for easy sharing.
- patents: patents db from Google.
- Polypyus: locate functions in raw binaries by extracting known functions from similar binaries.
- pspy: monitor linux processes without root permissions.
- sniffglue: Secure multithreaded packet sniffer (in rust).
- sniffle: sniffer for Bluetooth 5 and 4.x LE.
- temp.sh: alternative to transfer.sh.
- transfer.sh: easy file sharing from the command line.
- uhr: Universal Radio Hacker.
- wabt: WebAssembly Binary Toolkit.
- ZeroBin: open source online pastebin where the server has zero knowledge of pasted data.
- Misc:
- innernet: private network system that uses WireGuard under the hood.
- nebula: scalable overlay networking tool.
- netbird: connect your devices into a single secure private WireGuard®-based mesh network.
- netmaker: makes networks with WireGuard.
- tailscale: zero config VPN.
- tailscale github: the easiest, most secure way to use WireGuard and 2FA.
- zeek: network analysis framework.
- zerotier: secure networks between devices.
- ZeroTierOne: smart ethernet switch for earth.
- Network Scanners:
- masscan: TCP port scanner, spews SYN packets asynchronously.
- nmap: utility for network scanning and discovery and security auditing
- RustScan: quick port scanner implemented in rust.
- skanuvaty: fast DNS/network/port scanner.
- ZGrab2: fast, modular application-layer network scanner.
- ZMap: fast single packet network scanner.
- Assembly:
- ARM:
- Docs: official documentation.
- Instructions Reference: official instruction reference.
- MIPS:
- Manuals: official manuals.
- RISC-V:
- Book assembly: introduction to Assembly Programming with RISC-V.
- Manuals: official specifications.
- RISC-V card: unofficial assembly reference for RISC-V.
- x86:
- felixcloutier.com: instructions reference.
- Software Developer Manuals: official manuals.
- ARM:
- C: C reference
- libc implementations:
- Libraries:
- libaco: blazing fast and lightweight C asymmetric coroutine library.
- libdill: structured concurrency in C.
- linux-syscall-support: low level C API for making direct Linux syscalls.
- sc: common libraries and data structures for C.
- Go: open source programming language supported by Google.
- Docs: official documentation.
- pkg.go.dev: packages documentation.
- Rust: secure system programming language.
- aquascope: Interactive visualizations of Rust at compile-time and run-time
- API guidelines: set of recommendations on how to design and present APIs for the Rust programming.
- AreWeRustYet: Awesome list of "Are We thing Yet" for Rust
- Black Hat Rust: applied offensive security with Rust.
- Book: introductory book about Rust.
- Cargo Book: official cargo book.
- Cheats: Rust language cheat sheet.
- Clippy: lints to catch common mistakes and improve your Rust code.
- crates.io: rust community's crate registry.
- cryptography.rs: list of actively maintained, high-quality cryptography libraries.
- Design patterns: catalogue of Rust design patterns, anti-patterns and idioms.
- Easy Rust: rust explained using easy English.
- Editions: editions guide.
- Embedded Rust Book: introductory book about using the Rust Programming Language on "Bare Metal" embedded systems.
- esp-rs: Rust on ESP.
- Macros: the little book of rust macros.
- min-sized-rust: how to minimize Rust binary size.
- Offensive Rust: Rust Weaponization for Red Team Engagements.
- Official Repository: official Rust repository.
- Performance: Rust Performance Book.
- Practice: easily diving into and get skilled with Rust.
- Raspberrypi OS Tutorials: learn to write an embedded OS in Rust.
- Redox OS: Unix-like Operating System written in Rust.
- RFCs: RFCs for changes to Rust.
- Rustonomicon: awful details that you need to understand when writing Unsafe Rust programs.
- Rust Reference: primary reference for the Rust programming language.
- rustup: installer for the systems programming language Rust.
- std: standard library documentation.
- Windows RS: Rust for Windows.
- This Week In Rust: handpicked Rust updates, delivered to your inbox.
- Libraries:
- Async Runtimes:
- avml: Acquire Volatile Memory for Linux.
- Aya: eBPF library for the Rust programming language.
- embassy: framework for embedded applications.
- Goblin: cross-platform binary parsing crate, written in Rust.
- libp2p: Rust Implementation of the libp2p networking stack.
- nix: rust friendly bindings to *nix APIs.
- redbpf: Rust library for building and running BPF/eBPF modules.
- redhook: dynamic function call interposition / hooking (LD_PRELOAD) for Rust.
- Rustix: Safe Rust bindings to POSIX/Unix/Linux/Winsock2 syscalls.
- Angr: user-friendly binary analysis platform.
- BAP: binary analysis platform.
- BinDiff: compare executables by identifying identical and similar functions.
- BinExport: export disassemblies into Protocol Buffers.
- CAPA: tool to identify capabilities in executable files.
- lancelot-flirt: library for parsing, compiling, and matching Fast Library Identification and Recognition Technology (FLIRT) signatures.
- Capstone Engine: disassembly/disassembler framework.
- cpu_rec: recognize cpu instructions in an arbitrary binary file.
- CyberChef: web app for encryption, encoding, compression and data analysis.
- decomp2dbg: plugin to introduce interactive symbols into your debugger from your decompiler.
- Diffware: configurable tool providing a summary of the changes between
two files or directories
- Diffoscope: directory differ.
- DogBolt: decompiler explorer.
- ELFKickers: collection of programs that access and manipulate ELF files.
- flare-emu: easy to use and flexible interface for scripting emulation tasks.
- FLOSS: FLARE Obfuscated String Solver.
- fq: jq for binary formats.
- Ghidra: software reverse engineering (SRE) framework.
- Kaitai Struct: declarative language to generate binary data parsers.
- Keystone Engine: assembler framework.
- Linux syscalls: Linux kernel syscall tables
- McSema: Framework for lifting program binaries to LLVM bitcode.
- Metasm: a free assembler / disassembler / compiler.
- Miasm: reverse engineering framework in Python.
- Radare2: UNIX-like reverse engineering framework and command-line
toolset.
- Book: radare2 official book.
- Cutter: GUI based on Rizin.
- pwntools-r2: launch radare2 like a boss from pwntools in tmux.
- Rizin: radare2 fork.
- REMnux: Linux toolkit for reverse-engineering.
- RetDec: retargetable machine-code decompiler based on LLVM.
- Yara: pattern matching swiss knife for malware researchers.
- FreeRTOS: open source, real-time operating system for microcontrollers.
- MangooseOS: IoT operating system and networking library.
- ThreadX: advanced real-time operating system (RTOS) designed specifically for deeply embedded applications.
- Tock: secure embedded operating system for microcontrollers.
- Zephyr: mall, scalable, real-time operating system (RTOS).
- Docs: zephyt project documentation.
- Code Sandboxing: code execution isolation and containment with sandbox solutions.
- gvisor: application Kernel for Containers.
- Firecracker: secure and fast microVMs for serverless computing.
- KAta containers: standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
- nano: kernel designed to run one and only one application in a virtualized environment.
- ops: build and run nanos unikernels.
- RustyHermit: rust-based, lightweight unikernel.
- sandboxed-api: generates sandboxes for C/C++ libraries automatically.
- Unikraft: automated system for building specialized OSes known as unikernels.
- curl: command line tool and library for transferring data with URL syntax.
- patchelf: small utility to modify the dynamic linker and RPATH of ELF executables.
- tcpdump: command-line packet analyzer.
- wireshark: network protocol analyzer.
- tshark: CLI tool for analyzing network traffic.
- tshark.dev: guide to working with packet captures on the command-line.
- bcc: rools for BPF-based Linux IO analysis, networking, monitoring, and more.
- bpftrace: high-level tracing language for Linux eBPF.
- cannoli: high-performance QEMU memory and instruction tracing.
- DynamoRIO: runtime code manipulation system.
- Falco: cloud native runtime security tool.
- Frida: instrumentation toolkit for developers, reverse-engineers, and security researchers.
- LIEF: library to Instrument Executable Formats.
- ltrace: intercepts and records both the dynamic library calls and signals.
- QDBI: a Dynamic Binary Instrumentation framework based on LLVM.
- Reverie: ergonomic and safe syscall interception framework for Linux (Rust).
- S2E: platform for multi-path program analysis with selective symbolic execution.
- strace: diagnostic, debugging and instructional userspace utility for Linux.
- Tracee: Linux Runtime Security and Forensics using eBPF.
- OP-TEE: Open Portable Trusted Execution Environment.
- TrustedFirmware: reference implementation of secure software for Armv8-A, Armv9-A and Armv8-M.
- Docs: official OP-TEE documentation.
- TEE-reversing: A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices.