The Best 483 Security Libraries

483 Components & Libraries

Sortby

Security Repositories

Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more

The following Sankey flow diagram shows the current glyph sets included: or, in Powershell (Windows only): or, in Powershell (Windows only): Use the provided Python command line script to generate a …

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

General information, tutorials, and precompiled binaries can be found on the mitmproxy website. The documentation for mitmproxy is available on our website: If you have questions on how to use mitmpr…

Probabilistic-Programming-and-Bayesian-Methods-for-Hackers

aka "Bayesian Methods for Hackers": An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)

After some recent success of Bayesian methods in machine-learning competitions, I decided to investigate the subject again. Even with my mathematical background, it took me three straight-days of rea…

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

You have three options to generate your own hosts file. You can use our container image, build your own image, or do it in your own environment. Option #1 is easiest if you have Linux with Docker ins…

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Version: v3.6 beta Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of pe…

The Rogue Access Point Framework

Wifiphisher is... ...powerful. Wifiphisher can run for hours inside a Raspberry Pi device executing all modern Wi-Fi association techniques (including "Evil Twin", "KARMA" and "Known Beacons"). ...fl…

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Input encrypted text, get the decrypted text back. "What type of encryption?" That's the point. You don't know, you just know it's possibly encrypted. Ciphey will figure it out for you. Ciphey can so…

Exploitation Framework for Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aid penetration testing operations: Required: Optional: Bluetoot…

Web path scanner

An advanced web path brute-forcer Choose one of these installation options: dirsearch allows you to pause the scanning progress with CTRL+C, from here, you can save the progress (and continue later),…

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

In order to get started URH runs on Windows, Linux and macOS. Click on your operating system below to view installation instructions. To execute the Universal Radio Hacker without installation, just …

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

SpiderFoot can be used offensively (e.g. in a red team exercise or penetration test) for reconnaissance of your target or defensively to gather information about what you or your organisation might h…

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store o…

fsociety Hacking Tools Pack – A Penetration Testing Framework

Daemon to ban hosts that cause multiple authentication errors

Though Fail2Ban is able to reduce the rate of incorrect authentication attempts, it cannot eliminate the risk presented by weak authentication. Set up services to use only two factor, or public/priva…

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

People tracker on the Internet: Learn to track the world, to avoid being traced. Session recognition is one of trape most interesting attractions, since you as a researcher can know remotely what ser…

DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP

The must list The second must list :) Seriously though, don't try to master everything in this list and start with something that you are interested in. The order has no meaning in this case. There a…

A lossless video/GIF/image upscaler achieved with waifu2x, Anime4K, SRMD and RealSR. Started in Hack the Valley 2, 2018.

Join our Telegram discussion group to ask any questions you have about Video2X, chat directly with the developers, or discuss about upscaling technologies and the future of Video2X in general. The fo…

Performant type-checking for python.

We start by creating an empty project directory and setting up a virtual environment: Next, we teach Pyre about our new project: We are now ready to run Pyre: Pyre is licensed under the MIT license.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

Osintgram offers an interactive shell to perform analysis on Instagram account of any users by its nickname. You can get: Fork/Clone/Download this repo Navigate to the directory Create a virtual envi…

At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.

Site Reliability Engineers (SREs) sits at the intersection of software engineering and systems engineering. While there are potentially infinite permutations and combinations of how infrastructure a…

A hacky debugger UI for hackers

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views tha…

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

or Or for our MacPorts fans: You come across a new piece of malware called WantToCry. You think back to Wannacry and remember it was stopped because a researcher found a kill-switch in the code. When…

Securely and anonymously share files, host websites, and chat with friends using the Tor network

OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network.

StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, incident responses, troubleshooting, deployments, and more for DevOps and SREs. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html

StackStorm is a platform for integration and automation across services and tools. It ties together your existing infrastructure and application environment so you can more easily automate that envir…

Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins agains…

Malicious traffic detection system

The following (black)lists (i.e. feeds) are being utilized: As of static entries, the trails for the following malicious entities (e.g. malware C&Cs or sinkholes) have been manually included (fro…

A extendable, replaceable Python algorithmic backtest && trading framework supporting multiple securities

RQAlpha 从数据获取、算法交易、回测引擎，实盘模拟，实盘交易到数据分析，为程序化交易者提供了全套解决方案。 RQAlpha 具有灵活的配置方式，强大的扩展性，用户可以非常容易地定制专属于自己的程序化交易系统。 RQAlpha 提供了极具拓展性的 Mod Hook 接口，这意味着开发者可以非常容易的对接第三方库。您可以通过如下方式使用安装和使用Mod: 以下是目前已经集成的 Mod 列表…

Automated Mass Exploiter

Receiving back connections on your local machine might not be the best idea from an OPSEC standpoint. Instead consider running this tool from a VPS that has all the dependencies required, available. …

Low code web framework for real world applications, in Python and Javascript

Login for the PWD site: (username: Administrator, password: admin) By contributing to Frappe, you agree that your contributions will be licensed under its MIT License.

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

It provides a single UI to browse and search through all of your accounts, regions, and cloud services. The monkey remembers previous states and can show you exactly what changed, and when. It works…