Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work. Learn more →
Top 23 Python Hacking Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Project mention: Becoming a security researcher. Help with a realistic timeline? | reddit.com/r/AskNetsec | 2023-05-17- https://github.com/swisskyrepo/PayloadsAllTheThings - https://book.hacktricks.xyz/welcome/readme
-
-
ONLYOFFICE
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
-
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
-
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
-
Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | reddit.com/r/SaaS | 2023-05-22
DirSearch
-
Project mention: piece of software to find /crawl information about yourself? | reddit.com/r/opsec | 2023-04-10
I’d suggest Spiderfoot.
-
Project mention: [Github] - jopohl/urh: Universal Radio Hacker: Investigate Wireless Protocols Like A Boss | reddit.com/r/FlipperZeroDev | 2023-04-30
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
Project mention: ILPT Request: how do I track a phone... | reddit.com/r/IllegalLifeProTips | 2022-11-24
-
Osintgram
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Project mention: Phone numbers or emails behind social media accounts | reddit.com/r/OSINT | 2023-05-22 -
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Honestly when I saw desktopimgdownldr.exe I thought LOLBAS as well. https://github.com/carlospolop/hacktricks/blob/master/windows-hardening/basic-cmd-for-pentesters.md
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Is there a library written in Go similar to PyWhat? I want to use a subset of the functionality for a simple go program I'm writing. I could just call PyWhat, link to lemmeknow, or even write a simple go implementation myself, but I wanted to ask if there was a pure go implementation. Thanks!
-
-
h8mail
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Project mention: Tool for looking into information associated with an email address? | reddit.com/r/Pentesting | 2022-12-08 -
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Project mention: Is MSF Venom - Metasploit a good investment for the long run in terms of RATs? | reddit.com/r/Hacking_Tutorials | 2022-12-28Villain (recommend) https://github.com/t3l3machus/Villain
-
PhoneSploit-Pro
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
PhoneSploit Pro It is a Cybersecurity tool using which you can test the security of your Android devices.
-
Project mention: What paths are the most common ones to find the file system on a webserver. ? | reddit.com/r/hacking | 2022-07-18
add these in too https://github.com/evyatarmeged/Raccoon/blob/master/raccoon_src/wordlists/fuzzlist
-
-
hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
-
Project mention: ULPT Request. I have my asshole neighbor's wifi password. Is there a way to make it painfully slow for them to use? | reddit.com/r/UnethicalLifeProTips | 2022-11-16
-
-
Project mention: [GitHub Action]: Wrappers for sqlmap, bbot and nikto | reddit.com/r/cybersecurity | 2023-05-29
Its not that much of a tool than wrappers of few awesome tools that most of you probably know and use today - sqlmap, bbot and nikto.
-
Ghost
Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. (by EntySec)
-
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Project mention: IT Pro Tuesday #223 - iOS Shell, SharePoint Shortcuts, Multithreaded Info Collector & More | reddit.com/r/ITProTuesday | 2022-10-18Reconnoitre is an open-source SNMP tool that collects multithreaded information and service enumeration. hombre_sabio sees it as "a robust security solution… It builds directories for IT structures that store results from various sources. It automates collecting information using suggested commands and directory structures."
-
InfluxDB
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-05-29.
Python Hacking related posts
- [GitHub Action]: Wrappers for sqlmap, bbot and nikto
- [GitHub Action][Release]: Add DAST and OSINT to your security pipelines
- Alternative to Datawalk or Analyst's Notebook?
- Becoming a security researcher. Help with a realistic timeline?
- Want to hack school laptop? Any tips or applications that I can download?
- Help
- Where do I start on this journey?
-
A note from our sponsor - Sonar
www.sonarsource.com | 1 Jun 2023
Index
What are some of the best open-source Hacking projects in Python? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | PayloadsAllTheThings | 47,941 |
| 2 | hackingtool | 30,426 |
| 3 | Ciphey | 13,438 |
| 4 | owasp-mastg | 10,310 |
| 5 | dirsearch | 9,710 |
| 6 | spiderfoot | 9,686 |
| 7 | urh | 9,450 |
| 8 | trape | 7,526 |
| 9 | Osintgram | 6,796 |
| 10 | hacktricks | 6,536 |
| 11 | pyWhat | 5,966 |
| 12 | caldera | 4,350 |
| 13 | h8mail | 3,298 |
| 14 | Villain | 2,843 |
| 15 | PhoneSploit-Pro | 2,826 |
| 16 | Raccoon | 2,794 |
| 17 | trackerjacker | 2,470 |
| 18 | hoaxshell | 2,412 |
| 19 | kickthemout | 2,290 |
| 20 | github-dorks | 2,287 |
| 21 | bbot | 2,142 |
| 22 | Ghost | 2,113 |
| 23 | Reconnoitre | 2,024 |
Access the most powerful time series database as a service
Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
www.influxdata.com