<![CDATA[Hack with GitHub - Medium]]> https://medium.com/hack-with-github?source=rss----946c37ed5afe---4 https://cdn-images-1.medium.com/proxy/1*TGH72Nnw24QL3iV9IOm4VA.png Hack with GitHub - Medium https://medium.com/hack-with-github?source=rss----946c37ed5afe---4 Medium Sun, 17 May 2026 02:59:23 GMT <![CDATA[Black Hat Arsenal USA 2018 — The w0w lineup]]> https://medium.com/hack-with-github/black-hat-arsenal-usa-2018-the-w0w-lineup-7de9b6d32796?source=rss----946c37ed5afe---4 https://medium.com/p/7de9b6d32796 Sun, 03 Jun 2018 10:02:44 GMT 2018-06-03T14:22:22.970Z

After the huge success of Black Hat Arsenal USA 2017, @toolswatch has now announced the list of tools selected for Black Hat Arsenal USA 2018.

ToolsWatch on Twitter

Black Hat Arsenal USA 2018 The "w0w" Lineup !! https://t.co/h6afO5uRHD @BlackHatEvents @MadelineS_M @MaxiSoler @rachidharrando

This time there were a huge number of proposals than expected, so the Arsenal team had a tough time selecting the tools.

ToolsWatch on Twitter

Congratulations for everyone who got accepted for the #BHUSA18 Arsenal. The choice was very difficult. Promise we will give priority for those rejected in the next session in London.

NOTE: If you have submitted a proposal and didn’t get selected, don’t worry. Please do submit it again for Black Hat Arsenal EU 2018 / ASIA 2019. The rejected tools don’t necessarily mean that they aren’t good. Also the rejected tools are on the priority list for consideration in upcoming Black Hat Arsenal events.

Some of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories. The tools are arranged according to their tracks. If you like the tool, go to its repository and click Watch to keep updated on the latest commits and pushes.

Some tools will be updated during/after the Arsenal event. Links to the GitHub repositories of those tools will be eventually updated in this article.

If you feel that this article is missing links to some Arsenal tools hosted on GitHub, please comment so that it will updated.

NOTE: Arsenal Theater Demos are denoted using the Projector emoji — 📽️

Android, iOS and Mobile Hacking

Code Assessment

Cryptography

Data Forensics and Incident Response

Exploitation and Ethical Hacking

Hardware/Embedded

Internet of Things

Malware Defense

Malware Offense

Network Attacks

Network Defense

OSINT — Open Source Intelligence

Reverse Engineering

Smart Grid / Industrial Security

Vulnerability Assessment

Web AppSec

If you haven’t looked at the selected tools, check the below embed to view the complete details of the tools and its presenters.

Black Hat Arsenal USA 2018 The "w0w" Lineup !!

If you liked this article, click the 👏 button (even upto 50 times) and share so that other people will see it here on Medium.

Black Hat Arsenal USA 2018 — The w0w lineup was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Top 5 Security Tools — November 2017]]> https://medium.com/hack-with-github/top-5-security-tools-november-2017-7e7f7cb763e?source=rss----946c37ed5afe---4 https://medium.com/p/7e7f7cb763e Sun, 03 Dec 2017 04:07:13 GMT 2017-12-03T04:07:13.049Z Here are the top 5 tools and repositories which got lots of likes and retweets for the month — November 2017.

Hack with GitHub on Twitter

Icewater - About 3,000 Free #YARA rules for the detection of #malware and malicious files Author: @wessorh https://t.co/zvtgmB5eQq

Hack with GitHub on Twitter

ThreatHunting - #Powershell collection designed to assist in #ThreatHunting Windows systems by @DLAMIL https://t.co/tnhx3KZlfP

Hack with GitHub on Twitter

DVNA - Damn Vulnerable #NodeJS Application by @appseccouk https://t.co/oRQ3yHgIoR

Hack with GitHub on Twitter

Exploits - A handy collection of public #exploits, all in one place Curator: @0xdea https://t.co/8gC76phjvp

Hack with GitHub on Twitter

Android-Reports-and-Resources - A big list of #Android #HackerOne disclosed reports and other resources Author: @B3nac #BugBounty https://t.co/DyJARu3uw9

Other interesting tweets

Hack with GitHub on Twitter

Introducing "InfoSec Badges" - repository which hosts badges for you tool presented at Security Conference. If you want other conferences to be added, please raise an issue. https://t.co/EHYDkX6WFk

Mathy Vanhoef on Twitter

Scripts to test if clients are affected by the WPA2 #KRACK attack are now available at https://t.co/u2cmmEQ4dh Do a new git clone!

MalwareTech on Twitter

Decided to publish my TrickBot Tools https://t.co/QV15wgQfUK

Theori on Twitter

As promised in @zoaedk's talk at #POC2017, we are releasing pwn.js that helps writing browser exploits easier and cleaner. Check it out and feel free to contribute! https://t.co/kkxqaImB54

GitHub on Twitter

Now GitHub can help you find and fix vulnerabilities in your dependencies. Just enable your dependency graph to start receiving security alerts-currently supported in Ruby and JavaScript: https://t.co/QPBJbkdSWC https://t.co/9NffMXWp4L

If you liked this article, click the 👏 button and share so that other people will see it here on Medium.

Top 5 Security Tools — November 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Top 5 Security Tools — October 2017]]> https://medium.com/hack-with-github/top-5-security-tools-october-2017-76ab31834efd?source=rss----946c37ed5afe---4 https://medium.com/p/76ab31834efd Wed, 01 Nov 2017 06:31:32 GMT 2017-11-01T06:31:32.529Z https://medium.com/media/eada89a2556bc3517762fbe74ff2daf0/href

Here are the top 5 tools and repositories which got lots of likes and retweets for the month — October 2017.

Hack with GitHub on Twitter

Awesome-Red-Teaming : List of Awesome #RedTeaming Resources Curator: @yeyint_mth https://t.co/uMXp50tAXz

Hack with GitHub on Twitter

awesome-web-security - Curated list of #Web #Security materials and resources Curator: @qazbnm456 https://t.co/pDbvm3BGcI

Hack with GitHub on Twitter

Awesome YARA - Curated list of awesome #YARA rules, tools, and resources by @InQuest Curator: @rshipp42 https://t.co/yfRIFYoilD

Hack with GitHub on Twitter

Awesome Hacking Resources - Collection of #hacking/#pentesting resources to make you better Curator: @b07_bu573r https://t.co/T3HQKw2mAC

Hack with GitHub on Twitter

Deceptive IDN - Use computer vision to determine #Phishing sites Author: @withzombies https://t.co/5M9BjZ44LO

Top 3 BlackHat Arsenal Tools :

All the BlackHat arsenal tools hosted on GitHub were tweeted. These are the top 3 tools which got the most retweets and likes.

Hack with GitHub on Twitter

2FAssassin - Bypass Two-Factor-Authentication #2FA #BlackHatArsenal https://t.co/w07OOfwF6i

Hack with GitHub on Twitter

WHID - WiFi #HID Injector - An USB #Rubberducky / BadUSB On Steroids Author: @LucaBongiorni https://t.co/47DB5bo4Cz

Hack with GitHub on Twitter

CERTitude - An Open-Source and Agentless Compromise Assessment Tool #BlackHatArsenal https://t.co/wPsxNTNfp0

Other Interesting Tweets :

Dmytro Oleksiuk on Twitter

I released some part of my DMA attack tools based on Xilinx SP605 evaluation kit to public, enjoy :) https://t.co/M5ZnmsVbtB

ron190 💉 on Twitter

SQL injection using SOAP and JSON with jsql-injection. Get it on Github https://t.co/pacfG19RxN and contribute to the translation #infosec

radare on Twitter

radare2-2.0.0 is out! https://t.co/BHlWLIYMqn

Mathy Vanhoef on Twitter

Script to test APs for KRACK attack against FT handshake (802.11r - CVE-2017-13082) is online https://t.co/KpWafDHc8f

Jobert Abma on Twitter

New tool: extracting relative URLs from minified files. Very helpful during recon! https://t.co/dzIaoEwB8G #TogetherWeHitHarder

Hack with GitHub on Twitter

Hashcat v4.0.0 released ! This release is mostly password and salt length up to 256 support. https://t.co/tNjqhiqQx4

If you liked this article, click 👏 👏 👏 button and share so that other people will see it here on Medium.

Top 5 Security Tools — October 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Black Hat Arsenal EU 2017]]> https://medium.com/hack-with-github/black-hat-arsenal-eu-2017-9ba00f8740b0?source=rss----946c37ed5afe---4 https://medium.com/p/9ba00f8740b0 Wed, 04 Oct 2017 20:01:54 GMT 2017-10-04T20:01:53.984Z

On October 1, 2017 @toolswatch announced the tools selected for Black Hat Arsenal Europe 2017.

ToolsWatch on Twitter

Black Hat Arsenal Europe 2017 Lineup: The Las Vegas Black Hat Arsenal during... https://t.co/Or5THT9HEq #ToolsWatch

Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories. The tools are arranged according to their tracks. If you like the tool, go to its repository and click Watch to keep updated on the latest commits and pushes.

Some tools will be updated during/after the Arsenal event. Links to the GitHub repositories of those tools will be eventually updated in this article.

Android, iOS and Mobile Hacking

Cryptography

Data Forensics and Incident Response

Exploitation and Ethical Hacking

Hardware/Embedded

Human Factors

Internet of Things

Malware Defense

Network Attacks

Network Defense

OSINT — Open Source Intelligence

Vulnerability Assessment

Web AppSec

If you haven’t looked at the selected tools, check the below embed to view the complete details of the tools and its presenters.

Black Hat Arsenal Europe 2017 Lineup

If you liked this article, click 👏 👏 👏 button and share so that other people will see it here on Medium.

Black Hat Arsenal EU 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Top 5 Security Tools — September 2017]]> https://medium.com/hack-with-github/top-5-security-tools-september-2017-c0a86bb6379e?source=rss----946c37ed5afe---4 https://medium.com/p/c0a86bb6379e Sat, 30 Sep 2017 09:19:56 GMT 2017-09-30T09:19:56.395Z Here are the top 5 tools which got lots of likes and retweets for the month — September 2017.

Hack with GitHub on Twitter

HTTPLeaks - All possible ways, a website can leak HTTP requests by @cure53berlin https://t.co/6zj7kGFQQt

Hack with GitHub on Twitter

bugbounty-cheatsheet - List of interesting #payloads, tips and tricks for #BugBounty hunters Curator: @EdOverflow https://t.co/HqPCKUDiIM

Hack with GitHub on Twitter

CVE-2017-8759 - #Exploit #toolkit to test Microsoft .NET Framework #RCE #meterpreter #payload Author: @bhdresh https://t.co/Z3yfqbj6FO

Hack with GitHub on Twitter

Useful_Websites_For_Pentester : Collection of the #websites that can be used by #pentesters https://t.co/oXvm3uPtEe

Hack with GitHub on Twitter

linux-re-101 - A collection of resources for #linux #ReverseEngineering Author: @michalmalik https://t.co/g4zd0iAkNe

Other Interesting Tweets :

Hack with GitHub on Twitter

Tools on GitHub that have made it into @kalilinux 2017.2 https://t.co/lLveo0J2rC

If you liked this article, click 👏 👏 👏 button and share so that other people will see it here on Medium.

Top 5 Security Tools — September 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[What’s new in Kali Linux 2017.2]]> https://medium.com/hack-with-github/whats-new-in-kali-linux-2017-2-519ca23a8893?source=rss----946c37ed5afe---4 https://medium.com/p/519ca23a8893 Sat, 23 Sep 2017 04:16:49 GMT 2017-09-23T04:16:48.444Z

Hey,

Recently, the most awaited Kali Linux 2017.2 was released. There are a lot of updates, tool additions and much more cool stuff shipped with the release. Get more details on the release at https://www.kali.org/news/kali-linux-2017-2-release/.

Before you go, do you want to know the latest tools that have been added to Kali Linux 2017.2 ?

Check out our article : Tools on GitHub that have made it into Kali 2017.2.

Have a great weekend !

Chandrapal

What’s new in Kali Linux 2017.2 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Tools on GitHub that have made it into Kali 2017.2]]> https://medium.com/hack-with-github/tools-on-github-that-have-made-it-into-kali-2017-2-fc2affc636e0?source=rss----946c37ed5afe---4 https://medium.com/p/fc2affc636e0 Fri, 22 Sep 2017 19:10:56 GMT 2017-09-24T04:48:37.982Z

Kali Linux 2017.2 was released on September 20, 2017. This release is a roll-up of all updates and fixes since our 2017.1 release in April. More than a dozen Open Source tools present on GitHub have been added to this release.

This article showcases the tools that have been added to the latest release along with their descriptions. For more details on the release, have a look at the official release page .

New Tools

The newly added tools are:

apt2

[ https://github.com/MooseDojo/apt2 ]

An Automated Penetration Testing Toolkit.

This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information.

b374k

[ https://github.com/b374k/b374k ]

This PHP Shell is a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc. All actions take place within a web browser.

BloodHound

[ https://github.com/BloodHoundAD/BloodHound ]

BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths.

BruteSpray

[ https://github.com/x90skysn3k/brutespray ]

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

changeme

[ https://github.com/ztgrace/changeme ]

A default credential scanner. changeme is designed to be simple to add new credentials without having to write any code or modules.

CrackMapExec

[ https://github.com/byt3bl33d3r/CrackMapExec ]

CrackMapExec is your one-stop-shop for pentesting Windows/Active Directory environments!
From enumerating logged on users and spidering SMB shares to executing psexec style attacks and auto-injecting Mimikatz into memory using Powershell!

CredDump7

[ https://github.com/moyix/creddump ]

Python tool to extract various credentials and secrets from Windows registry hives. It essentially performs all the functions that bkhive/samdump2, cachedump, and lsadump2 do, but in a platform-independent way.

Crowbar

[ https://github.com/galkan/crowbar ]

Brute-forcing tool that can be used during penetration tests. It is developed to brute force some protocols in a different manner according to other popular brute forcing tools.

hURL

[ https://github.com/fnord0/hURL ]

A useful little hexadecimal and URL encoder/decoder

Hyperion

[ https://github.com/nullsecuritynet/tools/tree/master/binary/hyperion ]

Hyperion is a runtime encrypter for 32-bit portable executables.

InSpy

[ https://github.com/gojhonny/InSpy ]

A python based LinkedIn enumeration tool.

OSRFramework

[ https://github.com/i3visio/osrframework ]

OSRFramework is a GNU AGPLv3+ set of libraries developed by i3visio to perform Open Source Intelligence tasks. They include references to a bunch of different applications related to username checking, DNS lookups, information leaks research, deep web search, regular expressions extraction and many others.

Phishery

[ https://github.com/ryhanson/phishery ]

A simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document.

RedSnarf

[ https://github.com/nccgroup/redsnarf ]

A pen-testing / red-teaming tool for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques.

SSH-Audit

[ https://github.com/arthepsy/ssh-audit ]

A tool for SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

wig

[ https://github.com/jekyc/wig ]

WebApp Information Gatherer is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.

Updated Tools

On top of all the new packages, this release also includes numerous package updates.

The updated tools are :

Other interesting packages:

Lots of Python packages are also added.

For more details on the changes, have a look at the official change log page .

It’s never too late to write code.
If you wish to create a security tool, do it now.
Who knows, it might be included in a future release of Kali.

Call to Action

If you liked this article, click 👏 👏 👏 and share so that other people will see it here on Medium.

Want to get daily updates on latest security tools developed on GitHub, then follow us on Twitter, Facebook and GitHub.

Tools on GitHub that have made it into Kali 2017.2 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Top 5 Security Tools — August 2017]]> https://medium.com/hack-with-github/top-5-security-tools-august-2017-21e6dc088f8e?source=rss----946c37ed5afe---4 https://medium.com/p/21e6dc088f8e Fri, 01 Sep 2017 11:46:21 GMT 2017-09-01T11:46:20.907Z Hey,

Lots of tools were tweeted in August but most of the security folks found 5 tools really useful.

Wanna know which tools ? Have a look at it.

https://medium.com/hack-with-github/top-5-security-tools-august-2017-bbae4e155c59

Happy Hacking !

Top 5 Security Tools — August 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Top 5 Security Tools —August 2017]]> https://medium.com/hack-with-github/top-5-security-tools-august-2017-bbae4e155c59?source=rss----946c37ed5afe---4 https://medium.com/p/bbae4e155c59 Thu, 31 Aug 2017 18:31:01 GMT 2017-08-31T18:31:01.080Z Here are the top 5 tools which got lots of likes and retweets for the month — August 2017.

Hack with GitHub on Twitter

portia - Automated tool for internal #network #pentests Author: @keith55 https://t.co/gaJC4VqZAY

Hack with GitHub on Twitter

Awesome #Lockpicking : Curated list of awesome resources related to the #security and compromise of locks https://t.co/9by7A8KIrE

Hack with GitHub on Twitter

Sherlock - #PowerShell script to find missing software patches for #PrivEsc #vulnerabilities Author: @_RastaMouse https://t.co/scMry9JTVM

Hack with GitHub on Twitter

canisrufus - A stealthy #Python based #Windows #backdoor that uses Github as a C&amp;C server Author: @maldevel https://t.co/jTo6zmoumn

Hack with GitHub on Twitter

Penetration Testing tools - Curated list of latest #pentest tools by @AptiveSec Curator: @HighOn_Coffee https://t.co/iat6yg53Us

Cool Gists

Hack with GitHub on Twitter

A collection of good #XXE #Payloads https://t.co/njYqSdJXso

Other interesting tweets

rvrsh3ll on Twitter

Empire 2.1 is out! Check the changelog https://t.co/x8HDDItEji Some great additions including Invoke-Obfuscation from @cobbr_io

bettercap on Twitter

Yo, bettercap v1.6.2 is out with a lot of new features! https://t.co/ZSQEEaa3lL

ToolsWatch on Twitter

We are trying to keep a track about all tools (and authors) presented in Black Hat Arsenal since 2011 https://t.co/UQPGsJ7Dbn

Achievements

Our repository Awesome-Hacking reached 17,000+ stars

GitHub - Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers

We also started a new repository — Awesome-Security-Gists — to curate GitHub gists related to security.

Hack-with-Github/Awesome-Security-Gists

If you liked this article, click the 👏 button and share so that other people will see it here on Medium.

Top 5 Security Tools —August 2017 was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]> <![CDATA[Thanks for your support !]]> https://medium.com/hack-with-github/thanks-for-your-support-7573f0ee7d51?source=rss----946c37ed5afe---4 https://medium.com/p/7573f0ee7d51 Tue, 08 Aug 2017 04:58:36 GMT 2017-08-28T06:27:08.869Z On August 07, 2017 we woke up to the news that our baby project Awesome-Hacking turned out to be the top trending repository on GitHub.

It successfully crossed 10,000 stars which indeed is a great achievement. It was overwhelmingly joyful to see that our repository overtook other GitHub repositories of large organizations like Google, Facebook and Microsoft, in terms of the number of stargazers on that particular day.

There was a huge increase on the traffic to the repository — 10,000+ views and 6,000+ unique views — in a single day.

So many cool people shared this repository on Twitter:

Azeria on Twitter

For those of you looking for resources, here's a great collection of repositories covering various security topics: https://t.co/klXt3umCqF

Binni Shah on Twitter

Hack with Github : Hacking Lists Index : https://t.co/bbp640cdHW

Catalin Cimpanu on Twitter

The mother of all infosec lists https://t.co/Wd5IhWr15Z

PenTest Magazine on Twitter

Awesome Hacking-collection of awesome lists for hackers, pentesters &amp; security researchers #hacking #pentesting https://t.co/B1zhgVgxqL

This wouldn’t have been possible without your support through stargazing and sharing the repository on Twitter and Facebook.

Thank you.

If you haven’t shared this repository, heres a chance to do that on Twitter:

Awesome-Hacking :
Collection of awesome lists for hackers, pentesters and security researchers by @HackwithGithub
https://github.com/Hack-with-Github/Awesome-Hacking
If you liked this article, click the 👏 button and share so that other people will see it here on Medium.

Thanks for your support ! was originally published in Hack with GitHub on Medium, where people are continuing the conversation by highlighting and responding to this story.

]]>