# Honeypot Deployment and Analysis Tools > Search results for `deploy honeypots to detect and study attackers` on awesome-repositories.com. 117 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/deploy-honeypots-to-detect-and-study-attackers **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/deploy-honeypots-to-detect-and-study-attackers).** ## Results - [elastic/detection-rules](https://awesome-repositories.com/repository/elastic-detection-rules.md) (2,508 ⭐) — This project is a detection-as-code framework providing a library of security monitoring rules and predefined detection content for Elasticsearch data indices. It serves as a threat detection rule library designed to identify malicious activity and attack patterns across diverse data streams in cloud and on-premises environments. The framework implements a detection engineering workflow where rules are defined in YAML and managed as versioned code. It includes a set of command-line utilities for automated rule deployment, metadata searching, and template generation, supported by a Python-based testing framework to validate rule syntax and accuracy before deployment. The system covers a broad range of security operations, including threat intelligence integration, cloud posture auditing, and security event correlation. It also provides capabilities for anomaly detection, entity risk analysis, and the coordination of security incidents through case management and alert noise suppression. - [1n3/sn1per](https://awesome-repositories.com/repository/1n3-sn1per.md) (10,049 ⭐) — Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan outputs and triage vulnerabilities, alongside an active exploit validation engine to eliminate false positives. Its broader capabilities cover mobile application auditing for Android and iOS binaries, dark web leak monitoring, and asset risk assessment. The system provides a security analysis dashboard for managing multi-user workspaces, generating structured reports, and configuring security tools via a web interface. The environment is deployed using containers and persistent volumes to ensure a reproducible runtime. - [abhineet123/deep-learning-for-tracking-and-detection](https://awesome-repositories.com/repository/abhineet123-deep-learning-for-tracking-and-detection.md) (2,508 ⭐) — This project is a curated research repository and structured index focused on deep learning techniques for object detection and tracking. It serves as a centralized archive for academic papers, datasets, and software implementations, providing a cohesive resource for studying methodologies used in image and video analysis. The repository distinguishes itself through a systematic approach to knowledge management, utilizing hierarchical file organization and metadata-driven tagging to categorize technical literature. By indexing domain-specific datasets and cross-referencing academic resources, it streamlines the discovery of materials necessary for developing and evaluating machine learning models. The collection covers a broad range of computer vision tasks, including static detection and video understanding. It provides a unified environment for aggregating disparate research assets, allowing users to browse and manage complex study materials through a structured taxonomy. - [delivr-to/detections](https://awesome-repositories.com/repository/delivr-to-detections.md) (75 ⭐) — A home for detection content developed by the delivr.to team - [wifiphisher/wifiphisher](https://awesome-repositories.com/repository/wifiphisher-wifiphisher.md) (14,631 ⭐) — Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing. It functions as a platform for security professionals to assess the resilience of Wi-Fi networks by simulating unauthorized access, performing man-in-the-middle interceptions, and executing credential-harvesting scenarios. The tool distinguishes itself through its ability to combine rogue access point deployment with dynamic phishing interfaces. By forcing wireless clients to associate with deceptive infrastructure, the framework can capture network metadata and inject it into personalized web templates in real time. This process is supported by low-level wireless control, including packet injection and deauthentication-based client steering, which allows the system to maintain a position between the target and the network. The framework provides extensive capabilities for traffic management and operational automation. It includes mechanisms for bridging client traffic to maintain internet connectivity during interception, as well as a modular extension system that allows users to execute custom Python scripts. These scripts can be used to automate complex attack workflows, enhance phishing scenarios, or integrate external tools during active security assessments. - [gophish/gophish](https://awesome-repositories.com/repository/gophish-gophish.md) (13,938 ⭐) — Gophish is an open-source phishing toolkit and simulation framework designed to test organizational security awareness and evaluate vulnerability to social engineering attacks. It provides a core engine for sending deceptive emails to targets and tracking their interactions to identify gaps in security training. The platform functions as a comprehensive campaign manager for deploying lures and monitoring email delivery and click-through rates. It allows for the design and execution of simulated email threats to track how targets interact with malicious-looking content or provide credentials in a controlled environment. The system covers a broad range of capabilities, including the management of simulated phishing campaigns, email vulnerability assessments, and the tracking of user interactions through protocol scanning and response monitoring. The software is distributed as a single compiled executable for deployment across different server environments. - [helospark/tomcat-manager-honeypot](https://awesome-repositories.com/repository/helospark-tomcat-manager-honeypot.md) (12 ⭐) — Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later study - [honojs/hono](https://awesome-repositories.com/repository/honojs-hono.md) (30,994 ⭐) — Hono is a lightweight web framework built on Web Standard APIs that executes across JavaScript runtimes including Cloudflare Workers, Deno, Bun, and Node.js. - [crewaiinc/crewai](https://awesome-repositories.com/repository/crewaiinc-crewai.md) (53,687 ⭐) — CrewAI is a multi-agent orchestration framework designed for building autonomous systems that execute complex, multi-step workflows. It provides a development platform where specialized agents are defined with specific roles, goals, and tool sets to perform tasks collaboratively. By leveraging a declarative workflow engine, the system manages task dependencies, state transitions, and execution logic, allowing for the creation of structured, stateful sequences of operations. The framework distinguishes itself through its hierarchical management capabilities, which utilize manager agents to coordinate specialist teams, delegate tasks, and oversee project execution. It incorporates a persistent memory architecture that enables agents to retain context and perform semantic searches across long-running operations. Furthermore, the system supports robust production-ready applications by enforcing schema-based output validation and providing execution checkpointing, which allows for mid-flight resumption and the replaying of specific tasks to debug or refine processes. Beyond its core orchestration, the project offers a comprehensive suite of developer utilities for managing agent performance and workflow reliability. This includes tools for training agents through iterative cycles, monitoring system events via a central execution bus, and visualizing workflow structures. The platform also features a provider-agnostic interface for integrating external APIs and utilities, ensuring that agents can interact with diverse real-world services while maintaining consistent data structures throughout the execution lifecycle. - [amv42/sshd-honeypot](https://awesome-repositories.com/repository/amv42-sshd-honeypot.md) (28 ⭐) — The sshd-honeypot is a modified version of the OpenSSH deamon that forwards commands to Cowrie where all commands are interpreted and returned. The sshd-honeypot is designed to let Cowrie log brute force attacks and the shell interaction performed by the attacker. As the sshd-honeypot uses… - [kgretzky/evilginx2](https://awesome-repositories.com/repository/kgretzky-evilginx2.md) (14,627 ⭐) — Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies content obfuscation to evade detection by security filters. These capabilities allow for the simulation of sophisticated phishing attacks and the assessment of organizational resilience against credential harvesting. The project includes comprehensive traffic management features, such as heuristic bot filtering, to protect the integrity of captured data from automated security scanners. It also provides a unified workflow for managing phishing campaigns, including the coordination of email delivery and the tracking of user interactions. The software is distributed as a command-line tool that handles the end-to-end configuration of network settings and domain resolution. - [jaykali/maskphish](https://awesome-repositories.com/repository/jaykali-maskphish.md) (3,020 ⭐) — Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific executables and mobile application packages to establish remote command sessions. The framework covers a broad surface of capabilities, including web application penetration testing, OSINT reconnaissance, memory and disk forensics, and wireless network auditing. It provides tools for payload generation, credential theft, and the automation of information gathering from public data sources. This project is implemented primarily as a shell-based application. - [googlecloudplatform/click-to-deploy](https://awesome-repositories.com/repository/googlecloudplatform-click-to-deploy.md) (0 ⭐) — Source for Google Click to Deploy solutions listed on Google Cloud Marketplace. - [gohugoio/hugo](https://awesome-repositories.com/repository/gohugoio-hugo.md) (88,701 ⭐) — Hugo is a high-performance static site generator that transforms source content and templates into optimized web assets. Built with a focus on speed and scalability, it provides a comprehensive framework for managing large-scale documentation and editorial projects through structured content organization, taxonomies, and a flexible template-driven rendering engine. The project distinguishes itself through a sophisticated build system that utilizes incremental caching to minimize redundant processing during site updates. It supports complex content requirements by enabling multidimensional modeling, which allows for the generation of diverse page variations from a single source, and multi-format output rendering that can produce HTML, JSON, RSS, or CSV simultaneously. Authors can extend their content using a modular shortcode system, while the integrated asset pipeline handles the transformation, minification, and optimization of images and stylesheets directly within the build lifecycle. Beyond its core generation capabilities, Hugo offers a robust command-line interface for managing the entire project lifecycle, including real-time development previews and automated deployment workflows. The system also features a modular dependency architecture, allowing users to import and version shared themes, layouts, and configuration components to maintain consistent design systems across multiple projects. - [cloud-architekt/azuread-attack-defense](https://awesome-repositories.com/repository/cloud-architekt-azuread-attack-defense.md) (2,471 ⭐) - [llm-attacks/llm-attacks](https://awesome-repositories.com/repository/llm-attacks-llm-attacks.md) (4,509 ⭐) — This repository provides tools and methodologies for studying adversarial attacks on large language models. It focuses on understanding how carefully crafted inputs can manipulate or bypass the safety mechanisms of LLMs, enabling researchers to probe model vulnerabilities and improve their robustness. The project covers techniques for generating adversarial prompts, evaluating model responses under attack conditions, and analyzing the effectiveness of different attack strategies. - [htr-tech/zphisher](https://awesome-repositories.com/repository/htr-tech-zphisher.md) (15,416 ⭐) — Zphisher is a security testing framework designed for conducting authorized social engineering assessments and penetration testing. It functions as a credential harvesting simulator that enables security professionals to evaluate organizational defenses and user awareness by deploying deceptive login interfaces. The platform automates the creation of realistic web pages through dynamic template rendering and provides tools to mask destination addresses. It integrates reverse proxy tunneling to expose local testing services to the public internet, allowing for remote access during security audits without requiring modifications to network firewall configurations. The tool supports the simulation of credential harvesting attacks to measure vulnerability within authentication workflows. It is packaged to ensure consistent execution across different host environments, facilitating the deployment of controlled testing infrastructure for security awareness training. - [lanjelot/twisted-honeypots](https://awesome-repositories.com/repository/lanjelot-twisted-honeypots.md) (87 ⭐) — SSH, FTP and Telnet honeypots based on Twisted - [fingerprintjs/fingerprintjs](https://awesome-repositories.com/repository/fingerprintjs-fingerprintjs.md) (27,334 ⭐) — Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by analyzing browser and device attributes. By extracting technical signals from the client environment, it enables reliable user tracking across sessions without relying on traditional cookies. The platform distinguishes itself through its focus on high-accuracy identification and security-first architecture. It employs edge-side proxying to bypass ad-blockers and privacy restrictions, ensuring consistent data collection. To maintain data integrity, it uses cryptographic payload sealing and server-side verification flows, which prevent tampering by ensuring that identification data is processed securely on the backend rather than solely on the client. Beyond core identification, the project provides a comprehensive suite for bot detection and security. It analyzes network metadata, device reputation, and behavioral patterns to identify malicious traffic, AI agents, and automated scrapers. These capabilities are supported by granular risk assessment tools, including confidence scoring and protection rulesets that allow for automated blocking of suspicious interactions. The platform offers extensive administrative and integration features, including multi-environment resource isolation, regional data residency controls, and programmatic API management. It supports diverse deployment environments through framework-specific SDKs, mobile integration, and automated proxy infrastructure deployment. - [z4nzu/hackingtool](https://awesome-repositories.com/repository/z4nzu-hackingtool.md) (77,515 ⭐) — This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating external repositories, allowing users to fetch and organize third-party tools directly into a structured local directory. By utilizing a categorized menu system and shell-based process execution, the suite enables efficient navigation and direct invocation of specialized tools for tasks ranging from forensic analysis and reverse engineering to exploit development. The toolkit covers a broad spectrum of security domains, including web and wireless attack vectors, cloud security, payload creation, and social media analysis. It also incorporates automated environment setup to handle the installation of necessary system packages and language runtimes, ensuring compatibility across its diverse collection of utilities. - [gravitl/netmaker](https://awesome-repositories.com/repository/gravitl-netmaker.md) (11,630 ⭐) — Netmaker is a platform for automating and managing virtual mesh networks built on WireGuard. It functions as a centralized control plane that orchestrates encrypted, peer-to-peer tunnels across distributed infrastructure, including cloud environments, on-premise data centers, and containerized clusters. By automating the configuration of routing tables and access policies, the system enables secure, private connectivity between diverse devices and services without requiring manual network administration. The platform distinguishes itself through its focus on zero-trust network access and software-defined perimeters, which hide network resources from the public internet while enforcing granular, identity-based security policies. It supports complex network topologies by providing dynamic relay-based routing for firewall-traversal and gateway-based bridging for isolated subnets. These capabilities allow for the creation of scalable, high-performance overlays that maintain consistent connectivity even when direct peer-to-peer paths are unavailable. Beyond core connectivity, the project provides a comprehensive suite of management tools, including automated node provisioning, private service discovery via integrated DNS, and multi-tenant infrastructure support. It also offers robust observability features, such as administrative audit logging and network health monitoring, to ensure operational visibility. The entire networking stack can be self-hosted to maintain data sovereignty, and the platform integrates with external identity providers to streamline authentication and device onboarding. - [trustedsec/social-engineer-toolkit](https://awesome-repositories.com/repository/trustedsec-social-engineer-toolkit.md) (14,984 ⭐) — The Social-Engineer Toolkit is a social engineering framework and penetration testing suite designed to simulate human-centric security attacks. It serves as a phishing simulation tool and credential harvesting utility to evaluate personnel awareness and organizational resilience. The toolkit provides specialized tooling for phishing campaign testing and credential theft simulation. It enables the creation of deceptive emails and landing pages to identify vulnerabilities in how users handle sensitive account information. The system includes capabilities for security awareness training and broader penetration testing, utilizing site cloning, DNS spoofing, and payload generation to execute various attack vectors. - [alexbredo/honeypot-ftp](https://awesome-repositories.com/repository/alexbredo-honeypot-ftp.md) (34 ⭐) — FTP Honeypot - [atlassian/react-beautiful-dnd](https://awesome-repositories.com/repository/atlassian-react-beautiful-dnd.md) (34,049 ⭐) — This project is a declarative drag-and-drop library designed for building accessible and fluid interface interactions within web applications. It provides a component-based interface for managing complex list reordering and spatial relationships between elements, utilizing a specialized state container to coordinate movement logic. The library distinguishes itself through a focus on accessibility, maintaining a live connection between visual drag states and the browser accessibility tree to support screen readers and keyboard navigation. It optimizes performance by bypassing standard component re-rendering cycles during active interactions, instead manipulating DOM nodes directly and employing hardware-accelerated animations to ensure smooth transitions. The system handles the lifecycle of moving elements between containers through centralized state management and event delegation. It is currently documented as a deprecated project, with guidance available for users regarding maintenance or migration paths. - [alexbredo/honeypot-camera](https://awesome-repositories.com/repository/alexbredo-honeypot-camera.md) (53 ⭐) — observation camera honeypot - [trimstray/the-book-of-secret-knowledge](https://awesome-repositories.com/repository/trimstray-the-book-of-secret-knowledge.md) (228,641 ⭐) — This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal-based utilities and scriptable interfaces to facilitate efficient system administration and repeatable security workflows. It distinguishes itself through a platform-agnostic approach, maintaining documentation and operational guides that remain applicable across diverse Unix-like and cloud-based environments. This modular toolchain integration allows users to compose custom environments tailored to specific administrative or security tasks. The repository covers a broad capability surface, including comprehensive toolkits for system auditing, network management, and infrastructure hardening. It provides structured learning paths for cybersecurity skill development, ranging from ethical hacking labs and penetration testing standards to vulnerability assessment and system configuration best practices. The collection also encompasses a wide array of productivity tools, diagnostic utilities, and educational materials designed to streamline routine maintenance and enhance overall security posture. - [michaelhenry/deploy-to-cocoapods-github-action](https://awesome-repositories.com/repository/michaelhenry-deploy-to-cocoapods-github-action.md) (37 ⭐) — Github action for deploying to Cocoapods.org - [a-h/templ](https://awesome-repositories.com/repository/a-h-templ.md) (10,358 ⭐) — Templ is a type-safe HTML templating engine and UI framework for Go. It provides a system for building reusable HTML components that compile into Go code for server-side rendering, ensuring type safety and compile-time validation of data and logic. The project features a dedicated language server that provides autocomplete and syntax validation for template files within supported code editors. It employs compile-time code generation to transform a custom template language into Go source code, enabling the creation of modular HTML fragments and logic blocks. The framework includes automated security mechanisms to prevent cross-site scripting through HTML escaping, CSS class and value sanitization, and resource URL validation. It supports various output targets, including streaming content to response writers for web interfaces or producing standalone files for static site generation. A command line interface is provided to handle the generation of Go source code and the formatting of markup and template files. - [mitmproxy/mitmproxy](https://awesome-repositories.com/repository/mitmproxy-mitmproxy.md) (43,943 ⭐) — Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using custom scripts. It provides a unified command-based interface for manual interaction, enabling users to define custom key bindings, content views, and command-line tools. The engine supports multiple operational modes, including explicit, transparent, reverse, and SOCKS proxying, as well as a userspace WireGuard VPN mode for capturing traffic without requiring client-side configuration changes. Beyond basic interception, the platform includes comprehensive tools for recording and replaying network conversations to simulate complex interactions or automate repetitive tasks. It offers advanced capabilities such as request blocking, header and body modification, and local resource mapping. The system also provides robust support for debugging and performance analysis, including integration with external tools through secret logging and structured data representation. The software is designed for rapid iteration, featuring live script reloading that updates custom logic without restarting the proxy process. It includes extensive documentation for managing certificates, configuring proxy modes, and implementing custom addons through a well-defined programmatic interface. - [googlecontainertools/skaffold](https://awesome-repositories.com/repository/googlecontainertools-skaffold.md) (15,856 ⭐) — Skaffold is a command-line tool that automates the build, push, and deployment lifecycle for containerized applications on Kubernetes. It functions as a continuous development engine, monitoring source code for changes to trigger incremental updates, manifest hydration, and automated deployments to a cluster. By abstracting the underlying build and deployment tools, it provides a unified interface for managing the inner development loop. The platform distinguishes itself through its environment-aware configuration and flexible build orchestration. It supports diverse build strategies, including local, remote, and in-cluster image construction, and allows developers to switch between environment-specific profiles automatically based on the active cluster context. To accelerate development, it includes features for direct file synchronization into running containers and remote debugging bridges that connect local tools to processes within a cluster. Beyond core orchestration, the tool manages the entire application lifecycle, from project bootstrapping and dependency definition to log streaming and port forwarding. It integrates with common package managers and supports complex workflows through modular configuration composition and automated manifest generation. The system also provides observability tools, such as structured log parsing and integration test coverage collection, to assist in monitoring and troubleshooting applications during the development process. - [swisskyrepo/payloadsallthethings](https://awesome-repositories.com/repository/swisskyrepo-payloadsallthethings.md) (78,434 ⭐) — This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data integrity and collaborative growth by utilizing version-controlled knowledge management and template-driven content generation, ensuring that the research remains current and consistent across a wide range of technical domains. The project covers a broad capability surface, including detailed references for web application security, database injection, insecure deserialization, and AI model security testing. It also aggregates external resources, such as research papers and third-party tools, to provide a holistic view of modern threat analysis and defensive research. The documentation is organized as a hierarchical tree of markdown files, designed for easy navigation and reference during active security engagements. - [mdp/honeypot.go](https://awesome-repositories.com/repository/mdp-honeypot-go.md) (30 ⭐) — SSH Honeypot written in Go - [owasp/python-honeypot](https://awesome-repositories.com/repository/owasp-python-honeypot.md) (477 ⭐) — OWASP Honeypot, Automated Deception Framework. - [rapid7/metasploit-framework](https://awesome-repositories.com/repository/rapid7-metasploit-framework.md) (38,415 ⭐) — The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to manage high-performance, concurrent network connections and features a transport-agnostic communication layer that abstracts protocols to maintain persistent command and control. Users can extend the core functionality through a plugin system and define complex exploit logic using a domain-specific language. The framework provides robust capabilities for remote payload management, including the configuration of network settings like sleep intervals and timeout thresholds. It maintains state persistence across long-running sessions by storing discovered host information and vulnerability data in a relational database. The software is designed for cross-platform deployment, with installation support available for Linux, macOS, and Windows environments. - [heroiclabs/nakama](https://awesome-repositories.com/repository/heroiclabs-nakama.md) (12,754 ⭐) — Nakama is a distributed server framework designed for real-time multiplayer games and social applications. It provides an authoritative runtime environment for executing game logic, ensuring consistent state and cheat-resistant gameplay across diverse client platforms. The system acts as a centralized backend, managing persistent player identities, social graphs, and real-time communication channels to support complex multiplayer interactions. The platform distinguishes itself through an integrated suite of LiveOps tools that allow developers to manage game economies, schedule time-bound events, and execute A/B experiments without requiring client-side updates. It features a flexible, schema-agnostic data storage layer and a modular architecture that enables custom server-side logic execution. By combining matchmaking, leaderboard management, and dynamic feature flagging, the platform provides a comprehensive environment for operating and scaling online games. Beyond its core multiplayer capabilities, the platform covers a broad range of infrastructure and operational needs, including global deployment, automated data backups, and behavioral analytics streaming. It supports multi-channel notification delivery and provides tools for segmenting player audiences to enable personalized content and reward distribution. The system integrates with external identity providers and third-party services to facilitate account linking and monetization workflows. The project provides native SDKs for major game engines and console platforms, with support for automated code deployment pipelines to streamline the integration of custom server-side logic. - [csirtgadgets/csirtg-honeypot](https://awesome-repositories.com/repository/csirtgadgets-csirtg-honeypot.md) (6 ⭐) — Twisted based HoneyPot for WhiteFace - [screetsec/thefatrat](https://awesome-repositories.com/repository/screetsec-thefatrat.md) (11,038 ⭐) — TheFatRat is a security exploitation framework designed to automate the creation, obfuscation, and deployment of payloads for penetration testing. It functions as a comprehensive toolkit that streamlines the exploitation lifecycle, enabling users to generate malicious executables, manage network listeners, and execute post-exploitation tasks through a unified command-line interface. The framework distinguishes itself by integrating various third-party exploitation utilities into a single, orchestrated workflow. It provides specialized capabilities for embedding code into legitimate binaries and modifying file metadata to test system resilience against signature-based detection. Additionally, the tool supports physical security assessments by generating autorun configurations for removable media to evaluate automated execution behaviors on target systems. Beyond core payload generation, the platform includes utilities for environment dependency validation to ensure all necessary components are configured correctly before testing begins. It also automates post-compromise actions, such as information gathering and credential extraction, to facilitate efficient security audits. - [googlechrome/chrome-extensions-samples](https://awesome-repositories.com/repository/googlechrome-chrome-extensions-samples.md) (17,623 ⭐) — This repository serves as a comprehensive reference library for browser extension development, providing a collection of code samples and implementation patterns. It is designed to help developers understand the requirements for building extensions that adhere to current manifest standards, specifically focusing on the transition to and implementation of version three specifications. The project provides functional examples for core extension capabilities, including the use of event-driven background service workers, isolated content script injection, and message-passing for inter-process communication. It demonstrates how to configure extension metadata, manage browser UI customizations like action-triggered popups, and integrate various web APIs to modify browser behavior. These resources cover the full lifecycle of extension development, from initial manifest configuration and local directory loading for debugging to the final packaging and publication process. The repository is structured to assist with both learning individual API usage and building complex, multi-component extensions using standard web technologies. - [googlechrome/lighthouse](https://awesome-repositories.com/repository/googlechrome-lighthouse.md) (30,355 ⭐) — Lighthouse is an automated diagnostic tool that evaluates web pages against industry standards for performance, accessibility, and search engine optimization. It functions as a programmatic analysis engine and a command-line utility, allowing developers to integrate comprehensive web quality checks directly into continuous integration pipelines and local development workflows. The project distinguishes itself through a modular architecture that utilizes artifact-based data collection to ensure consistent analysis across different environments. It supports a headless execution mode for automated testing and provides a plugin-driven framework, enabling developers to register custom audit logic and specialized reporting categories to meet unique project requirements. Beyond its core auditing capabilities, the tool detects underlying web frameworks and content management systems to provide tailored optimization recommendations. It generates structured, machine-readable reports and offers multiple interfaces, including a browser-integrated panel and a dedicated extension, to facilitate real-time feedback during the development process. - [christophe77/express-honeypot](https://awesome-repositories.com/repository/christophe77-express-honeypot.md) (21 ⭐) — Express honeypot for remote file inclusion (RFI) and local file inclusion (LFI). - [gallopsled/pwntools](https://awesome-repositories.com/repository/gallopsled-pwntools.md) (13,271 ⭐) — Pwntools is a Python-based framework designed for rapid prototyping and automation in binary exploitation, reverse engineering, and security research. It serves as a comprehensive toolkit for interacting with local and remote processes, providing the primitives necessary to manage complex exploit workflows and streamline security analysis tasks. The framework distinguishes itself through its specialized capabilities for binary manipulation and automated exploit construction. It includes dedicated utilities for parsing executable file formats, assembling and disassembling machine code, and generating shellcode across various architectures. A core strength of the project is its ability to automate the identification and chaining of gadgets to bypass memory protections, as well as its capacity to resolve remote symbols and exploit format string vulnerabilities through calculated memory manipulation. Beyond its core exploitation features, the library provides a unified interface for managing communication across network sockets, serial connections, and local process pipes. It supports deep integration with debugging environments, allowing researchers to monitor execution flow and inspect memory in real time. The project also includes specific utilities for managing capture-the-flag competition workflows, such as automating the submission of flags to remote servers. The library is structured to provide a consistent global execution environment, allowing users to configure architecture, operating system, and logging defaults for their research sessions. It is distributed as a Python library, enabling integration into custom security research scripts and automated analysis pipelines. - [greydgl/pentestgpt](https://awesome-repositories.com/repository/greydgl-pentestgpt.md) (11,697 ⭐) — PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context, synthesizing both visual and textual data to inform its decision-making process. To ensure consistency and continuity, the framework maintains persistent session state, allowing users to pause and resume assessments without losing critical context or progress. The system provides a comprehensive suite of capabilities for managing external security utilities, including the ability to parse raw command-line output into structured data for automated analysis. It operates within isolated, containerized environments to ensure that testing workflows remain reproducible and secure across diverse target architectures. - [mojachieee/go-honeypot](https://awesome-repositories.com/repository/mojachieee-go-honeypot.md) (48 ⭐) — A honeypot server written in Go. - [jofpin/trape](https://awesome-repositories.com/repository/jofpin-trape.md) (8,590 ⭐) — Trape is a browser-based remote access tool and exploit framework designed for gathering device geolocation, hardware profiles, and network data. It functions as an open-source intelligence platform and a system for executing custom scripts and triggering browser vulnerabilities to capture credentials or monitor device activity. The project features a real-time geolocation tracker capable of retrieving precise physical coordinates and monitoring individual movement, including silent acquisition that bypasses standard location prompts. It further provides a network tunneling service to make locally hosted servers accessible over the internet for remote interactions. Additional capabilities include device profiling of hardware specifications, network environment scanning to identify connected devices, and the aggregation of open-source intelligence. The framework also supports session monitoring to detect active web services and can trigger remote audio playback of synthesized voice messages through a target browser. - [paralax/awesome-honeypots](https://awesome-repositories.com/repository/paralax-awesome-honeypots.md) (10,354 ⭐) — an awesome list of honeypot resources - [filamentphp/filament](https://awesome-repositories.com/repository/filamentphp-filament.md) (31,215 ⭐) — Filament is a full-stack framework for building administrative panels and management interfaces within the Laravel ecosystem. It provides a declarative, component-based architecture that allows developers to construct complex, data-driven applications using server-side configuration objects rather than manual HTML. By inspecting database model structures and relationships, the framework automates the generation of CRUD interfaces, forms, and data tables, significantly reducing boilerplate code. The project distinguishes itself through a highly modular and extensible design that supports custom plugins, themes, and specialized dashboard widgets. It features a fluent, object-oriented API for defining UI components, validation rules, and data persistence logic, while maintaining application state between the browser and server over a persistent connection. Developers can further customize the interface through dynamic configuration, custom Blade view embedding, and a comprehensive system for managing user identity, multi-tenancy, and role-based access control. Beyond core CRUD capabilities, the framework includes advanced tools for data presentation, such as interactive charts, statistical summaries, and global search functionality. It also provides robust support for complex data entry, including multistep wizards, repeatable form blocks, and file management. The system is designed for reliability, offering built-in observability, automated testing helpers, and performance optimizations like asset scoping and client-side navigation. The framework is distributed as a set of packages that integrate directly into existing Laravel applications, with command-line utilities available to scaffold resources and administrative components. - [beefproject/beef](https://awesome-repositories.com/repository/beefproject-beef.md) (10,728 ⭐) — BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration. The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and asynchronous command queuing to manage multiple hooked sessions, allowing for the coordination of complex, multi-stage assessment workflows. The system supports a modular architecture that enables the development of custom plugins and automated rules to extend its core testing capabilities. It includes comprehensive administrative controls, such as role-based access control, authentication rate limiting, and network access restrictions, to secure the testing environment and manage component lifecycles. - [ankitects/anki](https://awesome-repositories.com/repository/ankitects-anki.md) (28,571 ⭐) — Anki is a cross-platform flashcard management system designed to optimize long-term memory retention through spaced-repetition learning. It functions as a digital learning assistant that uses active recall practice and automated scheduling algorithms to determine the ideal timing for card reviews based on individual performance history. The core system relies on a local relational database to ensure data persistence and portability, while supporting complex study workflows through flexible note-type schema modeling and template-driven content rendering. The platform distinguishes itself through deep extensibility and content customization. Users can modify core application behavior and scheduling logic via a plugin-based framework or by implementing custom scheduling models. The interface supports rich media integration, including audio, images, and text-to-speech, which can be styled using HTML and CSS templates to suit specific subjects. Advanced users can further tailor the environment with dynamic script embedding, custom note types, and specialized card layouts like cloze deletions or image occlusions. Beyond its core scheduling capabilities, the software provides a comprehensive suite of tools for managing large collections of study material. This includes hierarchical deck organization, tag-based content management, and advanced search and filtering utilities. The system also offers robust observability features, such as detailed performance analytics, study progress visualization, and tools for identifying and managing problematic study items. Anki facilitates consistent learning across multiple devices through a built-in synchronization protocol that merges collection data and media assets. The application is distributed as a compiled build and includes extensive configuration options for display rendering, input methods, and system integration to ensure compatibility across various desktop environments. - [rebelinblue/deployer](https://awesome-repositories.com/repository/rebelinblue-deployer.md) (907 ⭐) — Deployer is a free and open source deployment tool. - [crowdsecurity/crowdsec](https://awesome-repositories.com/repository/crowdsecurity-crowdsec.md) (12,574 ⭐) — CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offloads active blocking to lightweight external components known as bouncers. These bouncers query the central API to synchronize threat intelligence and apply real-time remediation across distributed environments. The system also features a hub-based configuration management framework, allowing users to download and deploy community-curated security scenarios, parsers, and collections to ensure consistent protection against evolving threats. The platform provides a comprehensive suite of tools for security operations, including automated log parsing pipelines, event-driven plugin systems for notification workflows, and extensive command-line utilities for infrastructure management. It supports flexible deployment patterns across standalone, containerized, and cloud-native environments, enabling centralized orchestration of security agents and fleet-wide monitoring of threat activity. The project includes a robust documentation and command-line interface that facilitates the lifecycle management of security components, from initial service discovery and configuration to the validation of detection logic and the auditing of active security policies.