# Results for "hack"

> AI-ranked search results for `hack` on awesome-repositories.com — ordered by an LLM for relevance, best match first. 117 total matches; showing the top 28.

Explore on the web: https://awesome-repositories.com/q/hack

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/hack).**

## Results

- [brannondorsey/wifi-cracking](https://awesome-repositories.com/repository/brannondorsey-wifi-cracking.md) (12,399 ⭐) — This project is a WPA Wi-Fi cracking toolkit designed for capturing authentication handshakes and recovering WPA/WPA2 passwords. It provides specialized utilities for scanning wireless networks, obfuscating hardware addresses, and generating password lists to facilitate security audits.

The toolkit differentiates itself through a focused workflow that combines handshake capture tools with a password wordlist generator. It enables the interception of the four-way authentication process between wireless clients and access points and utilizes these captured credentials for recovery via dictionar
- [rapid7/metasploit-framework](https://awesome-repositories.com/repository/rapid7-metasploit-framework.md) (38,415 ⭐) — The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures.

The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to
- [drk1wi/modlishka](https://awesome-repositories.com/repository/drk1wi-modlishka.md) (5,273 ⭐) — Modlishka is a man-in-the-middle reverse proxy framework designed for automated phishing campaigns. It dynamically generates valid TLS certificates for target domains, aggregates traffic from multiple domains through a single proxy, and injects custom scripts into proxied responses. The framework operates transparently without requiring client-side certificate installation and relays two-factor authentication steps to capture secondary verification tokens.

What sets Modlishka apart is its ability to automate the entire credential theft process. It logs all form submissions, headers, and cooki
- [chrisk44/hijacker](https://awesome-repositories.com/repository/chrisk44-hijacker.md) (2,512 ⭐) — Hijacker is a Wi-Fi security auditing suite designed for scanning wireless networks, capturing traffic, and recovering credentials. It provides a set of tools for detecting nearby access points and clients, intercepting WPA handshakes, and recovering WPA and WEP passwords.

The project features a visual security audit interface that allows for the execution of specialized tools without using a command-line terminal. It includes a dedicated WPS pin recovery tool for extracting access point pins using pixie-dust attacks via external adapters.

The toolkit covers network reconnaissance, including
- [manisso/fsociety](https://awesome-repositories.com/repository/manisso-fsociety.md) (12,136 ⭐) — fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution.

The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation.

The fram
- [wifiphisher/wifiphisher](https://awesome-repositories.com/repository/wifiphisher-wifiphisher.md) (14,631 ⭐) — Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing. It functions as a platform for security professionals to assess the resilience of Wi-Fi networks by simulating unauthorized access, performing man-in-the-middle interceptions, and executing credential-harvesting scenarios.

The tool distinguishes itself through its ability to combine rogue access point deployment with dynamic phishing interfaces. By forcing wireless clients to associate with deceptive infrastructure, the framework can capture network metadata and inject it int
- [mishakorzik/allhackingtools](https://awesome-repositories.com/repository/mishakorzik-allhackingtools.md) (5,186 ⭐) — AllHackingTools is a security tool orchestrator and suite designed to install, update, and manage a wide array of third-party hacking and security utilities from a single command interface. It functions as a centralized hub for network analysis, open source intelligence, penetration testing, and social engineering tools.

The project provides specialized frameworks for gathering open source intelligence and searching for user profiles across social platforms. It includes toolkits for network reconnaissance, vulnerability scanning, and the execution of security exploits, as well as a social eng
- [sophron/wifiphisher](https://awesome-repositories.com/repository/sophron-wifiphisher.md) (14,632 ⭐) — Wifiphisher is a Python wireless attack framework and rogue access point toolkit designed for wireless network interception and the deployment of phishing gateways. It functions as a wireless deauthentication tool and a phishing system that serves deceptive web pages to capture user credentials.

The framework is distinguished by a modular attack scenario system that allows the integration of custom Python modules to implement specialized phishing workflows. It employs adaptive phishing interfaces that use user-agent headers and environment data to render pages that mimic specific operating sy
- [z4nzu/hackingtool](https://awesome-repositories.com/repository/z4nzu-hackingtool.md) (77,515 ⭐) — This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors.

The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext
- [trustedsec/social-engineer-toolkit](https://awesome-repositories.com/repository/trustedsec-social-engineer-toolkit.md) (14,984 ⭐) — The Social-Engineer Toolkit is a social engineering framework and penetration testing suite designed to simulate human-centric security attacks. It serves as a phishing simulation tool and credential harvesting utility to evaluate personnel awareness and organizational resilience.

The toolkit provides specialized tooling for phishing campaign testing and credential theft simulation. It enables the creation of deceptive emails and landing pages to identify vulnerabilities in how users handle sensitive account information.

The system includes capabilities for security awareness training and br
- [shadow1ng/fscan](https://awesome-repositories.com/repository/shadow1ng-fscan.md) (13,421 ⭐) — Fscan is an automated penetration testing tool designed for internal network reconnaissance and vulnerability assessment. It functions as a comprehensive security framework that maps network infrastructure, identifies active hosts and services, and detects security weaknesses across internal environments.

The tool distinguishes itself through a modular plugin architecture that allows for extensible security checks and a stateful asset tracking system that maintains an in-memory registry of discovered infrastructure. It incorporates a dedicated credential brute-force engine for testing passwor
- [ankit0183/wifi-hacking](https://awesome-repositories.com/repository/ankit0183-wifi-hacking.md) (2,561 ⭐) — This project is a wireless network security toolkit designed for monitoring wireless traffic and exploiting vulnerabilities in network authentication protocols. It provides a suite of tools for scanning networks, capturing authentication handshakes, and testing the security of wireless access points.

The toolkit includes a password wordlist generator to create custom lists for offline key recovery and a handshake cracker to recover encrypted keys using brute-force methods. It also features a vulnerability scanner specifically for testing the security of the Wireless Protected Setup pin system
- [thewhiteh4t/seeker](https://awesome-repositories.com/repository/thewhiteh4t-seeker.md) (9,598 ⭐) — Seeker is a social engineering location tool and browser geolocation capture system. It provides a framework for capturing precise GPS coordinates and device metadata by hosting deceptive webpages that prompt users for location permissions.

The project includes an HTML phishing template engine for deploying custom or predefined website clones designed to trick users into granting sensitive permissions. It further utilizes a device fingerprinting tool to collect hardware specifications, operating system details, and screen resolution from visiting clients.

The system incorporates network reco
- [v1s1t0r1sh3r3/airgeddon](https://awesome-repositories.com/repository/v1s1t0r1sh3r3-airgeddon.md) (7,797 ⭐) — airgeddon is a bash-based wireless network audit suite and security toolkit for Linux. It serves as a framework for testing wireless vulnerabilities and verifying network configurations across various encryption standards, including WPA, WEP, and WPS.

The project functions as an orchestration layer that integrates a collection of third-party wireless security tools. It features a modular approach to attack vectorization, coordinating tasks such as evil twin simulations with captive portals, WPA handshake interception, and the execution of WPS vulnerability tests.

Its capabilities cover a bro
- [beefproject/beef](https://awesome-repositories.com/repository/beefproject-beef.md) (10,728 ⭐) — BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration.

The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and
- [nmap/nmap](https://awesome-repositories.com/repository/nmap-nmap.md) (13,065 ⭐) — Nmap is a command-line network security scanner and reconnaissance framework designed for infrastructure mapping and security auditing. It functions as a packet crafting utility that probes target systems to identify active hosts, detect open ports, and determine the services and operating systems running on a network.

The tool distinguishes itself through its ability to perform raw socket packet injection and stateful connection tracking, allowing it to bypass standard operating system networking stacks. It utilizes an asynchronous concurrency model to manage large-scale network scans and em
- [reverse-shell/routersploit](https://awesome-repositories.com/repository/reverse-shell-routersploit.md) (13,151 ⭐) — RouterSploit is an embedded device exploitation framework and vulnerability scanner designed to identify and exploit security flaws in networked embedded hardware and firmware. It provides a centralized toolkit for scanning for known weaknesses and common misconfigurations to gain unauthorized system access.

The framework includes an architecture-specific payload generator to create custom binary payloads tailored to the target hardware. It also features an automated brute force tool that uses dictionary-based credential guessing to bypass authentication on hardware devices.

The tool covers
- [jaykali/maskphish](https://awesome-repositories.com/repository/jaykali-maskphish.md) (3,020 ⭐) — Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments.

The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
- [infinition/bjorn](https://awesome-repositories.com/repository/infinition-bjorn.md) (5,656 ⭐) — Bjorn is a penetration testing framework that automates network scanning, credential brute-forcing, vulnerability assessment, and data exfiltration, all coordinated through an event-driven task pipeline and controlled via a web-based dashboard. Its modular plugin architecture allows independent security modules to be loaded and chained together, with an asynchronous network scanner discovering live hosts and open ports without blocking the main execution flow.

The framework distinguishes itself by integrating a credential brute-force engine that systematically attempts login combinations agai
- [sofianehamlaoui/lockdoor-framework](https://awesome-repositories.com/repository/sofianehamlaoui-lockdoor-framework.md) (1,540 ⭐) — Lockdoor-Framework is a modular penetration testing suite designed to facilitate comprehensive security assessments through a centralized command-line interface. It functions as an integrated platform for reconnaissance, vulnerability scanning, and the exploitation of target systems, providing a unified environment for managing complex security workflows.

The framework distinguishes itself through a modular plugin architecture that allows for the extension of core capabilities without modifying the underlying codebase. It incorporates an automated reconnaissance pipeline to map attack surface
- [offensive-security/kali-nethunter](https://awesome-repositories.com/repository/offensive-security-kali-nethunter.md) (3,771 ⭐) — Kali NetHunter is a mobile penetration testing platform designed to run security assessment and network auditing tools directly on Android hardware. It provides a specialized environment for performing vulnerability research, wireless network analysis, and security testing on both local and remote systems.

The platform functions by deploying a full Linux distribution alongside the host mobile operating system, utilizing filesystem isolation and overlay integration to maintain access to system resources. It enables direct interaction with mobile hardware by bypassing standard application restr
- [bc-security/empire](https://awesome-repositories.com/repository/bc-security-empire.md) (5,045 ⭐) — Empire is a post-exploitation command-and-control (C2) framework designed for red team operations. It deploys and manages agents written in PowerShell, Python, C#, Go, and C across Windows, Linux, and macOS, using encrypted communication channels over HTTP, HTTPS, and SMB. The framework executes over 400 built-in modules for reconnaissance, privilege escalation, credential theft, and lateral movement, and provides a modular engine for authoring custom attack modules.

What sets Empire apart is its multi-language agent deployment system, which allows operators to choose implants that suit each
- [havocframework/havoc](https://awesome-repositories.com/repository/havocframework-havoc.md) (8,182 ⭐) — Havoc is a post-exploitation framework used for red team operations. It provides a centralized command and control system for managing remote agents through persistent network connections and customizable communication profiles.

The framework focuses on security evasion and stealth, utilizing indirect syscall execution, return address spoofing, and hardware-breakpoint patching to bypass endpoint detection and response tools. It includes a payload generation workflow to create executable shellcode or DLLs for initial remote access.

The system covers a broad range of operational capabilities,
- [andresriancho/w3af](https://awesome-repositories.com/repository/andresriancho-w3af.md) (4,850 ⭐) — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation.

The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
- [byt3bl33d3r/crackmapexec](https://awesome-repositories.com/repository/byt3bl33d3r-crackmapexec.md) (9,144 ⭐) — CrackMapExec is a network penetration testing framework and automated security scanner designed to assess security postures across large IP ranges. It functions as a multi-protocol security scanner and network protocol auditor used to identify vulnerabilities and misconfigurations.

The tool provides capabilities for Active Directory auditing to enumerate users and permissions, as well as post-exploitation enumeration to gather system metadata and discover lateral movement paths. It includes a framework for credential spraying and harvesting across various network services.

The system utilize
- [carlospolop/privilege-escalation-awesome-scripts-suite](https://awesome-repositories.com/repository/carlospolop-privilege-escalation-awesome-scripts-suite.md) (20,003 ⭐) — This project is a post-exploitation framework and privilege escalation script suite designed to scan local system configurations for security gaps. It serves as a system enumeration toolset used to identify paths for gaining higher administrative privileges on a target host.

The suite incorporates capabilities for security penetration testing and vulnerability assessment reporting. It uses shell-based system enumeration and pattern-based vulnerability matching to detect misconfigurations, while employing heuristic-based permission analysis to evaluate system flags.

Findings are gathered thro
- [empireproject/empire](https://awesome-repositories.com/repository/empireproject-empire.md) (7,813 ⭐) — Empire is a command and control framework and post-exploitation toolkit used for network penetration testing. It serves as a centralized platform for coordinating remote agent communication and automating the delivery of security testing payloads to target systems.

The project provides a suite of modules for host reconnaissance, lateral movement, and credential harvesting across corporate environments. It functions as a remote administration tool to maintain persistence and execute commands on compromised hosts.

The framework incorporates capabilities for agent orchestration and the executio
- [funnywolf/viper](https://awesome-repositories.com/repository/funnywolf-viper.md) (4,964 ⭐) — Viper is a command and control infrastructure manager and post-exploitation framework designed for adversary attack simulation and security assessment. It functions as an orchestrator for penetration testing, combining a system for managing compromised hosts across multiple operating systems with tools for security workflow automation.

The platform is distinguished by its use of large language model agents to coordinate red team tasks, automate data processing, and provide intelligent decision support. It includes a network pivot visualizer that uses directional graphs to map relationships an
