Awesome

GitHub projects from awesome lists

Search awesome repositories

Search names, descriptions, topics, tags, and stacks, then tune results by ecosystem, freshness, health, and cross-list signal.

Repos indexed
17,373
Awesome lists tracked
125
Current results
29

Find repositories

Start broad, then narrow by ecosystem, freshness, health, and growth.

Clear 1 refinement
Search mode
Tune results
More filters Topics, generated tags, stack, files, age, archive status, and growth.
Ecosystem
Files

Choose a suggestion or use commas to require multiple files.

Health

Uses known first-commit dates.

Momentum
Filters by observed commit-count growth over the repository's latest 7-day capture window. Repositories without a recent baseline are excluded.
Filters by observed GitHub star growth over the repository's latest 7-day capture window. Repositories without a recent baseline are excluded.
Reset filters
Highlighted

Open highlighted repo slot

Put your repository first

Promote a GitHub repo at the top of Awesome repository list views for 7 days.

swisskyrepo/PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Updated
2026-06-19
Lists
3 list mentions
First commit
2016-10-18
History
3 history points
License
MIT
Issues
Disabled
Forks
17,161
Commits
2,191 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
KeygraphHQ/shannon

Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

AI dev
Updated
2026-07-16
Lists
0 list mentions
First commit
2025-10-04
History
46 history points
License
AGPL-3.0
Issues
24 open
Forks
5,308
Commits
261 commits
Star growth, last 7 days
+169 +0.4%
Commit velocity, last 7 days
+2 +0.8%
usestrix/strix

Open-source AI penetration testing tool to find and fix your app’s vulnerabilities.

Updated
2026-07-17
Lists
1 list mention
First commit
2025-08-09
History
46 history points
License
Apache-2.0
Issues
199 open
Forks
4,341
Commits
571 commits
Star growth, last 7 days
+1,851 +4.6%
Commit velocity, last 7 days
+35 +6.5%
1N3/Sn1per

Automated penetration testing & attack surface management platform. Recon, scan, exploit, report — 600+ exploits, 90+ integrations, 10K+ detections.

Updated
2026-07-04
Lists
1 list mention
First commit
2015-09-06
History
2 history points
License
NOASSERTION
Issues
7 open
Forks
2,105
Commits
722 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Updated
2026-06-30
Lists
1 list mention
First commit
2017-05-14
History
2 history points
License
CC-BY-SA-4.0
Issues
41 open
Forks
1,641
Commits
1,241 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
six2dez/reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

AI dev
Updated
2026-06-29
Lists
2 list mentions
First commit
2020-12-30
History
2 history points
License
MIT
Issues
2 open
Forks
1,197
Commits
2,363 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
guardicore/monkey

Infection Monkey - An open-source adversary emulation platform

Updated
2025-05-01
Lists
2 list mentions
First commit
2015-08-30
History
3 history points
License
GPL-3.0
Issues
239 open
Forks
821
Commits
19,752 commits
Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
GH05TCREW/pentestagent

PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.

AI dev
Updated
2026-07-07
Lists
1 list mention
First commit
2025-05-15
History
5 history points
License
MIT
Issues
18 open
Forks
556
Commits
380 commits
Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
rewardone/OSCPRepo

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Updated
2020-06-22
Lists
1 list mention
First commit
2017-11-12
History
2 history points
License
MIT
Issues
1 open
Forks
757
Commits
387 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
samugit83/redamon

An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.

Updated
2026-07-15
Lists
1 list mention
First commit
2025-12-29
History
5 history points
License
MIT
Issues
16 open
Forks
454
Commits
606 commits
Star growth, last 7 days
0 0.0%
Commit velocity, last 7 days
0 0.0%
codingo/VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Updated
2025-08-18
Lists
1 list mention
First commit
2017-09-03
History
2 history points
License
GPL-3.0
Issues
1 open
Forks
239
Commits
347 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
yassineaboukir/sublert

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Updated
2021-02-05
Lists
1 list mention
First commit
2019-03-08
History
2 history points
License
MIT
Issues
17 open
Forks
165
Commits
67 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
Warxim/petep

PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications with various application protocols. ⚡

Updated
2023-12-01
Lists
1 list mention
First commit
2020-08-01
History
2 history points
License
GPL-3.0
Issues
0 open
Forks
22
Commits
49 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
cr0mll/cyberclopaedia

This is an aspiring project aimed at accumulating knowledge from the world of cybersecurity and presenting it in a cogent way, so it is accessible to as large an audience as possible and so that everyone has a good resource to learn hacking from.

Updated
2024-08-06
Lists
1 list mention
First commit
2021-09-06
History
2 history points
License
MIT
Issues
0 open
Forks
26
Commits
274 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history
momenbasel/htb-writeups

The most comprehensive Hack The Box writeup collection - 500+ machines, 400+ challenges, interactive knowledge graph, skill trees, attack path diagrams, ProLabs, Sherlocks, OSCP/CPTS/CRTO prep. Browse: momenbasel.github.io/htb-writeups

Updated
2026-06-10
Lists
1 list mention
First commit
2026-04-10
History
2 history points
License
MIT
Issues
0 open
Forks
35
Commits
27 commits
Star growth, last 7 days
No 7-day history
Commit velocity, last 7 days
No 7-day history