aw-junaid/Black-Hat-Python
GitHub: aw-junaid/Black-Hat-Python
一套涵盖网络侦察、渗透测试与漏洞验证的进阶 Python 安全脚本工具集合。
Stars: 124 | Forks: 22
# Black-Hat-Python








# 联系我:
# 来源
- [blackhat-python3](https://github.com/EONRaider/blackhat-python3)
- [Mastering Python Scripting for System Administrators](https://github.com/PacktPublishing/Mastering-Python-Scripting-for-System-Administrators-)
- [python-pentest-tools](https://github.com/dloss/python-pentest-tools/blob/master/README.md)
# 目录
## 🔴 1. 密码攻击与凭证攻击
- [密码哈希破解 (`hashlib` / hashcat 集成)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/Password%20Hash%20Cracking.md)
- [LDAP 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/LDAP%20Brute%20Force.md)
- [使用 Paramiko 进行 SSH 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/SSH%20Brute%20Force%20Tool.md)
- [FTP 暴力破解](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/FTP%20Brute%20Force%20Tool.md)
- [SMB 暴力破解 (`impacket`)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Password%20Attacks/SMB%20Brute%20Force%20Tool.md)
## 🌐 2. Python 网络
### 基础网络客户端与服务器
- [TCP 客户端](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Client.md)
- [UDP 客户端](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/UDP%20Client.md)
- [TCP 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Server.md)
- [用于远程代码执行的 Netcat 客户端和服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Netcat%20Client%20%26%20Server.md)
- [TCP 代理](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Proxy.md)
### SSH 工具
- [使用 Paramiko 的 SSH](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20with%20Paramiko.py)
- [使用 paramiko 的基础 SSH 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Basic%20SSH%20server%20using%20the%20paramiko.md)
- [SSH 反向隧道](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20reverse%20tunneling.md)
- [简单的 SSH 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/bhp_reverse_ssh_cmd.md)
### 数据包嗅探器与网络分析
- [使用原始套接字的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/packet%20sniffer%20using%20raw%20sockets.md)
- [解码 Header 的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20Header.md)
- [解码 ICMP 的数据包嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20ICMP.md)
- [带有 ICMP 数据包分析的 Python 子网扫描器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Python%20Subnet%20Scanner%20with%20ICMP%20Packet%20Analysis.md)
- [Python 电子邮件凭证嗅探器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Email%20Credential%20Sniffer%20in%20Python.md)
### 基于 Scapy 的攻击
- [使用 Scapy 进行 ARP 缓存投毒](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/ARP%20Cache%20Poisoning%20with%20Scapy.md)
- [PCAP 图片提取器与人脸检测器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/PCAP%20Image%20Extractor%20%26%20Face%20Detector.md)
### 端口扫描与主机发现
- [检查远程主机上的开放和关闭端口](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Check%20Open%20and%20Closed%20Ports%20on%20a%20Remote%20Host.md)
- [多线程 TCP 端口扫描](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Multithreaded%20TCP%20Port%20Scanning.md)
- [扫描远程主机上的端口范围](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Scanning%20a%20Range%20of%20Ports%20on%20a%20Remote%20Host.md)
- [测试与远程主机的 Socket 连接](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Test%20a%20Socket%20Connection%20to%20a%20Remote%20Host.md)
- [从 IP 地址解析主机名](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Resolve%20Host%20Name%20from%20an%20IP%20Address.md)
### Scapy 高级用法
- 使用 Scapy 进行 TCP SYN 扫描
- 操作系统指纹识别
- 自定义协议构造
- 使用 Scapy 进行网络路由追踪
## 🔥 3. 网络攻击
- DNS 欺骗 / DNS 投毒
- [DHCP 饥饿攻击](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/DHCP%20Starvation%20Attack.md)
- [SYN 洪水 / DoS 脚本](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/SYN%20Flood.md)
- [VLAN 跳跃](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/VLAN%20Hopping%20Tool.md)
- [ICMP 隧道](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/ICMP%20Tunneling%20Network.md)
- [SSL/TLS 剥离](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/TLS%20Stripping.md)
- [802.11 Wi-Fi Deauth 攻击 (Scapy)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/802.11%20Wi-Fi.md)
- [WPA 握手包抓取](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Network%20Attacks/WPA%20Handshake.md)
## 🕷️ 4. Web 应用程序黑客技术
### Web 路径发现与爬取
- [Web 路径扫描器 (Joomla 站点爬虫)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Web%20Path%20Scanner%20(Joomla%20Site%20Crawler).md)
- [目录与文件暴破工具](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Directory%20%26%20File%20Bruteforcer.md)
### 暴力破解攻击
- [HTTP 认证暴力破解扫描](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/brute-force%20HTTP%20authentication%20scan.md)
- [多线程暴力破解登录脚本](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Multi-threaded%20Brute-Force%20Login%20Script.md)
- [对 WordPress 登录页面的多线程暴力破解攻击](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/multi-threaded%20brute-force%20attack%20on%20a%20WordPress%20login%20page.md)
### Web 漏洞测试
- SQL 注入检测与利用
- XSS Payload 注入测试器 (反射型 / 存储型 / DOM)
- CSRF Token 绕过
- XXE 注入测试器
- SSRF 检测脚本
- LFI / RFI 扫描器
- JWT Token 篡改
- CORS 配置错误扫描器
- GraphQL 枚举与 Fuzzing
- Cookie 篡改 / 会话劫持
- HTTP 请求走私
- OAuth 攻击脚本
### Web 抓取与侦察
- 用于侦察的 Web 抓取器 / 爬虫 (BeautifulSoup / Selenium)
- REST API Fuzzer
## 🔧 5. Burp Suite 扩展与 Fuzzing
### Burp Fuzzing 工具
- [Burp Suite Intruder Payload 生成器 (Python 扩展)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Intruder%20Payload%20Generator%20(Python%20Extension).md)
- [Burp Suite 扩展:BHP Wordlist (Bing 搜索集成)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20(Bing%20Search%20Integration).md)
- [Burp Suite 扩展:BHP Wordlist 生成器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20Generator.md)
## 🎯 6. 侦察与 OSINT
- [WHOIS 查询自动化](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/WHOIS%20Lookup.md)
- [DNS 枚举 (子域名)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/DNS%20Enumeration.md)
- [Google Dorking 自动化](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Reconnaissance%20%26%20OSINT/Google%20Dorking.md)
- Shodan API 集成
- 电子邮件收集 (`theHarvester` 风格)
- Banner 抓取
- SNMP 枚举
- SMB 枚举 (`impacket`)
- NetBIOS / LLMNR 投毒
- 从图片/文档中提取 EXIF 元数据
- 用户名 / 社交媒体枚举
## 🦠 7. 木马与恶意软件开发
### 基于 GitHub 的命令与控制
- [基于 GitHub 的木马](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Github%20Command%20and%20Control/GitHub-based%20trojan.md)
### Windows 上的木马任务
- [键盘记录器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/keylogger.md)
- [在 Windows 系统上捕获整个桌面的屏幕截图](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/captures%20a%20screenshot%20of%20the%20entire%20desktop%20on%20a%20Windows%20system.md)
- [从 Web 服务器执行 shellcode](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/execute%20shellcode%20from%20a%20web%20server.md)
- [沙箱检测](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Sandbox%20Detection.md)
- [监控 Windows 系统上的进程](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Monitor%20processes%20on%20a%20Windows%20system.md)
- [监控特定目录](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/monitor%20specific%20directories.md)
- [代码注入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Code%20Injection.md)
## 🌐 8. 浏览器攻击
- [浏览器劫持与登录重定向](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Browser%20Hijacking%20and%20Login%20Redirect.md)
- [用于捕获凭证的简单 HTTP 服务器](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Simple%20HTTP%20Server%20for%20Capturing%20Credentials.md)
- [使用 Tumblr 进行文档窃取](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Document%20Exfiltration%20Using%20Tumblr.md)
- [生成带有 2048 位密钥长度的新 RSA 密钥对](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/generates%20a%20new%20RSA%20key%20pair%20with%20a%202048-bit%20key%20length.md)
- [解密并解压加密数据](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/decrypts%20and%20decompresses%20the%20encrypted%20data.md)
## 🚀 9. 后渗透与权限提升
### Shell 与后门
- 反向 Shell 生成器 (TCP / HTTP / HTTPS)
- 正向 Shell
- Meterpreter 风格的 Python 后门
### Windows 后渗透
- Windows 注册表操作
- Token 模拟
- 从内存中转储密码
- Pass-the-Hash 攻击 (`impacket`)
- Mimikatz 集成 / 凭证转储
### Linux 后渗透
- Linux SUID / GUID 枚举
- Cron 任务滥用检测
### 持久化与数据窃取
- 通过启动脚本 / Cron / 注册表实现持久化
- 通过 DNS / ICMP / 隐蔽通道进行数据窃取
## 🏰 10. 活动目录攻击
- Kerberoasting
- Pass-the-Ticket
- LDAP 枚举 (`ldap3`)
- BloodHound 数据收集 (`BloodHound.py`)
- SMB 共享枚举 (`SMBMap`)
## 🥷 11. 绕过与反取证
- Payload 混淆
- 进程镂空
- DLL 注入
- 日志清除 / 篡改
- 文件时间戳篡改
- 多态 Shellcode
- Base64 / XOR Payload 编码
## 🎮 12. C2 (命令与控制)
- 基于 DNS 的 C2 通道
- HTTP / HTTPS C2 Beacon
- Slack / Discord C2
- 使用 AES 加密的 C2
- 心跳 / 持久化机制
## 🔍 13. 漏洞扫描与利用
### 扫描与指纹识别
- CVE 扫描器 / 漏洞检查器
- 服务版本指纹识别
- Nmap Python 包装器 (`python-nmap`)
### 漏洞利用开发
- 漏洞利用开发 — 缓冲区溢出
- 格式化字符串漏洞测试器
- 自定义 Fuzzing 框架 (TCP / UDP / 文件 / API)
- ROP 链生成
- 缓冲区溢出 Pattern 生成器 (类似 `pattern_create`)
- Shellcode 编码器 / 解码器
- 坏字符查找器
## 🔐 14. 密码学攻击
- Padding Oracle 攻击
- ECB 模式检测
- 频率分析 (经典密码)
- 弱 TLS / SSL 检测
- S/MIME 与 PGP 密钥提取
- 密码哈希识别器
- AES / XOR 自定义加密与解密
## 🎣 15. 钓鱼工具
- 钓鱼电子邮件生成器
- 克隆网站以收集凭证
- URL 混淆技术
## 🔬 16. 取证与内存分析
- [使用 Volatility 3 从 Windows 内存转储中提取密码哈希](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/extract%20password%20hashes%20from%20a%20Windows%20memory%20dump%20using%20Volatility%203.md)
- [将执行重定向到注入的 shellcode](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/redirect%20execution%20to%20the%20injected%20shellcode.md)
- [Immunity Debugger](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/Immunity%20Debugger.md)
## ☁️ 17. 容器与云安全
- Docker 逃逸技术
- AWS / Azure / GCP 配置错误扫描器
- S3 存储桶枚举
## ⚙️ 18. 自动化管理任务
### 输入与输出处理
- [从文件接受输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_input_file.md)
- [从管道接受输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_pipe.md)
- [捕获并处理命令输出](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/capture_output.md)
- [重定向输入/输出流](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Redirect%20input-output%20streams.md)
### 系统命令与执行
- [执行外部系统命令](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/execute_external_commands.md)
- [运行脚本而不提示用户](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/no_prompt.md)
- [运行脚本并提示用户](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Run%20scripts%20with%20user%20prompts.md)
### 文件与目录操作
- [列出目录内容](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/list_dir.md)
- [使用 `os` 模块进行目录操作的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/os_dir_example.md)
- [创建文件或目录的备份](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Create%20backups%20of%20files%20or%20directories.md)
### 配置管理
- [读取和解析配置文件](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_config_file.md)
- [读取和处理多个配置文件](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_many_config_file.md)
### 安全与认证
- [安全处理密码输入](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/handling_password.md)
- [使用 `getpass` 进行安全密码输入的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/getpass_example.md)
- [重新提示输入密码](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/password_prompt_again.md)
### 日志与监控
- [生成并处理警告消息](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/generate_warnings.md)
- [使用 Python logging 模块的示例](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_example.md)
- [记录警告和错误代码](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_warnings_codes.md)
### 资源管理
- [为进程设置 CPU 使用限制](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/put_cpu_limit.md)
### Web 操作
- [打开网页或 URL](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/open_web.md)
# 📚 资源
## 书籍
- [Violent Python](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
- [Grey Hat Python](http://www.nostarch.com/ghpython.htm)
- [Black Hat Python](http://www.nostarch.com/blackhatpython)
- [Python 渗透测试 essentials](https://github.com/PacktPublishing/Python-Penetration-Testing-Essentials-Second-Edition)
- [Python 特工指南](https://www.packtpub.com/en-us/product/python-for-secret-agents-volume-ii-9781785283406)
- [Python Web 渗透测试 Cookbook](https://www.packtpub.com/en-us/product/python-web-penetration-testing-cookbook-9781784399900)
- [学习使用 Python 进行渗透测试](https://www.packtpub.com/en-us/product/learning-penetration-testing-with-python-9781785289552)
- [Python 取证](http://www.sciencedirect.com/science/book/9780124186767)
- [IDAPython 初学者指南](https://leanpub.com/IDAPython-Book)
[Python 进攻性渗透测试:使用 Python 进行道德黑客和渗透测试的实用指南](https://www.amazon.com/Python-Offensive-PenTest-practical-penetration/dp/1788838971)
# 🛠️ 用于渗透测试的 Python 工具
## 🌐 网络工具
### 核心网络库
- [Scapy](https://scapy.net):发送、嗅探、解剖和伪造网络数据包
- [Impacket](http://oss.coresecurity.com/projects/impacket.html):构造和解码网络数据包,支持 NMB 和 SMB
- [dpkt](https://github.com/kbandla/dpkt):快速、简单的数据包创建/解析,包含 TCP/IP 协议定义
- [pypcap](https://github.com/dugsong/pypcap)、[Pcapy](https://github.com/helpsystems/pcapy)、[Pcapy-NG](https://github.com/stamparm/pcapy-ng)、[libpcap](https://pypi.org/project/libpcap/):libpcap 的 Python 绑定
- [libdnet](https://github.com/ofalk/libdnet/):底层网络例程
### 网络侦察与枚举
- [SMBMap](https://github.com/ShawnDEvans/smbmap):枚举整个域中的 Samba 共享驱动器
- [AutoRecon](https://github.com/Tib3rius/AutoRecon):多线程网络侦察工具
- [Habu](https://github.com/portantier/habu):Python 网络黑客工具包
- [Knock Subdomain Scan](https://github.com/guelfoweb/knock):通过字典进行子域枚举
- [SubBrute](https://github.com/TheRook/subbrute):快速子域枚举工具
- [Spoodle](https://github.com/vjex/spoodle):批量子域 + poodle 漏洞扫描器
### 网络攻击与 MITM
- [Mitm6](https://github.com/fox-it/mitm6):基于 IPv6 的中间人攻击 (MITM) 工具
- [Mallory](https://github.com/intrepidusgroup/mallory):可扩展的 TCP/UDP 中间人代理
- [Pytbull-NG](https://github.com/netrunn3r/pytbull-ng/):灵活的 IDS/IPS 测试框架
## 🔍 调试与逆向工程
### 反汇编器与反编译器
- [Capstone](http://www.capstone-engine.org/):轻量级的多平台反汇编框架
- [Keystone](http://www.keystone-engine.org):轻量级的多平台汇编框架
- [diStorm](https://github.com/gdabah/distorm):针对 AMD64 的反汇编器库
- [pydasm](https://github.com/jtpereyda/libdasm/tree/master/pydasm):libdasm x86 反汇编库的 Python 接口
### 动态分析与插桩
- [Frida](http://www.frida.re/):动态插桩框架
- [Unicorn Engine](https://www.unicorn-engine.org/):CPU 模拟器框架
- [PyEMU](https://github.com/codypierce/pyemu/):完全可脚本化的 IA-32 模拟器
### 特定平台工具
- [Androguard](https://github.com/androguard/androguard):Android 应用程序的逆向工程与分析
- [IDAPython](https://github.com/idapython/src):IDA Pro Python 集成插件
- [Ghidrathon](https://github.com/mandiant/Ghidrathon):适用于 Ghidra 的 Python 3 脚本扩展
- [CHIPSEC](https://github.com/chipsec/chipsec):平台安全分析框架
### 调试框架
- [Paimei](https://github.com/OpenRCE/paimei):包含 PyDBG、PIDA、pGRAPH 的逆向工程框架
- [python-ptrace](http://python-ptrace.readthedocs.org/):使用 ptrace 的调试器
- [PyDbgEng](http://pydbgeng.sourceforge.net/):Microsoft Windows 调试引擎的 Python 封装
### 二进制分析
- [pefile](https://github.com/erocarrera/pefile):读取和使用可移植执行文件 (PE)
- [PyBFD](https://github.com/Groundworkstech/pybfd/):GNU 二进制文件描述符 (BFD) 库的 Python 接口
## 🎲 Fuzzing 工具
- [afl-python](http://jwilk.net/software/python-afl):为纯 Python 代码提供 American fuzzy lop 支持
- [Sulley](https://github.com/OpenRCE/sulley):Fuzzer 开发与 Fuzzing 测试框架
- [Peach Fuzzing Platform](https://github.com/MozillaSecurity/peach/):可扩展的 Fuzzing 框架
- [untidy](https://github.com/kbandla/python-untidy/):通用目的 XML Fuzzer
- [Powerfuzzer](http://www.powerfuzzer.com/):高度自动化的 Web Fuzzer
- [Construct](http://construct.readthedocs.org/):用于解析和构建数据结构的库
- [Fusil](http://fusil.readthedocs.org/):用于编写 Fuzzing 程序的 Python 库
## 🌐 Web 应用程序测试
### HTTP 客户端与测试
- [XSStrike](https://github.com/s0md3v/XSStrike):先进的 XSS 检测套件
- [Requests](https://requests.readthedocs.io/):优雅且简单的 HTTP 库
- [lxml](http://lxml.de/index.html):易于使用的处理 XML 和 HTML 的库
- [HTTPie](http://httpie.org):人性化、类似 cURL 的命令行 HTTP 客户端
- [Twill](https://twill-tools.github.io/twill/):支持自动化测试的命令行网页浏览工具
### Web 测试与自动化
- [FunkLoad](https://github.com/nuxeo/FunkLoad):功能和负载 Web 测试器
- [spynner](https://github.com/makinacorpus/spynner):支持 Javascript/AJAX 的可编程 Web 浏览器
- [mitmproxy](http://mitmproxy.org/):支持 SSL 的拦截 HTTP 代理
- [spidy](https://github.com/rivermont/spidy/):简单的命令行 Web 爬虫
- [Waymap](https://github.com/TrixSec/waymap):专为渗透测试人员设计的 Web 漏洞扫描器
## 🔬 取证与内存分析
- [Volatility](http://www.volatilityfoundation.org/):从易失性内存 (RAM) 中提取数字痕迹
- [Rekall](https://github.com/google/rekall):由 Google 开发的内存分析框架
- [TrIDLib](http://mark0.net/code-tridlib-e.html):通过二进制签名识别文件类型
## 🦠 恶意软件分析
- [pyew](https://github.com/joxeankoret/pyew):用于恶意软件分析的十六进制编辑器和反汇编器
- [Exefilter](https://github.com/decalage2/exefilter):过滤文件格式并检测/移除活动内容
- [jsunpack-n](https://github.com/urule99/jsunpack-n):通用 JavaScript 解包器
- [yara-python](https://github.com/VirusTotal/yara-python):识别和分类恶意软件样本
- [phoneyc](https://github.com/honeynet/phoneyc):纯 Python 的蜜罐客户端实现
- [CapTipper](https://github.com/omriher/CapTipper):分析来自 PCAP 文件的 HTTP 恶意流量
- [Cuckoo](https://github.com/cuckoosandbox/cuckoo):自动化恶意软件分析系统
- [CAPE](https://github.com/kevoreilly/CAPEv2):恶意软件配置和 Payload 提取
## 📄 PDF 分析
- [pdfminer.six](https://github.com/pdfminer/pdfminer.six):从 PDF 文件中提取文本
- [peepdf-3](https://github.com/digitalsleuth/peepdf-3):分析和探索 PDF 文件中的恶意内容
- [Didier Stevens 的 PDF 工具](http://blog.didierstevens.com/programs/pdf-tools):分析、识别和创建 PDF 文件
- [pyPDF](https://pypdf.readthedocs.io/):纯 Python 的 PDF 工具包
## 🔐 安全分析与评估
### 二进制与漏洞分析
- [Angr](https://github.com/angr/angr):用于漏洞研究和漏洞利用开发的二进制分析框架
- [ScoutSuite](https://github.com/nccgroup/ScoutSuite):多云安全审计工具
### 活动目录与 Windows
- [Certipy](https://github.com/ly4k/Certipy):活动目录证书服务枚举与滥用
- [BloodHound.py](https://github.com/fox-it/BloodHound.py):基于 Python 的 BloodHound 收集器,用于 AD 安全评估
- [wmiexec.py](https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py):通过 WMI 执行 Powershell 命令
### 通用安全工具
- [Pentestly](https://github.com/praetorian-inc/pentestly):Python 和 Powershell 渗透测试框架
- [hacklib](https://github.com/leonli96/python-hacklib):面向黑客爱好者的工具包
### OSINT 与情报
- [Exomind](https://github.com/jio-gl/exomind):用于构建装饰图和 OSINT 模块的框架
## 🛠️ 实用库
### 交互与可视化
- [Project Jupyter](https://jupyter.org):增强的交互式 shell
- [matplotlib](https://matplotlib.org):二维数组绘图
- [Mayavi](http://code.enthought.com/projects/mayavi/):三维科学数据可视化
- [RTGraph3D](http://www.secdev.org/projects/rtgraph3d/):动态 3D 图形
### 数据处理与分析
- [Beautiful Soup](http://www.crummy.com/software/BeautifulSoup/):专为屏幕抓取而优化的 HTML 解析器
- [Pandas](http://pandas.pydata.org/):高性能的数据结构和分析工具
- [NetworkX](https://networkx.org):用于边和节点的图库
- [Whoosh](https://github.com/whoosh-community/whoosh):全文索引和搜索库
### 网络与通信
- [Twisted](http://twistedmatrix.com/):事件驱动的网络引擎
- [Suds](https://github.com/suds-community/suds):轻量级 SOAP 客户端
### 解析与处理
- [simplejson](https://github.com/simplejson/simplejson/):JSON 编码器/解码器
- [pyparsing](https://pypi.org/project/pyparsing/):通用解析模块
- [lxml](http://lxml.de/):功能丰富的 XML 和 HTML 库
- [Hachoir](https://hachoir.readthedocs.io/en/latest/):逐字段查看和编辑二进制流
### 自动化与控制
- [Pexpect](https://github.com/pexpect/pexpect):控制和自动化其他程序
- [SikuliX](https://sikulix.github.io/docs/scripts/python/):用于搜索和自动化 GUI 的视觉技术
- [PyQt](http://www.riverbankcomputing.co.uk/software/pyqt) 和 [PySide](http://www.pyside.org/):Qt 框架的 Python 绑定
### 字典与密码工具
- [PyMangle](http://code.google.com/p/pymangle/) / [py-mangle](http://code.google.com/p/pymangle/):为渗透测试创建字典列表








# 联系我:
标签:Python, Splunk, 安全脚本, 无后门, 用户模式钩子绕过, 网络安全, 逆向工具, 隐私保护