Toybox combines many common Linux command line utilities together into a single BSD-licensed executable. It's simple, small, fast, and reasonably standards-compliant (POSIX-2008 and LSB 4.1).
Toybox's main goal is to make Android self-hosting by improving Android's command line utilities so it can build an installable Android Open Source Project image entirely from source under a stock Android system. After a talk at the 2013 Embedded Linux Conference explaining this plan (outline, video), Google merged toybox into AOSP and began shipping toybox in Android Marshmallow in 2015.
Toybox aims to provide one quarter of a theoretical "minimal native development environment", which is the simplest Linux system capable of rebuilding itself from source code and then building Linux From Scratch and the Android Open Source Project under the result. In theory, this should only require four packages: 1) a set of posix-ish command line utilities, 2) a compiler[1], 3) a C library, and 4) a kernel. This provides a reproducible and auditable base system, which with the addition of a few convienciences (vi, top, shell command line history...) can provide a usable interactive experience rather than just a headless build server.
This is an amalgam of TTP's on different offensive ML attacks encompassing the ML supply chain and adversarial ML attacks.
It is focused heavily on attacks that have code you can use to perform the attacks right away, rather than a database of research papers. (PoC or GTFO type logic). Generally speaking if it is here I have tested it and it works. The intent is to help red teams and offensive practitioners quickly understand what tool in the toolbox to use to attack ML environments.
This is a living vault. It is very much not a finished list of resources. There are pages that are polished, and some that are little more than placeholders with a few bullet points that I jotted down during conferences or on the fly.
The goal is to organize the attacks in a way that is useful to red team operators rather than useful for say, academics trying to understand adversarial ML.
A curated list of delightful Bash scripts and resources.
In addition to this list, you should read the list awesome-shell. It is a curated list of awesome command-line frameworks, toolkits, guides and gizmos. You may also want to check awesome-zsh or awesome-fish. If you are looking for more lists, check sindresorhus/awesome.
This is jo, a small utility to create JSON objects. Jo tries to be clever about types and knows null, booleans, strings and numbers. It does arrays, and it pretty-prints on demand. If a key’s value begins with an opening brace ({) or a bracket ([]) we attempt to decode JSON from it; this allows jo to add objects or arrays (use -a!) to itself. jo also supports nested types natively.
In the AUR as jo-git.
Tigress is a diversifying virtualizer/obfuscator for the C language that supports many defenses against both static and dynamic reverse engineering and de-virtualization attacks. Tigress is a source-to-source transformer - it takes a C source program as input and returns a new C program as output. An obfuscation script (actually, a long sequence of command line options) describes the sequences of transformations that should be applied to the functions of the program.
Hiren’s BootCD PE (Preinstallation Environment) is a restored edition of Hiren’s BootCD based on Windows 10 PE x64. Since there are no official updates after November 2012, PE version is being developed by Hiren’s BootCD fans. It contains the fewest but best free tools. It is being developed for the new age computers, it supports UEFI booting and requires a minimum of 2 GB RAM.
With the useful tools inside of the CD, you can fix many problems related to your computer. It does not contain any pirated software, it contains only free and legal software.
After boot, PE version tries to install drivers like graphics, sound, wireless and ethernet card for your hardware. So that you can connect to a WIFI or Ethernet network. Please Contact Us with your hardware model if your WIFI or Ethernet card is not recognized by the PE version. We will try to add the required drivers in the new releases.
A website where every file can be downloaded over a 2400 bit per second connection.
There are many people in the world whose best Internet connection is 2400 bps. There are many computers in the world which can't handle high-speed connections either. This site offers manually selected computing resources that can be downloaded under 10 minutes on a 2400 bps internet connection (or about 2ms over a one megabit per second connection).
Busybox ported to Windows. Can be compiled for both 32-bit and 64-bit Windows. Includes shells. Can be cross-compiled from a Linux box. Make sure that you look at the README.md file, not the regular README for build documentation.
The lockpicking tools aren't really anything to write home about. Extensive collection of utility and vehicle skeleton keys. The Other category is where this shop has the really interesting stuff.
This tool has been made to crack the password of an XMPP account. The server in question needs to use SASL authentication.
News and investment data for just about every market you can think of around the world, from stocks to commodities to cryptocurrency.
A community maintained and organized list of resources to block, limit, evade and otherwise futz with ads, ad tech and web tracking. Browser based, network based, videos, e-mail, VPNs, and more.
A collection of tools, calculators, converters, generators, encoders, decoders, and more of common use to IT. Can be built by hand but it's probably easier to download the latest release and unpack that.
An online directory of Flipper Zero applications built from source automatically. Pay attention to which F0 firmware an app's been written for, they're not all the same. A few you might have to compile yourself.
A command line tool to extract the main content from a webpage, as done by the "Reader View" feature of most modern browsers. It's intended to be used with terminal RSS readers, to make the articles more readable on web browsers such as lynx. The code is closely adapted from the Firefox version and the output is expected to be mostly equivalent.
This tool is young and written in C, so it's reasonable to wonder about the potential for memory issues. To be safe, all HTML parsing happens inside a sandboxed subprocess. Seccomp is used for this purpose on Linux, Pledge on OpenBSD, and Capsicum on FreeBSD.
Small program that computes and plots spectrograms, either in a live window or to disk, with support for stdin input. In theory, you can run any data through it and generate a spectrogram. Read the manpage.
In the AUR (but you want specgram-git because specgram has a bug and won't compile!)
This is a fork of Apprentice Harper's version of the DeDRM tools. Apprentice Harper said that the original version of the plugin is no longer maintained, so I've taken over, merged a bunch of open PRs, and added a ton more features and bugfixes.
These are plugins for Calibre v4.x and later for removing DRM from ebooks.
A curated list of delightful tools for digital creatives in a variety of mediums.
Automated decoding of encrypted text without knowing the key or ciphers used. Ares is the next generation of decoding tools, built by the same people that brought you Ciphey. We fully intend to replace Ciphey with Ares.
Ares is fast. Very fast. Other decoders such as Ciphey require advance artifical intelligence to determine which path it should take to decode (whether to try Caesar next or Base64 etc). Ares is so fast we don't need to worry about this currently. For every 1 decode Ciphey can do, Ares can do ~7. That's a 700% increase in speed.
There are 2 main parts to Ares, the library and the CLI. The CLI simply uses the library which means you can build on-top of Ares.
Ares currently supports 16 decoders and it is growing fast. Ciphey supports around ~50, and we are adding more everyday.
Suricata IDS is a free intrusion detection/prevention system and network security monitoring engine. This is a list of awesome things that go with it.