This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org
AI Analysis
A comprehensive, curated collection of cybersecurity resources, scripts, tools, and training materials covering ethical hacking, penetration testing, exploit development, digital forensics, AI security, and incident response. Maintained by Omar Santos as supplemental material for his books, courses, and live training, it serves security professionals, students, and practitioners across offensive and defensive specialties—not suitable for general-purpose software development or non-security do...
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Omar Santos' curated cybersecurity knowledge base covers hacking, DFIR, AI security, and certifications
h4cker is a large, curated reference repository of cybersecurity resources — tools, scripts, labs, cheat sheets, and links — spanning ethical hacking, bug bounties, DFIR, AI security, reverse engineering, and certification prep. It is maintained by Cisco's Omar Santos and serves as supplemental material for his books, O'Reilly courses, and live training. Its primary audience is security practitioners, students, and learners preparing for certifications or expanding their offensive/defensive skill sets. It is not a software tool but a structured knowledge index.
Created in June 2017 by Omar Santos, the repository has evolved from a simple hacking resource dump into a taxonomically organized cybersecurity knowledge base, with recent additions covering AI security and LLM engineering as those topics became prominent.
Growth appears driven by Omar Santos' public profile (Cisco Distinguished Engineer, author of multiple security books, O'Reilly instructor), social media sharing, and organic discovery by security learners. The 169 stars gained in the last 7 days suggests sustained but not viral traction. The repository has accumulated nearly 28K stars over ~9 years, indicating steady long-term accumulation rather than a spike-driven growth pattern.
The repository is publicly affiliated with Santos' commercial training offerings at hackertraining.org and O'Reilly, which implies real learner traffic. However, direct evidence of enterprise or production tooling adoption is absent — the project functions as a learning and reference resource, not deployable software. Adoption as a training supplement is likely substantial given the author's platform, but independent verification of usage numbers is not available.
Appears to be a directory-based taxonomy of Markdown files, Jupyter notebooks, scripts, and external links. The primary language is listed as Jupyter Notebook, suggesting some interactive content alongside static reference material. The structure is organized around cybersecurity domains, certifications, AI, and lab-building sections.
Not documented in README — not applicable for a curated resource repository.
Last push was 2026-05-28, approximately 26 days before the evaluation date, indicating active and recent maintenance. Given the repository's age and consistent updates, maintenance appears ongoing and healthy rather than sporadic.
ADOPT IF: you are a security learner, certification candidate, or practitioner looking for a broad, organized, and actively maintained reference spanning offensive and defensive security topics, especially if you follow Santos' training materials. AVOID IF: you need a deployable tool, a software library, or a narrowly curated list for a specific sub-discipline — the breadth can feel unfocused for advanced specialists. MONITOR IF: you are interested in how AI security resources and LLM-related security content mature within a practitioner-oriented repository over the next 12–18 months.
Independent dimensions
Mainstream potential
4/10
Technical importance
4/10
Adoption evidence
4/10
- Single-maintainer dependency: the repository's quality and activity are closely tied to Omar Santos personally, creating a bus-factor risk if he reduces involvement.
- Link rot is a persistent risk for any large curated repository; external resources go stale, move, or disappear without automated checking.
- Breadth-over-depth tradeoff: the wide scope may result in shallow coverage of specialized topics compared to domain-specific resources.
- The repository's close tie to Santos' commercial training products means curation decisions may be influenced by what supports his curriculum rather than purely community needs.
- As the cybersecurity landscape evolves rapidly, portions of the content may become outdated faster than they can be refreshed by a single maintainer.
Likely to continue steady growth as a trusted reference hub tied to Santos' training ecosystem, with AI security content becoming a larger share of new additions over the next 1–2 years.
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Website
- https://hackerrepo.org
- Language
- Jupyter Notebook
- License
- MIT
- Last updated
- 2w ago
- Created
- 110mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
No open issues — clean slate.
Open pull requests
No open pull requests.
Top contributors
Recent releases
No releases published yet.
Similar repos
Hack-with-Github/Awesome-Hacking
Awesome-Hacking is a curated meta-list that aggregates other 'awesome' lists...
vitalysim/Awesome-Hacking-Resources
Awesome Hacking Resources is a curated index repository collecting links to...
taielab/awesome-hacking-lists
Awesome-hacking-lists is a curated collection repository aggregating...
edoardottt/awesome-hacker-search-engines
A curated collection of search engines and tools for security professionals...
enaqx/awesome-pentest
Awesome Penetration Testing is a comprehensive curated list of penetration...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
28.3k | +200 | Jupyter Notebook | 8/10 | 2w ago |
|
|
115.9k | — | — | 7/10 | 2mo ago |
|
|
17.2k | — | — | 7/10 | 2mo ago |
|
|
1.4k | — | — | 6/10 | 7mo ago |
|
|
10.9k | — | Shell | 7/10 | 4d ago |
|
|
26.6k | — | — | 7/10 | 6mo ago |
The dominant aggregator in this space with over 114K stars. More of a pure link list across hacking repos; h4cker is more structured around Santos' opinionated curriculum and includes original scripts and notebooks.
Focused specifically on penetration testing tools and resources. h4cker covers a broader domain including DFIR, AI security, and certification prep, making it more of a career-spanning reference.
Similar curated format but less actively maintained and smaller in scope. h4cker has more recent updates and original supplemental material.
Narrowly focused on search engines for hackers. Not a direct competitor — more of a complementary reference that h4cker likely links to.
Smaller, more general aggregator. h4cker is more domain-specific and authored with a clear curriculum intent.