Stars
EmailAll is a powerful Email Collect tool — 一款强大的邮箱收集工具
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
An integrated BurpSuite vulnerability detection plug-in.
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote …
KCon is a famous Hacker Con powered by Knownsec Team.
Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber
Using nmap NSE scripts for identifying common ICS protocols[使用nmap的nse脚本对常见工控协议进行识别,附对应nse脚本,并记录pcap流量]
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
PC微信小程序 wxapkg 解密
建议使用新版:https://github.com/jar-analyzer/jar-analyzer