Stars
Shikata ga nai (仕方がない) encoder ported into go with several improvements
一个简单的远程分离的加载器,免杀国内大部分杀软(360 火绒 Windows Defender 金山毒霸 电脑管家)
猫猫Cs:基于Cobalt Strike[4.5]二开 (原dogcs二开移植)
Find a geolocation of an IP address including city, region, country and organization.
Cross-platform game hack for Counter-Strike 2 with Panorama-based GUI.
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
A javascript library providing cross-browser, cross-site messaging/method invocation.
Cross-browser support for HTML5's noreferrer link type.
test script for shellshocker and related vulnerabilities
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Shell script for testing the SSL/TLS Protocols
The Browser Exploitation Framework Project
Security Guide for Developers (实用性开发人员安全须知)
ZoomEye-python: The official Python library and CLI by Knownsec 404 Team.
Fast and powerful SSL/TLS scanning library.
OnionScan is a free and open source tool for investigating the Dark Web.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
The most advanced browser fingerprinting library.
WAFNinja is a tool which contains two functions to attack Web Application Firewalls.
A collection of various awesome lists for hackers, pentesters and security researchers