Open-source passive reconnaissance and attack surface exploration tool that leverages VirusTotal and the Wayback Machine to discover subdomains, URLs, archived web assets, and potential exposure fi…

WAFBypass 是一款高级Web应用防火墙（WAF）检测与绕过工具，旨在回答一个问题："目标真的有WAF防护吗？" 它能够检测目标Web应用是否受到防火墙保护，并自动尝试寻找有效的绕过方法。

Smart contract security auditor for Claude Code — vuln detection, exploit PoCs, mainnet-fork simulation, audit cards, on-chain certificates. Solidity + Vyper · 38 commands · 19 agents · 33 skills ·…

ByPassTamperPlus / SQLMap加强绕WAF / Code By:Tas9er

Go HTTP client with browser-identical TLS/HTTP2 fingerprinting. Bypass bot detection by perfectly mimicking Chrome, Firefox, and Safari at the cryptographic level (JA3/JA4, Akamai fingerprint, head…

SURF - Advanced Go HTTP client with Chrome/Firefox browser impersonation, HTTP/3 with QUIC fingerprinting, JA3/JA4 TLS emulation, and anti-bot bypass for web automation and scraping.

The script and configuration files in this repository provide an easy method to customize and apply performance related settings to Windows Client and Server desktop environments.

A fast & light web screenshot without headless browser but Chrome DevTools Protocol!

Stealthy Linux Kernel Rootkit for modern kernels (6x)

Open-source AI hackers to find and fix your app’s vulnerabilities.

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

ICMP/TCP host fingerprinting engine for Sirius

COM ViewLogger — new malware keylogging technique

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains use…

NFC signal and protocol analyzer using SDR receiver

Bluetooth Low Energy (BLE) scanner with Resolvable Private Address (RPA) resolution using Identity Resolving Keys (IRKs)

Go 代码混淆工具，使用 AST (抽象语法树) 技术实现跨文件的代码混淆，同时保证混淆后的代码可编译和可执行。

A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

Microsoft Network Service Fingerprinting Tool

RFC1751 implementation in Go

This is a multi-use bash script for Linux systems to audit wireless networks.

High-performance distributed RDP brute-force system with Go

Dqueue is a distributed queue between multiple asterisk servers when they are behind a sip proxy server such as kamailio.

pystrix is an attempt at creating a versatile Asterisk-interface package for AMI and (Fast)AGI needs.

A nearly-live implementation of OpenAI's Whisper.

Port of OpenAI's Whisper model in C/C++

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

WebSocket, gRPC and WebRTC speech recognition server based on Vosk and Kaldi libraries

Analyze an APK archive.

A tool that allows you to extract a client-specific wordlist from the LDAP of an Active Directory.