一款部署于云端或本地的隧道代理池中间件，可将静态代理IP灵活运用成隧道IP，提供固定请求地址，一次部署终身使用

Learning Shell，Python，Golang，System，Network

BloodyAD is an Active Directory Privilege Escalation Framework

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

Get IP address on other side audio call in Telegram.

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Test tool for CVE-2020-1472

微信小程序辅助渗透-自动化

IDA pro plugin to find crypto constants (and more)

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

基于Frida的脱壳工具

Allows you to partly emulate an Android native library.

Kerberos relaying and unconstrained delegation abuse toolkit

Burp Plugin to Bypass WAFs through the insertion of Junk Data

MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize

OA综合利用工具，集合将近20款OA漏洞批量扫描

Yet Another Golang binary parser for IDAPro

New generation of wmiexec.py

Tiny cute emulator plugin for IDA based on unicorn.

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

自动化爬取并自动测试所有swagger接口

Automatically fetch Google Chrome offline installer using GitHub Actions

Cheap EMUlator: lightweight multi-architecture assembly playground

基于各大API的一款企业信息查询工具，为了更快速的获取企业的信息，省去收集的麻烦过程，web端于plat平台上线

非付费会员，fofa数据采集工具

🔨 Break Java Reverse Engineering form Memory World!

Tools for Kerberos PKINIT and relaying to AD CS

WaterExp:面向安服仔的 水报告模板和工具

An improved version of AndroidNativeEmu,Allow running android elf on PC