《Hello 算法》：动画图解、一键运行的数据结构与算法教程。支持 Python, Java, C++, C, C#, JS, Go, Swift, Rust, Ruby, Kotlin, TS, Dart 代码。简体版和繁体版同步更新，English version in translation

Ghidra is a software reverse engineering (SRE) framework

Dex to Java decompiler

Learn Low Level Design (LLD) and prepare for interviews using free resources.

Apache Doris is an easy-to-use, high performance and unified analytics database.

The ZAP by Checkmarx Core project

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

The modern Java bytecode editor

MCP Server for Ghidra

A modern, web-based SSH console and key management tool. Bastillion gives you a clean, browser-based way to manage SSH access across all your systems. Think of it like a bastion host with a friendl…

Android split APKs installer

Quickly find differences and similarities in disassembled code

iOS and macOS Decompiler

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Burp suite 分块传输辅助插件

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

The new bridge between Burp Suite and Frida!

Powerful android apk editor - aapt/aapt2 independent

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

HTTP proxy server,support HTTPS&websocket.MITM impl,intercept and tamper HTTPS traffic.

服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

Vulnerable app with examples showing how to not use secrets

Web漏洞扫描工具XRAY的GUI启动器

Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。

xia SQL (瞎注) burp 插件 ，在每个参数后面填加一个单引号，两个单引号，一个简单的判断注入小插件。