Stars
JavaScript Reverse Tools -- JS逆向工具
高性能 HTTP 正向代理工具 | A high-performance http tunneling tool
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
一个半自动化springboot打点工具,内置目前springboot所有漏洞
面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams
自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with …
OSS Browser 提供类似windows资源管理器功能。用户可以很方便的浏览文件,上传下载文件,支持断点续传等。
漏洞挖掘神器 | 浏览器插件 | 发现页面和JS中的隐藏接口和敏感信息、URL批量打开 & Vulnerability Mining Tool | Browser Plugin | Discover Hidden Interfaces, Sensitive Information in Pages and JS, Open Multiple URLs | Notepad
An integrated BurpSuite vulnerability detection plug-in.
dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标
Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
Linux 安全应急响应检查脚本。早期版本叫 linuxcheck(更新到 v5.0 版本后不再更新),在旧版本基础上功能模块化就有了新版本叫 linuxGun,全工具使用 shell 编写,不依靠外部环境,尽量不使用第三方条件,希望在极端条件下能出一份力。