Cross-platform automation framework for all kinds of apps, built on top of the W3C WebDriver protocol

Community curated list of templates for the nuclei engine to find security vulnerabilities.

本仓库包含对 Claude Code v1.0.33 进行逆向工程的完整研究和分析资料。包括对混淆源代码的深度技术分析、系统架构文档，以及重构 Claude Code agent 系统的实现蓝图。主要发现包括实时 Steering 机制、多 Agent 架构、智能上下文管理和工具执行管道。该项目为理解现代 AI agent 系统设计和实现提供技术参考。

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

This is probably the best web presentation tool so far!

Cuckoo Sandbox is an automated dynamic malware analysis system

Awesome XSS stuff

KCon is a famous Hacker Con powered by Knownsec Team.

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

RTCMultiConnection is a WebRTC JavaScript library for peer-to-peer applications (screen sharing, audio/video conferencing, file sharing, media streaming etc.)

The XSS Hunter service - a portable version of XSSHunter.com

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

BurpSuite using the document and some extensions

中国蚁剑后渗透框架

A Xposed Module for Android Penetration Test, with NanoHttpd.

[NO MAINTENANCE] a jQuery plugin for preview markdown table of content jQuery.zTree_Toc.js toc ztree and online demo site v0.4.1

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).

A front-end JavaScript toolkit for creating DNS rebinding attacks.

flash.cn钓鱼页（中文+英文）

DOM XSS scanner for Single Page Applications

avList - 杀软进程对应杀软名称

An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.

Collection of macOS persistence methods and miscellaneous tools in JXA

🧬 辅助生成 XRay YAML POC

FileReader Exploit

Exploit for CVE-2019-9810 Firefox on Windows 64-bit.

An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal