🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"

Automating the MITM attack on WSUS

An open-source AI agent that brings the power of Gemini directly into your terminal.

Chrome MCP Server is a Chrome extension-based Model Context Protocol (MCP) server that exposes your Chrome browser functionality to AI assistants like Claude, enabling complex browser automation, c…

Pocket Flow: 100-line LLM framework. Let Agents build Agents!

这是Fscan的功能完善、增强、定制版本

📥 A Telegram toolkit written in Golang

PoC Exploit for the NTLM reflection SMB flaw.

AI-Powered Python & Python-Powered AI (Python-Use)

🌐 Make websites accessible for AI agents. Automate tasks online with ease.

🔍 CodeAuditAssistant - IDEA代码审计插件（公测中） ⚡ 精准追踪复杂调用链 | 🚀 毫秒级方法搜索 | 🔥 内置高危漏洞检测 原生集成 | 反编译/路径分析 | 内存优化 | 安全审计利器 🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 …

A Model Context Protocol server for IDA

攻防演练过程中，我们通常会用浏览器访问一些资产，但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等，该插件能让我们发现未授权/敏感信息/越权/登陆接口等。

IngressNightmare POC. world first non-blind remote execution exploitation with multi-advanced exploitation methods. allow on disk exploitation. CVE-2025-24514 - auth-url injection, CVE-2025-1097 - …

拼多多apk内嵌提权代码，及动态下发dex分析

jadx-gui反编译工具二次开发，接入AI赋能。

SharpHostInfo是一款快速探测内网主机信息工具（深信服深蓝实验室天威战队强力驱动）

Model Context Protocol Servers

Proof of Concept (PoC) for CVE-2024-7014 (EvilVideo) Exploit

针对Navicat的后渗透利用框架

向日葵密码提取、todesk密码提取，ID、临时密码，安全密码读取工具

一款集成高危漏洞exp的实用性工具

11 Lessons to Get Started Building AI Agents

A Quantum-Safe Secure Tunnel based on QPP, KCP, FEC, and N:M multiplexing.

Create beautiful applications using Go

云环境利用框架（Cloud exploitation framework）主要用来方便红队人员在获得 AK 的后续工作。

xp_CAPTCHA(瞎跑 白嫖版) burp 验证码 识别 burp插件

一个用于处理fsacn输出结果的图形化工具（尤其面对大量资产的fscan扫描结果做输出优化，让你打点快人五步！！！）