Turn raw traffic into structured intelligence. 渗透测试流量的负熵实现与 AI 预处理组件。

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

Web path scanner

📚 《从零开始构建智能体》——从零开始的智能体原理与实践教程

shellcode免杀加载器，使用go实现，免杀bypass火绒、360、核晶、def等主流杀软

A Swagger API Exploit

EZ是一款集信息收集、端口扫描、服务暴破、URL爬虫、指纹识别、被动扫描为一体的跨平台漏洞扫描器。

一个基于规则的加解密破签工具

JavaScript Reverse Tools -- JS逆向工具

D-Eyes为M-SEC社区一款检测与响应工具

Security tools for web vulnerability detection. | 一款兼具本地式与分布式优势、插件外部动态化导入并致力于Web黑盒漏洞探索的轻量级主被动扫描器.

WaterExp:面向安服仔的 水报告模板和工具

安卓应用层抓包通杀脚本

This is a modified version of proxydroid that supports tweaking configuration via command line

LSPosed Framework

BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in se…

经典的安卓反编译工具。

Tools to work with android .dex and java .class files

提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。

整理了插件與IDE環境讓AndroidKiller能繼續用

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool…

Display and control your Android device

一个用于前端加密Fuzz的Burp Suite插件

Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64

CVE-2025-49844 (RediShell)

CobaltStrike <= 4.7.1 RCE

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

windows和linux基线检查，配套自动化检查脚本。纯手打。

Pingtunnel is a tool that send TCP/UDP traffic over ICMP

Cobalt Strike Malleable C2 Design and Reference Guide