PentestNotes

非付费会员，fofa数据采集工具

out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability

SQL views for Dune

BitCoin Export ReQuests

Visualize bitcoin transactions using d3.js

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

OpenBullet reinvented

Disable web developer tools from the f12 button, right-click and browser menu

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

a collection of north korean apt articles, analysis and heists attributed to lazarus / bluenoroff / apt38.

This repository presents a proof-of-concept of CVE-2023-7028

Automatic acquisition of TG channel proxy information

Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

APT38 Tactic PoC for Stealing 0days from security researchers

Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts

集权设施扫描器

Bypass android application SSL-pinning

A collective list of free APIs

纯真IP数据库，每天从官方授权方式自动抓取最新文件

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

macOS (& ios) Artifact Parsing Tool

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.