An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

Project that listens to bitcoin websocket API for new transactions and stores them to Neo4j to be analyzed

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Prefetch Explorer Command Line

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

基于 Rust + eBPF 丢弃 GFW DNS 污染包

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

Golang Secure Coding Practices guide

A simple library to recover the private key of ECDSA and DSA signatures sharing the same nonce k and therefore having identical signature parameter r

Visualize Solidity control flow for smart contract security analysis. 💵 ⇆ 💵

Burp Bounty profiles compilation, feel free to contribute!

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

云函数代理服务

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

Desktop implementation of Steam's mobile authenticator app

HTTP parameter discovery suite.

Load shellcode into a new process

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)

request new identity every X seconds interval using TOR client

Stealing Signatures and Making One Invalid Signature at a Time

JShell - Get a JavaScript shell with XSS.

Socks proxy, and reverse socks server using powershell.

Deepfakes Software For All

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

openvpn-monitor is a web based OpenVPN monitor, that shows current connection information, such as users, location and data transferred.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors