Troubleshooting skills for Alibaba Cloud ECS

AdaptixC2 is a highly modular advanced redteam toolkit

KunLun-M — Open-source static code analysis for PHP, Nodejs/JavaScript, Python, Golang, Java and C/C++, with AST-based semantic scanning and one-click AI Agent integration (OpenClaw, Codex, Claude …

Xalgorix - The Most Powerful Open-Source AI Pentesting Agent

A AI general-purpose state-space search engine, validated first on autonomous penetration testing.

Claude Code 免杀 SubAgents

wooyun-legacy skill for claude code

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

一个用于web框架、CDN和CMS指纹识别的高性能命令行工具。A high-performance command-line tool for web framework, CDN and CMS fingerprinting.

腾讯云黑客松 - 智能渗透挑战赛 第一届Top9

2026最新免费社工库排行

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Windows inside a Docker container.

安卓应用安全学习

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等

A toolset to make a system look as if it was the victim of an APT attack

Toolkit to emulate firmware and analyse it for security vulnerabilities

httpscan implements by Go

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams

高危漏洞精准检测与深度利用框架

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

飞刃是一套完整的企业级黑盒漏洞扫描系统，集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库，覆盖多种漏洞类型和应用程序框架。

Flash钓鱼弹窗优化版

Windows Events Attack Samples