KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

Adversary simulation and Red teaming platform with AI

Web path scanner

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

QR Code Analysis and Recovery Toolkit

Firmware Analysis Tool

鼠标键盘流量包取证

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

Crack hashes in seconds.

一款用于自动化处理内存取证的Python脚本，并提供GUI界面

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

A Genetic Algorithm-Based Solver for Jigsaw Puzzles 🌀

Linux应急处置/信息搜集/漏洞检测工具，支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查

IDE (Interpreter/Debugger Engine) for esoteric programming languages. Allows step-by-step debugging and shows a watch window during debugging. Modular design allows easy adding of new languages.

BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker

元豚科技 - 基于日志安全分析做切入，做最好用的「云原生安全运维工作台」

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Linux privilege escalation auditing tool

✍🏻 这里是写博客的地方 —— Halfrost-Field 冰霜之地

You Know, For WEB Fuzzing ! 日站用的字典。

Python antivirus evasion tool

“冰蝎”动态二进制加密网站管理客户端

应急响应实战笔记，一个安全工程师的自我修养。

Weblogic一键漏洞检测工具，V1.5，更新时间：20200730

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

zsteg-python

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）