📝A simple and elegant markdown editor, available for Linux, macOS and Windows.

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

WebSocket cat

BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in se…

apk加固特征检查工具，汇总收集已知特征和手动收集大家提交的app加固特征，全网最全开源加固特征，支持40个厂商的加固检测，欢迎大家提交无法识别的app

Open-source AI agents for penetration testing

Tools for Kerberos PKINIT and relaying to AD CS

Powershell tool to automate Active Directory enumeration.

A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.

A fast TCP/UDP tunnel over HTTP

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Tool for Active Directory Certificate Services enumeration and abuse

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading prox…

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A swiss army knife for pentesting networks

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

Domain Password Spray

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

Native port of Redis for Windows. Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Se…

Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)

HikvisionExploiter is a Python-based utility designed to automate exploitation and directory accessibility checks on Hikvision network cameras exploiting the Web interface Version 3.1.3.150324 + CV…

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.