Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web A…

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

开源跳板机(堡垒机):认证,授权,审计,自动化运维(Open source springboard machine ( fortress machine ): Authentication, authorization, audit, automated operation and maintenance).http://www.jumpserver.org

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

一款监控端口变化的系统——beholder_web端

Python Remote Administration Tool

Six Degrees of Domain Admin

一款监控端口变化的系统——beholder_scanner端

Application Security Verification Standard

linux入侵排查脚本_整合版

“冰蝎”动态二进制加密网站管理客户端

Android backup extractor

安全从业人员常用开源工具资料合集

CVE 2017-9805

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming la…

乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

FuzzDomain

My musings with PowerShell

Pentest cmd manager- Beta

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

my public code

A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is…

A little tool to play with Windows security