Free universal database tool and SQL client

Graphs for Everyone

🔎 Open source distributed and RESTful search engine.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Android Floating Action Button based on Material Design specification

Android virtual machine and deobfuscator

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Cknife

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

The new bridge between Burp Suite and Frida!

一款基于BurpSuite的被动式shiro检测插件

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

JNDIExploit or a ysoserial.

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率

Nuclei plugin for BurpSuite

对Auth/Waf 自动化bypass的burpsuite插件

A byte code analyzer for finding deserialization gadget chains in Java applications

通过jsp脚本扫描java web Filter/Servlet型内存马

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…

Automated HTTP Request Repeating With Burp Suite

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks