Stars
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
Find, verify, and analyze leaked credentials
Fast passive subdomain enumeration tool.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
An OOB interaction gathering server and client library
Quickly discover exposed hosts on the internet using multiple search engines.
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
一个高价值漏洞采集与推送服务 | Collect valueable vulnerabilities and push them to various services
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
Community curated list of public bug bounty and responsible disclosure programs.
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
A high performance go implementation of Wappalyzer Technology Detection Library