Termux - a terminal emulator application for Android OS extendible by variety of packages.

Dex to Java decompiler

APM, Application Performance Monitoring System

A tool for reverse engineering Android apk files

Ip2region is an offline IP address manager framework and locator with both IPv4 and IPv6 supported, supporting billions of data segments, ten microsecond searching performance, xdb search client fo…

🚌 The IK Analysis plugin integrates Lucene IK analyzer into Elasticsearch and OpenSearch, support customized dictionary.

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Logstash - transport and process your logs, events, or other data

The ZAP by Checkmarx Core project

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

A Flexible and Powerful Parameter Server for large-scale machine learning

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

Java web common vulnerabilities and security code which is base on springboot and spring security

Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

P6Spy is a framework that enables database data to be seamlessly intercepted and logged with no code changes to the application.

China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

A secure and quick biometric authentication standard and platform in Android held by Tencent.

jSQL Injection is a Java application for automatic SQL database injection.

Android application to brute force WiFi passwords without requiring a rooted device.

Burp plugin able to find reflected XSS on page in real-time while browsing on site

Vulnerability scanner based on vulners.com search API

解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

trace for PHP

WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit G…

fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class，然后运行Poc.java

First IDE for Nmap Script (NSE) Development.

Create a TCP circuit through validly formed HTTP requests

Add headers to all Burp requests to bypass some WAF products

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file