Stars
📚【更新中】AI-Driven Enterprise Security: Architecture, Methodology, and Practice:一部系统化的企业安全技术专著,覆盖安全架构设计、方法论框架与工程实践。 /*⚡🌊🛡️*/
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Burp Suite extension for receiving TLS/HTTP traffic captured by eCapture (eBPF)
JWT Auditor – Analyze, break, and understand your tokens like a pro.
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
A security focused static analysis tool for Android and Java applications.
Free, simple, fast interactive diagrams for any GitHub repository
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
A command-line tool for downloading APK files from various sources
This app runs various webview tests to explore the attack surface and exploit techniques
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
A sample project for building Zygisk modules
支持Android7-15移动证书,兼容magiskv20.4+/kernelsu/APatch, Support Android7-15, compatible with magiskv20.4+/kernelsu/APatch
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
基础反检测 frida-server / Basic anti-detection frida-server
Rust-based high performance domain permutation generator.
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discove…
An Intentionally designed Vulnerable Android Application built in Kotlin.
Unsecure time-based secret exploitation and Sandwich attack implementation Resources
OWASP Thick Client Application Security Verification Standard
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.