CaptainRoBer's Stars
gchq/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
electerm/electerm
📻Terminal/ssh/telnet/serialport/RDP/VNC/sftp client(linux, mac, win)
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
aboul3la/Sublist3r
Fast subdomains enumeration tool for penetration testers
knownsec/404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
CodingGay/BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
s0md3v/Arjun
HTTP parameter discovery suite.
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
PeiQi0/PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
kelvinBen/AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
gh0stkey/HaE
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
tomnomnom/httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
brendan-rius/c-jwt-cracker
JWT brute force cracker written in C
zhzyker/dismap
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
0xbug/Hawkeye
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
SafeGroceryStore/MDUT
MDUT - Multiple Database Utilization Tools
HXSecurity/DongTai
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
hzzheyang/strongR-frida-android
An anti detection version frida-server for android.
k8gege/Aggressor
Ladon 911 for Cobalt Strike & Cracked Download,Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
TheKingOfDuck/ApkAnalyser
一键提取安卓应用中可能存在的敏感信息。
boy-hack/ksubdomain
Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
r0eXpeR/Online_Tools
一些在线的工具,情报资源
chrislockard/api_wordlist
A wordlist of API names for web application assessments
xiecat/fofax
FOFAX是一个基于fofa.info的API命令行查询工具
Acmesec/Sylas
新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool
NetSPI/Wsdler
WSDL Parser extension for Burp