No4l's Stars
PKU-YuanGroup/Open-Sora-Plan
This project aim to reproduce Sora (Open AI T2V model), we wish the open source community contribute to this project.
TonyNPham/GodzillaPlugin-Suo5-MemProxy
一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
zer0yu/ghtracker
CLI tool for tracking dependents repositories and sorting result by Stars ⭐
PortSwigger/pycript
Burp Suite extension for bypassing client-side encryption using custom logic for manual and automation testing.
JaveleyQAQ/WeChatOpenDevTools-Python
WeChatOpenDevTool 微信小程序强制开启开发者工具
baidu-security/app-env-docker
基于 Docker 的真实应用测试环境
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
YYHYlh/Dubbo-Scan
一款让你不只在dubbo-sample、vulhub或者其他测试环境里检测和利用成功的Apache Dubbo 漏洞检测工具。
hengyunabc/dumpclass
Dump classes from running JVM process.
RangerNJU/Static-Program-Analysis-Book
Getting started with static program analysis. 静态程序分析入门教程。
yhy0/Jie
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
m-sec-org/EZ
EZ是一款集信息收集、端口扫描、服务暴破、URL爬虫、指纹识别、被动扫描为一体的跨平台漏洞扫描器。
SonarSource/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
sleeyax/burp-awesome-tls
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
ast-grep/ast-grep
⚡A CLI tool for code structural search, lint and rewriting. Written in Rust
pykiller/API-T00L
互联网厂商API利用工具。
xuchengsheng/spring-reading
涵盖了 Spring 框架的核心概念和关键功能,包括控制反转(IOC)容器的使用,面向切面编程(AOP)的原理与实践,事务管理的方式与实现,Spring MVC 的流程与控制器工作机制,以及 Spring 中数据访问、安全、Boot 自动配置等方面的深入研究。此外,它还包含了 Spring 事件机制的应用、高级主题如缓存抽象和响应式编程,以及对 Spring 源码的编程风格与设计模式的深入探讨。
abc123info/UserNameDictTools
用户名密码字典生成工具(将中文汉字姓名转成14种格式的拼音、IP地址处理、网络设备密码生成)
charonlight/xxl-jobExploitGUI
xxl-job最新漏洞利用工具
veo/vshell
vshell 是一款安全对抗模拟、红队工具。提供隧道代理和隐蔽通道,模拟长期潜伏攻击者的策略和技术
qi4L/JYso
It can be either a JNDIExploit or a ysoserial.
z-bool/Venom-Crawler
毒液爬行器:专为捡洞而生的爬虫神器
Fly-Playgroud/Boom
Boom 是一款基于无头浏览器的智能 Web 弱口令(后台密码)爆破\检测工具
vaycore/OneScan
OneScan是递归目录扫描的BurpSuite插件
chaitin/blazehttp
BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.
abi/screenshot-to-code
Drop in a screenshot and convert it to clean code (HTML/Tailwind/React/Vue)
wh1t3p1g/ysomap
A helpful Java Deserialization exploit framework.
rzte/agentcrack
不那么一样的 Java Agent 内存马
jianchang512/clone-voice
A sound cloning tool with a web interface, using your voice or any sound to record audio / 一个带web界面的声音克隆工具,使用你的音色或任意声音来录制音频