egggg's Stars
OpenBMB/ChatDev
Create Customized Software using Natural Language Idea (through LLM-powered Multi-Agent Collaboration)
BuilderIO/gpt-crawler
Crawl a site to generate knowledge files to create your own custom GPT from a URL
Tencent/secguide
面向开发人员梳理的代码安全指南
maurosoria/dirsearch
Web path scanner
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Bogdan-Lyashenko/js-code-to-svg-flowchart
js2flowchart - a visualization library to convert any JavaScript code into beautiful SVG flowchart. Learn other’s code. Design your code. Refactor code. Document code. Explain code.
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Qianlitp/crawlergo
A powerful browser crawler for web vulnerability scanners
pingc0y/URLFinder
一款快速、全面、易用的页面信息提取工具,可快速发现和提取页面中的JS、URL和敏感信息。
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
JaveleyQAQ/WeChatOpenDevTools-Python
WeChatOpenDevTool 微信小程序强制开启开发者工具
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
j4k0xb/webcrack
Deobfuscate obfuscator.io, unminify and unpack bundled javascript
f0ng/autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
paazmaya/shuji
Reverse engineering JavaScript and CSS sources from sourcemaps
Paper-Pen/GatherInfo
信息收集 OR 信息搜集
Cl0udG0d/Fofa-hack
非付费会员,fofa数据采集工具
vaycore/OneScan
OneScan 是一款用于递归目录扫描的 BurpSuite 插件
webraybtl/CodeQLpy
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
ScriptKid-Beta/Unexpected_information
Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
mrknow001/API-Explorer
API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)
MandConsultingGroup/porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
mrknow001/BurpAppletPentester
SessionKey解密插件
f0ng/autoDecoder-usages
autoDecoder的用法及案例,包含加解密方法、绕waf、替换参数等操作。
z-bool/Venom-Crawler
毒液爬行器:专为捡洞而生的爬虫神器
WongSilver/spring-cloud-study
# springcloud练习
yhy0/passive-scan-client
Burp被动扫描流量转发插件
beiwei30/dubbo-rest-samples
magbone/wxapkg
微信小程序反编译工具,.wxapkg 文件扫描 + 解密 + 解包工具