hubzjx's Stars
faiyazahmad07/xss_vibes
A modern tool written in Python that automates your xss findings.
daniel2005d/mapXplore
Allow exporting the information downloaded with sqlmap to a relational Database like Postgres and sqlite
outlaws-bai/Galaxy
Burp插件,通过自定义hook脚本自动解密报文,让你像测试明文一样简单。A Burp plugin that automatically decrypts messages by custom hook scirpt, making it as simple as testing plaintext.
shuanx/BurpAPIFinder
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
Eonian-Sharp/pulse
Red Team fast and efficient target detection tool
baihengaead/wifi-crack-tool
WiFi密码暴力破解工具-图形界面,支持多开并发、自动破解、自定义密码本、自动生成密码字典
P001water/P1finger
P1finger - 红队行动下的重点资产指纹识别工具
projectdiscovery/cvemap
Navigate the CVE jungle with ease.
kkbo8005/mitan
密探渗透测试工具包含资产信息收集,子域名爆破,搜索语法,资产测绘(FOFA,Hunter,quake, ZoomEye),指纹识别,敏感信息采集,文件扫描、密码字典等功能
xiaojieonly/Ehviewer_CN_SXJ
ehviewer,用爱发电,快乐前行
twowb/zndb
此工具用于快速准确的等保核查、端口扫描、组件识别、子域名扫描、目录扫描等功能
synacktiv/HopLa
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
gdszkd/cf-warp
warp多功能一键脚本CFwarp,支持warp在线监测守护、endpoint对端优选IP等功能,replit平台无限生成warp+密钥与warp配置文件
coffinxp/payloads
lm-sys/FastChat
An open platform for training, serving, and evaluating large language models. Release repo for Vicuna and Chatbot Arena.
wgpsec/ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
TideSec/Mars
Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等
TideSec/TideFinger_Go
一个Go版(更强大)的TideFinger指纹识别工具,可对web和主机指纹进行识别探测,整合梳理互联网指纹2.3W余条,在效率和指纹覆盖面方面进行了平衡和优化。
test502git/awvs14-scan
针对 Acunetix AWVS扫描器开发的批量扫描脚本,支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项,支持联动xray、burp、w13scan等被动批量
XxRagulxX/Burpsuite_pro
Burp Suite Professional Edition .
spyboy-productions/CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
jaeles-project/gospider
Gospider - Fast web spider written in Go
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
fr0gger/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
youki992/VscanPlus
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
superhedgy/AttackSurfaceMapper
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
r3curs1v3-pr0xy/vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
budtmo/docker-android
Android in docker solution with noVNC supported and video recording
Mintplex-Labs/anything-llm
The all-in-one Desktop & Docker AI application with full RAG and AI Agent capabilities.
lqqyt2423/go-mitmproxy
mitmproxy implemented with golang. 用 Golang 实现的中间人攻击(Man-in-the-middle),解析、监测、篡改 HTTP/HTTPS 流量。