x-f1v3's Stars
gitleaks/gitleaks
Protect and discover secrets using Gitleaks 🔑
skelsec/pypykatz
Mimikatz implementation in pure Python
hackerschoice/gsocket
Connect like there is no firewall. Securely.
JackOfMostTrades/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
knownsec/404StarLink-Project
Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink)
r3nt0n/bopscrk
Generate smart and powerful wordlists
c0dejump/HawkScan
Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
ntfstool/ntfstool
A ntfs tool for mac
tgadola/serval
A Netcat-style backdoor for pentesting and pentest exercises
stamparm/identYwaf
Blind WAF identification tool
robre/jsmon
a javascript change monitoring tool for bugbounties
robre/scripthunter
Tool to find JavaScript files on Websites
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
reconness/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
RenwaX23/XSS-Payloads
List of XSS Vectors/Payloads
sc0tfree/updog
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
Imanfeng/Apache-Solr-RCE
Apache Solr Exploits 🌟
TrojanAZhen/BurpSuitePro-2.1
什么? 你想用免费的BurpSuitePro版本!!!
x-Ai/BurpSuiteLoader
Burp Suite loader version --> ∞
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
knownsec/ksubdomain
无状态子域名爆破工具
moonD4rk/HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
nil0x42/duplicut
Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
dwisiswant0/go-stare
A fast & light web screenshot without headless browser but Chrome DevTools Protocol!
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
bit4woo/burp-api-drops
burp插件开发指南
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
1ndianl33t/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
c0ny1/jsEncrypter
一个用于前端加密Fuzz的Burp Suite插件