Automatic SQL injection and database takeover tool

基于Python的开源量化交易平台开发框架

Impacket is a collection of Python classes for working with network protocols.

Fast subdomains enumeration tool for penetration testers

Credentials recovery project

Library for building powerful interactive command line applications in Python

OneForAll是一款功能强大的子域收集工具

📱 objection - runtime mobile exploration

告别枯燥，致力于打造 Python 实用小例子，更多Python良心教程见 https://ai-jupyter.com

You Know, For WEB Fuzzing ! 日站用的字典。

安卓应用层抓包通杀脚本

Rewrite of the popular wireless network auditor, "wifite"

Blind&Invisible Watermark ，图片盲水印，提取水印无须原图！

HTTP parameter discovery suite.

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

爆破字典

宝塔Linux面板 - 简单好用的服务器运维面板

The Network Execution Tool

安卓应用安全学习

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

A fast sub domain brute tool for pentesters

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Automatic SSRF fuzzer and exploitation tool

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

Python黑客编程之极速入门

ART环境下自动化脱壳方案

各种漏洞poc、Exp的收集或编写

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点