Extract JavaScript source trees from Sourcemap files

A powerful JavaScript monitoring tool for bug bounty hunters. Track changes in JavaScript files across websites, detect new attack surfaces, and stay ahead of security vulnerabilities.

A JavaScript Engine Fuzzer

Pretty fancy and modern terminal file manager

A factory contract for creating metamorphic (i.e. redeployable) contracts.

Web 3.0 Security resources

CTF WriteUps on blockchain challenges

A Frida based tool that traces usage of the JNI API in Android apps.

A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.

The best tool for finding one gadget RCE in libc.so.6

A collection of links related to Linux kernel security and exploitation

Deobfuscate obfuscator.io, unminify and unpack bundled javascript

Running Kali Linux on Apple M1 using QEMU x86 emulation

Android Reverse-Engineering Workbench for VS Code

🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & Scraper. Don't be shy, join here: https://discord.gg/jP8KfhDhyN

Burp Plugin to Bypass WAFs through the insertion of Junk Data

poc

Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)

Login into dapps by impersonating any Ethereum address via WalletConnect or iFrame!

Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).

A curated list of awesome Ethereum security references

pdf exploit 集成

Ethereum smart contract fuzzer

Shieldify's public audits portfolio

Uncover the true IP address of websites safeguarded by Cloudflare & Others

Burp Suite Community in a Docker container.

The FLARE team's open-source tool to identify capabilities in executable files.