The Rogue Access Point Framework

OneForAll是一款功能强大的子域收集工具

You Know, For WEB Fuzzing ! 日站用的字典。

Rewrite of the popular wireless network auditor, "wifite"

🤖 史上最强云手机远程桌面逆向抓包HOOK自动化取证能力集一体的安卓 RPA 框架，下一代移动数据自动化机器人。

Python port of ShadowsocksR

Web application fuzzer

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Continuously jam all wifi clients/routers

安卓应用安全学习

Python library & console tool for controlling Xiaomi smart appliances

A python script that finds endpoints in JavaScript files

A DNS meta-query spider that enumerates DNS records, and subdomains.

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

A collection of custom security tools for quick needs.

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

各种漏洞poc、Exp的收集或编写

SSRF (Server Side Request Forgery) testing resources

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers

Struts2全漏洞扫描利用工具

WebCrack是一款web后台弱口令/万能密码批量检测工具，在工具中导入后台地址即可进行自动化检测。

Python2编写的struts2漏洞全版本检测和利用工具

SRC子域名资产监控

Generates millions of keyword-based password mutations in seconds.

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

此项目用来提取收集以往泄露的密码中符合条件的强弱密码

一键ThinkPHP漏洞检测