The Network Execution Tool

IMAP brute-force tool designed to test and verify access to your mailboxes.

Signing-key abuse and update exploitation framework

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

PP-finder Help you find gadget for prototype pollution exploitation

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

A simple tool for bypassing file upload restrictions.

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Black box fuzzer for web applications

The second version of SQL Hunter. SQLi Hunter is a URL (Blind) SQL injection checker for multiple pages.

Probabilistic Context Free Grammar (PCFG) password guess generator

Golang reverse proxy with CobaltStrike malleable profile validation.

一个自写的免杀框架，编译用到mingw套件

A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods.

Türk kullanıcıların parola seçimlerinin analizi için yapılmış bir çalışmadır

Opensource assets and vulnerability scanning tool

The standard data-centric AI package for data quality and machine learning with messy, real-world data and labels.

SSH based reverse shell

碎遮SZhe_Scan Web漏洞扫描器，基于python Flask框架，对输入的域名/IP进行全面的信息搜集，漏洞扫描，可自主添加POC

KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten an…

Fast website scraper and wordlist generator

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Penelope Shell Handler

Wappalyzer implementation in Go

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…

Pasteburn is a self-hosted, anonymous pastebin that features burn-after-read and end-to-end encryption.

Netlas.io Python SDK & CLI Tool

my kitty terminal config (the kitty config for tmux users)