HeapDump敏感信息提取工具

The best and simplest free open source website change detection, website watcher, restock monitor and notification service. Restock Monitor, change detection. Designed for simplicity - Simply monit…

Fake IP sources using Linux's BPF feature

人人都能用英语

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Simple, lightweight, dependable CLI for ZooKeeper

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.

Simple HTTP async comms using standard GET/POST requests

The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers

A next-generation crawling and spidering framework.

This map lists the essential techniques to bypass anti-virus and EDR

A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and other resources. The taxonomy as well as related safeguards c…

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy serv…

A Workflow Engine for Offensive Security

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Quickly discover exposed hosts on the internet using multiple search engines.

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

A collection of awesome web crawler,spider in different languages

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility

OSINT automation for hackers.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF