基于 BurpSuite 新版 MontoyaAPI 的 SSRF 漏洞自动探测插件

🤗更优雅的微信公众号订阅方式，支持私有化部署、微信公众号RSS生成（基于微信读书）v2.x

A Chrome proxy extension （MV3）

FuzzDicts 字典,一个就够了。

A curated list of amazingly awesome Burp Extensions

Examples for using the Montoya API with Burp Suite

A collection of Burp Suite Lambda Filters ~ Bambdas

在Burp的两端部署基于mitmproxy的上下游代理，以应对HTTP请求的加密传输问题，得益于mitmproxy为Python提供了丰富的API。

Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

Prototype Pollution and useful Script Gadgets

A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A tool for adding new lines to files, skipping duplicates

Find domains and subdomains related to a given domain

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Proof-of-concept code for research into GitHub Actions Cache poisoning.

微信小程序反编译解包工具

安全、快捷、高交互、企业级的蜜罐管理系统，护网；支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functi…

WeChatOpenDevTool 微信小程序强制开启开发者工具

The official gpt4free repository | various collection of powerful language models | o3 mini and deepseek r1

A GPT-empowered penetration testing tool

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Open source free capture HTTP(S) traffic software ProxyPin, supporting full platform systems

Obtain GraphQL API schema even if the introspection is disabled

World's fastest and most advanced password recovery utility