Using AES and RSA to encrypt all files except the system files, so the computer can run normally, but the private files will be locked! Of course, you can change and select which files can be excep…

The security tool(project) Set from github。github安全项目工具集合

HTTP/HTTPS proxy in a single python script

proxying and recording HTTP/HTTPs/Socks5 proxy flow, save to MYSQL database.

An intercepting proxy for web application testing

Asynchronous HTTP/HTTPS proxy that intercepts and modifies messages(异步http/https代理,可拦截修改报文)

python安全和代码审计相关资料收集 resource collection of python security and code review

从总多目录字典中合并提取的高效目录爆破字典

弱口令,敏感目录,敏感文件等渗透测试常用攻击字典

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

自己动手实现 Web Server。翻译来自加拿大的程序员小哥 Ruslan Spivak 的博客。这里有三篇简明的教程，帮你实现一个最简单的 Server。这个练手项目非常幽默风趣，图文结合，代码基于理论，轻松易懂。Ruslan's Blog：

dynamic crawler for web vulnerability scanner

Web Input Vector Extractor Teaser

python测试开发库 中文版(持续更新)及书籍下载。公众号：pythontesting

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

通过BurpSuite来构建自己的爆破字典，可以通过字典爆破来发现隐藏资产。

XssPayload List . Usage:

Hands-On Penetration Testing with Python, published by Packt

ActiveScan++ Burp Suite Plugin

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Welcome to the XSS Challenge Wiki!

Web application fuzzer

wooyun_all_bugs

Open Redirect Payloads

《白帽子讲Web扫描》书籍参考代码

python编写的黑客渗透工具代码，可供于学习和使用

Python黑客编程之极速入门

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Cknife