🔥🔥🔥AI-driven database tool and SQL client, The hottest GUI client, supporting MySQL, Oracle, PostgreSQL, DB2, SQL Server, DB2, SQLite, H2, ClickHouse, and more.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Cknife

Java web common vulnerabilities and security code which is base on springboot and spring security

HackBar plugin for Burpsuite

Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

一个用于前端加密Fuzz的Burp Suite插件

Java RCE 回显测试代码

burp验证码识别接口调用插件

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。

Create a TCP circuit through validly formed HTTP requests

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

java反序列化漏洞利用－JBOSS(含payload生成的java项目，漏洞利用py脚本，shodan部分目标主机搜索结果)