Command-line program to download videos from YouTube.com and other video sites

🏡 Open source home automation that puts local control and privacy first.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

⏬ Dumb downloader that scrapes the web

A JavaScript / TypeScript / Python / C# / PHP / Go cryptocurrency trading API with support for more than 100 bitcoin/altcoin exchanges

12306智能刷票，订票

Automatic SQL injection and database takeover tool

A proxy tool to bypass GFW.

提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。

Most advanced XSS scanner.

Credentials recovery project

OneForAll是一款功能强大的子域收集工具

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

Python client for Baidu Yun (Personal Cloud Storage) 百度云/百度网盘Python客户端

You Know, For WEB Fuzzing ! 日站用的字典。

爆破字典

w3af: web application attack and audit framework, the open source web vulnerability scanner.

A frida tool to dump dex in memory to support security engineers analyzing malware.

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

信息收集自动化工具

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

A powerful and useful hacker dictionary builder for a brute-force attack

This program show you IMSI numbers of cellphones around you.

A `.git` folder disclosure exploit

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

WPA/WPA2 密码字典，用于 wifi 密码暴力破解

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool