Stars
LingOps(灵控) 是一个专为 AWD/AWDP 攻防竞赛设计的竞赛自动化平台,提供 IP探测、WebShell 管理、SSH 终端管理、基线加固、Flag 读取等核心功能,帮助参赛选手在比赛中高效管理多个目标。
本项目基于 [mrexodia/ida-pro-mcp](https://github.com/mrexodia/ida-pro-mcp) 二次开发,保留原核心功能并自行diy扩展了一些功能,更适合中文使用者
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
LuaN1ao (鸾鸟) is an autonomous penetration testing agent based on state awareness and causal reasoning.
Open-source AI hackers to find and fix your app’s vulnerabilities.
KCon is a famous Hacker Con powered by Knownsec Team.
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
Test your prompts, agents, and RAGs. AI Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with co…
本项目制作的初衷是帮助师傅们快速搭建工作环境,工欲善其事,必先利其器。
This tool is designed to help penetration testers and network administrators identify potential security threats, especially those targeting web applications such as SQL injection, XSS, and WebShe…
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
一款ctf工具,包含rsa模板解密,misc方向功能,一些解码功能,致力于帮助ctf比赛中减少繁琐步骤,快速解答模板题
AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.
A modified version of the well-known webshell - P.A.S. by Profexer. Tries to solve the problem of detecting some requests and responses by various WAF/IDS.
Cybersecurity tool repository / Wiki 收录常用 / 前沿 的CTF和渗透工具以及其 官方/使用 文档,致力于让每个工具都能发挥作用ww,不管你是萌新还是领域从业者希望你都能在这里找到适合你的工具或者获得一定的启发。
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.