Analyze Android native `.so` files

基于实战沉淀下的各种弱口令字典

RVScan 是一个功能强大的 Burp Suite 扩展插件，专为自动化Web应用程序安全测试和漏洞扫描而设计。它提供全面的路径发现、绕过技术、EHole指纹识别和可定制的扫描规则。

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

xia SQL (瞎注) burp 插件 ，在每个参数后面填加一个单引号，两个单引号，一个简单的判断注入小插件。

GalaxyHttpHooker

[EMNLP 2025 Demo] PDF scientific paper translation with preserved formats - 基于 AI 完整保留排版的 PDF 文档全文双语翻译，支持 Google/DeepL/Ollama/OpenAI 等服务，提供 CLI/GUI/MCP/Docker/Zotero

一款用于快速打点JS文件及路径扫描的单兵工具 / A single player tool for quickly scanning JS files and paths

Yet another WeChat miniapp debugger on Windows

一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.

模仿着写一个 chrome 插件，用来快速调试前端 js 代码。

companion to our book of the same name, ISBN: 9781394199884

HeapDump敏感信息提取工具

Backup copy of [SnD] [lena151] Reversing With Lena (Tutorials)

保存微信历史版本

IMAP Bruteforce Script

BrutDroid - Android Studio Pentest Automator: Streamline mobile pentesting with automated emulator rooting, Frida, and Burp Suite integration.

Reverse engineering focusing on x64 Windows.

An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling

A Model Context Protocol server for Excel file manipulation

微信小程序反编译工具，.wxapkg 文件扫描 + 解密 + 解包工具

小程序反编译工具

小程序反编译工具

渗透测试常用密码字典合集(持续更新)

基于Frida的脱壳工具

app to play with Frida tool

安卓应用安全学习

A frida tool to dump dex in memory to support security engineers analyzing malware.

NOT for educational purposes: An MCP server for professional penetration testers including STDIO/HTTP/SSE support, nmap, go/dirbuster, nikto, JtR, hashcat, wordlist building, and more.

Pentest-Tools-MCP-Server