bruclan

bruclan

1 follower · 0 following

subfinder Public
Forked from projectdiscovery/subfinder

Fast passive subdomain enumeration tool.

Go MIT License Updated Oct 19, 2025
z3 Public
Forked from Z3Prover/z3

The Z3 Theorem Prover

C++ Other Updated Oct 15, 2025
SecLists Public
Forked from danielmiessler/SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

PHP MIT License Updated Oct 14, 2025
volatility3 Public
Forked from volatilityfoundation/volatility3

Volatility 3.0 development

Python Other Updated Oct 11, 2025
feroxbuster Public
Forked from epi052/feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

Rust MIT License Updated Oct 10, 2025
dirsearch_bypass403 Public
Forked from lemonlove7/dirsearch_bypass403

目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别

Python Updated Sep 30, 2025
one_gadget Public
Forked from david942j/one_gadget

The best tool for finding one gadget RCE in libc.so.6

Ruby MIT License Updated Sep 26, 2025
dirsearch Public
Forked from maurosoria/dirsearch

Web path scanner

Python Updated Sep 22, 2025
hexstrike-ai Public
Forked from 0x4m4/hexstrike-ai

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

Python Updated Sep 19, 2025
awesome-censys-queries Public
Forked from thehappydinoa/awesome-censys-queries

A collection of fascinating and bizarre Censys Search Queries

Python Creative Commons Zero v1.0 Universal Updated Aug 11, 2025
marshalsec Public
Forked from mbechler/marshalsec

Java MIT License Updated Aug 7, 2025
bitchat Public
Forked from permissionlesstech/bitchat

bluetooth mesh chat, IRC vibes for iOS and macOS

Swift The Unlicense Updated Jul 9, 2025
social-analyzer Public
Forked from qeeqbox/social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

JavaScript GNU Affero General Public License v3.0 Updated May 13, 2025
gshark Public
Forked from madneal/gshark

敏感信息扫描工具

Go Apache License 2.0 Updated Mar 19, 2025
Ropper Public
Forked from sashs/Ropper

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper us…

Python BSD 3-Clause "New" or "Revised" License Updated Feb 28, 2025
uro Public
Forked from s0md3v/uro

declutters url lists for crawling/pentesting

Python Apache License 2.0 Updated Feb 23, 2025
Arjun Public
Forked from s0md3v/Arjun

HTTP parameter discovery suite.

Python GNU Affero General Public License v3.0 Updated Feb 20, 2025
Morgan Public
Forked from VFA250/Morgan

Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on we…

Python MIT License Updated Feb 2, 2025
ysoserial.net Public
Forked from pwntester/ysoserial.net

Deserialization payload generator for a variety of .NET formatters

C# MIT License Updated Dec 23, 2024
pwntools-tutorial Public
Forked from Gallopsled/pwntools-tutorial

Tutorials for getting started with Pwntools

Jupyter Notebook MIT License Updated Oct 1, 2024
busybox Public
Forked from mirror/busybox

BusyBox mirror

C Other Updated Sep 25, 2024
x8 Public
Forked from Sh1Yo/x8

Hidden parameters discovery suite

Rust GNU General Public License v3.0 Updated Sep 8, 2024
trojan Public
Forked from trojan-gfw/trojan

An unidentifiable mechanism that helps you bypass GFW.

C++ GNU General Public License v3.0 Updated Aug 21, 2024
pwninit Public
Forked from io12/pwninit

pwninit - automate starting binary exploit challenges

Rust MIT License Updated Aug 11, 2024
FastJsonParty Public
Forked from lemono0/FastJsonParty

FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

Python Updated Jul 12, 2024
ParamSpider Public
Forked from devanshbatham/ParamSpider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Python MIT License Updated Jun 24, 2024
learnjavabug Public
Forked from threedr3am/learnjavabug

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Java MIT License Updated Jun 14, 2024
JYso Public
Forked from qi4L/JYso

It can be either a JNDIExploit or a ysoserial. ysoserial魔改版

Java GNU General Public License v3.0 Updated Jun 5, 2024
NacosExploitGUI Public
Forked from rabbitsafe/NacosExploitGUI

Nacos漏洞综合利用GUI工具，集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用

Java Updated May 14, 2024
sqlmap Public
Forked from sqlmapproject/sqlmap

Automatic SQL injection and database takeover tool

Python Other Updated May 9, 2024

bruclan

subfinder Public

Uh oh!

z3 Public

Uh oh!

SecLists Public

Uh oh!

volatility3 Public

Uh oh!

feroxbuster Public

Uh oh!

dirsearch_bypass403 Public

Uh oh!

one_gadget Public

Uh oh!

dirsearch Public

Uh oh!

hexstrike-ai Public

Uh oh!

awesome-censys-queries Public

Uh oh!

marshalsec Public

Uh oh!

bitchat Public

Uh oh!

social-analyzer Public

Uh oh!

gshark Public

Uh oh!

Ropper Public

Uh oh!

uro Public

Uh oh!

Arjun Public

Uh oh!

Morgan Public

Uh oh!

ysoserial.net Public

Uh oh!

pwntools-tutorial Public

Uh oh!

busybox Public

Uh oh!

x8 Public

Uh oh!

trojan Public

Uh oh!

pwninit Public

Uh oh!

FastJsonParty Public

Uh oh!

ParamSpider Public

Uh oh!

learnjavabug Public

Uh oh!

JYso Public

Uh oh!

NacosExploitGUI Public

Uh oh!

sqlmap Public

Uh oh!