FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…

Automated Adversary Emulation Platform

Web Cache Poisoning Vulnerability Scanner

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Java应用的一些配置文件字典，来源于公开的字典与平时收集

A faster, simpler way to drive browsers supporting the Chrome DevTools Protocol.

Fast web fuzzer written in Go

Downloads videos and playlists from YouTube

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

MDUT - Multiple Database Utilization Tools

Application Security Verification Standard

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

面向开发人员梳理的代码安全指南

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Security Learning For All~

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

Attack surface mapping

御剑目录扫描专业版，简单实用的命令行网站目录扫描工具，支持爬虫、fuzz、自定义字典、字典变量、UA修改、假404自动过滤、扫描控速等功能。

Transparently tunnel your IP traffic through ICMP echo and reply packets.

Simple reverse ICMP shell

Scan files or process memory for CobaltStrike beacons and parse their configuration

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.

Cobalt Strike插件，用于快速生成免杀的可执行文件

Bypass firewall for traffic forwarding using webshell

Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。

免杀webshell生成工具