Stars
Latest Burpsuite Professional Version 2025.*.*
一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
This repository contain some datas about CVE's updated hourly, to help community Prioritize, based in sources the Threat Intelligence in Surface Web.
Gather and update all available and newest CVEs with their PoC.
Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
Pure bash script to test and wait on the availability of a TCP host and port
Zero shot vulnerability discovery using LLMs
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Directory/File, DNS and VHost busting tool written in Go
Drivers for the rtl8192eu chipset for wireless adapters (D-Link DWA-131 rev E1 included!)
Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
403/401 Bypass Methods + Bash Automation + Your Support ;)
The Web Application Hacker's Handbook 2 (Web应用黑客手册第二版翻译)
This repo includes Claude prompt curation to use Claude better.
🔨 Geetest Crack | 从 JavaScript 层面一步步破解极验「鼠标点击+滑块滑动」各种加密参数
Windows版本微信客户端(非网页版)自动化,可实现简单的发送、接收微信消息,简单微信机器人