Lists (3)
Stars
A visual no-code/code-free web crawler/spider易采集:一个可视化浏览器自动化测试/数据采集/爬虫软件,可以无代码图形化的设计和执行爬虫任务。别名:ServiceWrapper面向Web应用的智能化服务封装系统。
LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
🎯 Fast CORS misconfiguration vulnerabilities scanner
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB i…
SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in se…
Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.
最好用最智能最可控的目录爆破工具 | The most powerful, user-friendly, intelligent, and precise HTTP buster.
burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
🎯 SQL Injection Payload List
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition