Impacket is a collection of Python classes for working with network protocols.

SharpUp is a C# port of various PowerUp functionality.

Arsenal is just a quick inventory and launcher for hacking programs

JVM Dynamic Attach utility

🔥 🔥 🔥 自建Docker镜像加速服务，基于官方Docker Registry 一键部署Docker、K8s、Quay、Ghcr、Mcr等镜像加速\管理服务。支持部署到Render\Koyeb

Python implementation of a symbolic execution of MT19937 and a solver for GF(2) matrices

哥斯拉webshell管理工具二次开发规避流量检测设备

Truly independent web browser

Struts2全漏洞扫描利用工具

A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.

WeChatOpenDevTool 微信小程序强制开启开发者工具

IDEA plugin for directly editing and modifying files in jar without decompression. （一款无需解压直接编辑修改jar包内文件的IDEA插件）

A new type of shell

《安卓逆向这档事》

JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

很多镜像都在国外。比如 gcr 。国内下载很慢，需要加速。致力于提供连接全世界的稳定可靠安全的容器镜像服务。

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

The user-friendly command line shell.

User-friendly Desktop Client App for AI Models/LLMs (GPT, Claude, Gemini, Ollama...)

Redis 4.x/5.x RCE

Fast and customizable vulnerability scanner based on simple YAML based DSL.

大学生网课题库接口适配器：将不同的题库整合为一个API接口。

Headless Chrome .NET API

proof-of-concept for generating Java deserialization payload | Proxy MemShell

A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.

Awesome Frida - A curated list of Frida resources http:https://www.frida.re/ (https://github.com/frida/frida)

专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF

使你的NTQQ支持OneBot11协议进行QQ机器人开发