Bi3g0

AppFlowy

Bring projects, wikis, and teams together with AI. AppFlowy is an AI collaborative workspace where you achieve more without losing control of your data. The best open source alternative to Notion.

ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

jadx

Dex to Java decompiler

PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

cutter

Free and Open Source Reverse Engineering Platform powered by rizin

secguide

面向开发人员梳理的代码安全指南

LinEnum

Scripted Local Linux Enumeration & Privilege Escalation Checks

TikTokDownload

抖音去水印批量下载用户主页作品、喜欢、收藏、图文、音频

linux-exploit-suggester

Linux privilege escalation auditing tool

1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

naabu

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Rubeus

Trying to tame the three-headed dog.

Godzilla

哥斯拉

hackerone-reports

Top disclosed reports from HackerOne

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

linux-smart-enumeration

Linux enumeration tool for pentesting and CTFs with verbosity levels

gospider

Gospider - Fast web spider written in Go

Inveigh

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

domain_hunter_pro

domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

smbmap

SMBMap is a handy SMB enumeration tool

ADRecon

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

kekeo

A little toolbox to play with Microsoft Kerberos in C

kernel-exploits

chashell

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

remote-method-guesser

Java RMI Vulnerability Scanner

GadgetProbe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

BREAK

业务风险枚举与规避知识框架（Business Risk Enumeration & Avoidance Kownledge）

cIPR

将域名转为ip段权重

mjet

MOGWAI LABS JMX exploitation toolkit

GoBP

Bypass Antivirus by Golang