givemefivw

ChatTTS

A generative speech model for daily dialogue.

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

aquatone

A Tool for Domain Flyovers

commix

Automated All-in-One OS Command Injection Exploitation Tool.

BewlyBewly

Improve your Bilibili homepage by redesigning it, adding more features, and personalizing it to match your preferences. (English | 简体中文 | 正體中文 | 廣東話)

crawlergo

A powerful browser crawler for web vulnerability scanners

iptvnator

:tv: Cross-platform IPTV player application with multiple features, such as support of m3u and m3u8 playlists, favorites, TV guide, TV archive/catchup and more.

sslscan

sslscan tests SSL/TLS enabled services to discover supported cipher suites

BBScan

A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers

ARL

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

jsEncrypter

一个用于前端加密Fuzz的Burp Suite插件

AppScan

安全隐私卫士（AppScan）一款免费的企业级自动化App隐私合规检测工具。

Z-Godzilla_ekp

哥斯拉webshell管理工具二次开发规避流量检测设备

findom-xss

A fast DOM based XSS vulnerability scanner with simplicity.

PotatoTool

这款工具是一款功能强大的网络安全综合工具，旨在为安全从业者、红蓝对抗人员和网络安全爱好者提供全面的网络安全解决方案。它集成了多种实用功能，包括解密、分析、扫描、溯源等，为用户提供了便捷的操作界面和丰富的功能选择。This tool offers robust network security solutions for professionals and enthusiasts. With features like decryption, analysis, scanning, and traceability, it provides a user-friendly interface and diverse functionality.

accesskey_tools

阿里云aliyun/腾讯云tencentcloud/华为云huaweicloud/aws等各种云厂商的accesskey运维安全工具，accesskey利用工具，包括但不限于创建ecs、ecs查询和命令执行、oss查询和批量下载等各种功能,aws accesskey rce;remote command execute

urlgrab

A golang utility to spider through a website searching for additional links.

SqliSniper

Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers

zhishuapp.github.io

domscan

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

VscanPlus

[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本，端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具，批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.

info_scan

自动化漏洞扫描系统，一键完成相关漏洞扫描和信息收集、资产处理、IP基础信息探测，系统采用B/S架构，系统分为源码安装和配置好环境的虚拟机，项目会持续更新，欢迎在Issues中提交需求，如果对您有所帮助，欢迎留下宝贵的star！！！

payloads

JScanner

JScanner一款递归式网站路径检测工具

shiro_check

批量对存在Shiro框架的目标爆破Key

ShiroEXP

Shiro漏洞利用工具

ApiFuzzDictionary

红队API接口Fuzz字典，WEB安全，渗透测试，API，字典

ARL-Finger-ADD-Pro

批量导入ARL 2.6.1最新版本指纹，支持指纹去重

BatchJarSource

批量反编译jar包辅助工具，用于代码安全审计。请勿用于非法用途