pikpikcu

ripgrep

ripgrep recursively searches directories for a regex pattern while respecting your gitignore

spring-boot-examples

about learning Spring Boot via examples. Spring Boot 教程、技术栈示例代码，快速简单上手教程。

GPT_API_free

Free ChatGPT API Key，免费ChatGPT API，支持GPT4 API（免费），ChatGPT国内可用免费转发API，直连无需代理。可以搭配ChatBox等软件/插件使用，极大降低接口使用成本。国内即可无限制畅快聊天。

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

opencti

Open Cyber Threat Intelligence Platform

skipper

An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress

nodejsscan

nodejsscan is a static security code scanner for Node.js applications.

POC-bomber

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

mentalist

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

Exegol

Fully featured and community-driven hacking environment

Web3Bugs

Demystifying Exploitable Bugs in Smart Contracts

asn

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

sysreptor

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

dnscan

HardHatC2

A C# Command & Control framework

ShadowClone

Unleash the power of cloud

Logsensor

A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning

Python-dsstore

A library for parsing .DS_Store files and extracting file names

ntlmscan

scan for NTLM directories

AdbNet

A tool that allows you to search for vulnerable android devices across the world and exploit them.

artemis

ARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking. This is the main ARTEMIS repository that composes artemis-frontend, artemis-backend, artemis-monitor and other needed containers.

HEDnsExtractor

A suite for hunting suspicious targets, expose domains and phishing discovery

Log4j-RCE-Scanner

Remote command execution vulnerability scanner for Log4j.

bounty-monitor

Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.

cazador_unr

Hacking tools

KoodousFinder

A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities

spidertrap

Traps web spiders

burp-digitalocean-droplet-proxy

Deploy a SOCKS5 proxy in DigitalOcean and autoconfigure the Burp proxy settings to route all traffic through the droplet

EnAnalisis

CVE-2023-34960

Perform with Massive Command Injection (Chamilo)