yuzheJK

railgun

httpstest

Android APP for https test

OSCP-Prep

A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam

FastjsonExploit

Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

SpringBootVulExploit

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Xray-core

Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.

Pentest-Cheatsheets

MYExploit

OAExploit一款基于产品的一键扫描工具。

upload-fuzz-dic-builder

上传漏洞fuzz字典生成脚本

ffuf

Fast web fuzzer written in Go

gau

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

fofa2Xray

User fofa api get hosts and xray to webscan.

inforgation

android-classyshark

Android and Java bytecode viewer

bulldozer

A JavaScript decompiler

Python-111

obs-studio

OBS Studio - Free and open source software for live streaming and screen recording

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Fiora

Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。

Autorize

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

BurpFastJsonScan

一款基于BurpSuite的被动式FastJson检测插件

domain_hunter_pro

domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

Frida_Android_Hook

AndroidFridaBeginnersBook

《安卓Frida逆向与抓包实战》随书附件

Android-SSL-Pinning-WebViews

A simple demo app that demonstrates Certificate pinning and scheme/domain whitelisting in Android WebViews

DroidDrops

梳理下自己之前写过的文章

Wallbreaker

🔨 Break Java Reverse Engineering form Memory World!

go-cqhttp

cqhttp的golang实现，轻量、原生跨平台.

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

AndroidSecurityStudy

安卓应用安全学习