SpringSpider Spring Actuator端点的BurpSuite被动扫描插件。

pty_bind_shell Pty bind shell for golang 一款基于SSH协议的远控程序

CVE-2021-22205 CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖，可在win平台使用

BurpCrypto-JsLibrary BurpCrypto officially confirms the supported JS library (BurpCrypto官方确认支持的JS库).

ExploitDBHelper ExploitDB toolkit ExploitDB辅助工具

SwaggerHelper 用于启动本地保存的api-docs.json文档。

CryptoWatcher 一个简单的虚拟货币盯盘程序，行情数据来源于火币交易所。

RandomIDCard 随机身份证号码生成器

agentcrack 不那么一样的 Java Agent 内存马

BurpSuite-collections 有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

hscan 用于网站状况检测、通知的脚本。

telegram_media_downloader Download media files from a telegram conversation/chat/channel

anti-portscan 使用 iptables 防止端口扫描

CDK CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

dnslog-2 dnslog dns / dns rebinding platform

F-Scrack 一款python编写的轻量级弱口令检测脚本，目前支持以下服务：FTP、MYSQL、MSSQL、MONGODB、REDIS、TELNET、ELASTICSEARCH、POSTGRESQL。

frp A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

goby_poc goby poc or exp,分享goby最新网络安全漏洞检测或利用代码

HLSpider 基于Scrapy的页面敏感词检测工具

jar-analyzer Jar Analyzer - 一个JAR包分析工具，批量分析搜索，方法调用关系搜索，字符串搜索，Spring分析，CFG分析，JVM Stack Frame分析等众多功能

log4j-payload-generator Log4j jndi injects the Payload generator

MemShellParty 一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率

onedev Super Easy All-In-One DevOps Platform

revsuit RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

viewgen Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

404StarLink2.0-Galaxy 404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目

AppInfoScanner 一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

BiliBiliTool .Net 5 编写的B站（哔哩哔哩）任务工具，通过GitHub Actions实现每日线上自动运行任务：每日自动登录、观看、分享、投币视频，获取每日任务的满额经验，轻松升级Level 6，实现自动领取大会员权益、月底自动为自己充电等功能。

budget Get a grip on your finances.

BurpExtender

clash A rule-based tunnel in Go.

clash-auto-recheck clash的自动刷新所有服务器延迟的脚本

CobaltStrike CobaltStrike's source code

dotnet-sdk Dapr SDK for .NET

EKAER-Dotnet-Client Unofficial, platform independent .NET standard client for the hungarian EKAER API

fuck_xiaomi 小米抢购软件-源码

haha-translate https://whwlsfb.github.io/haha-translate/

InstallerFileTakeOver

JustTrustMe An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

ledesoft

linux Linux kernel source tree

m

MS-SharePoint-July-Patch-RCE-PoC

nas-tools A fork of NAStool/nas-tools:2.9.1

NetCoreServer Ultra fast and low latency asynchronous socket server & client C# .NET Core library with support TCP, SSL, UDP, HTTP, HTTPS, WebSocket protocols and 10K connections problem solution

next-terminal Next Terminal是使用Golang和React开发的一款HTML5的远程桌面网关，具有小巧、易安装、易使用、资源占用小的特点，支持RDP、SSH、VNC和Telnet协议的连接和管理。

no-defender A slightly more fun way to disable windows defender + firewall. (through the WSC api)

nuclei-templates Community curated list of templates for the nuclei engine to find security vulnerabilities.

openwrt-tailscale LuCI support for tailscale