A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Burp插件，让你测试加密报文时像明文一样简单，支持用js/python/java实现hook脚本或任意语言实现grpc/http hook服务来自动解密报文。A Burp plugin makes testing encrypted messages as simple as plain text, supporting the use of js/python/java to imple…

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

保存微信历史版本

WeChatOpenDevTool 微信小程序强制开启开发者工具

小程序反编译工具

A collection of all the data i could extract from 1 billion leaked credentials from internet.

此项目用来提取收集以往泄露的密码中符合条件的强弱密码

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

Bruteforce database

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

DIE engine

基于node反编译小程序 已经配置完成

关于ThinkPHP框架的历史漏洞分析集合

ThinkPHP Framework ——十年匠心的高性能PHP框架

为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

PDF Reader in JavaScript

apk_activity劫持-drozer test

Scriptable Headless Browser

一个用于前端加密Fuzz的Burp Suite插件

CVE-2024-4367 arbitrary js execution in pdf js

CVE-2024-4367 & CVE-2024-34342 Proof of Concept

pdf svg xss payload

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

real time face swap and one-click video deepfake with only a single image

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1100多个poc/exp，长期更新。

A little toolbox to play with Microsoft Kerberos in C