Scan a Magento site for information

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Deserialization payload generator for a variety of .NET formatters

Takes a URL and checks the system for the tilde enum vuln and then find the files.

A recursive internet scanner for hackers.

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

A BurpSuite plugin to scan for ASP.NET cookieless session support

An IIS short filename enumeration tool

CyberPanel 2.3.6 pre-auth RCE

A malicious LDAP server for JNDI injection attacks

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Small Tool written based on chaos from projectdiscovery.io

This repository contains a number of insecure self-hosted applications that allows interested security engineers to test vulnerabilities found by Portswigger Research team.

Automatic SQL injection and database takeover tool

Burp插件，快速探测可能存在SQL注入的请求并标记，提高测试效率

Fetch many paths for many hosts - without killing the hosts

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

A Tool for Domain Flyovers

Generates permutations, alterations and mutations of subdomains and then resolves them

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

一个简单的Fastjson反序列化检测burp插件

It's bloody scantastic

Reconnaissance tool for GitHub organizations

List of Awesome Asset Discovery Resources

原汁原味的ARL灯塔，在基础上进行了魔改优化

腾讯云官方文档

Parallels Desktop 18 for mac永久授權破解 | 完美兼容於M1 Chip的Macbook | 2022