Lists (13)
Starred repositories
Lightweight coding agent that runs in your terminal
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
一款面向SRC漏洞挖掘中,页面信息收集场景的浏览器扩展,自动收集页面及相关资源中的敏感信息与可疑线索,支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置
Model Context Protocol(MCP) 编程极速入门
漏洞赏金工具是一款专为安全研究人员和白帽子黑客设计的图形化渗透测试工具集。它集成了多个常用的安全测试工具,提供了直观的用户界面,让漏洞挖掘变得更加简单和高效。
Free and Open Source Reverse Engineering Platform powered by rizin
Interactive roadmaps, guides and other educational content to help developers grow in their careers.
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
一款完全被动监听的谷歌插件,用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems.
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Repo to accompany my mastering LLM engineering course
基于chrome、firefox插件的被动式信息泄漏检测工具
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
E-mails, subdomains and names Harvester - OSINT
In-depth attack surface mapping and asset discovery
Scan for sensitive information easily and effectively.
A powerful tool for automated LLM fuzzing. It is designed to help developers and security researchers identify and mitigate potential jailbreaks in their LLM APIs.