DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

Complete Claude Code configuration collection - agents, skills, hooks, commands, rules, MCPs. Battle-tested configs from an Anthropic hackathon winner.

Enterprise distributed network asset scanning platform with port scanning, subdomain enumeration, fingerprinting, and vulnerability detection. Built with Go-Zero + Vue3.(端口扫描/子域名枚举/指纹识别/漏洞检测)

wooyun-legacy skill for claude code

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI wor…

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

Open-source AI agents for penetration testing

Tutorials, tools, and more as related to reverse engineering video games.

Frida-based libil2cpp.so runtime parsing script

A Frida module to dump, trace or hijack any IL2CPP application at runtime, without needing the global-metadata.dat file.

Using Zygisk to dump il2cpp data at runtime

一个基于uprobe，能同时hook大量用户地址空间函数的kpm内核模块

一个用于对unity il2cpp框架开发的安卓端手游进行trace的so模块

A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems.

BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language ins…

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

TCP connection hijacker, Rust rewrite of shijack

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa…

pe reflection tool, which confuses invoke and entry

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

The new bridge between Burp Suite and Frida!

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

重生之我在安全行业讨口子系列，分享在安全行业讨口子过程中，SRC、项目实战的有趣案例

WEB安全手册(红队安全技能栈)，漏洞理解，漏洞利用，代码审计和渗透测试总结。【持续更新】

Build and share delightful machine learning apps, all in Python. 🌟 Star to support our work!

安卓逆向学习

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Metarget is a framework providing automatic constructions of vulnerable infrastructures.