傻瓜式漏洞PoC测试框架

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

Automatically Collect POC or EXP from GitHub by CVE ID.

A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁（我已经看到了，撤回也没用了）

Fuzzing harnesses, corpora, scripts, and target-specific notes for fuzzing IrfanView

收集的文章 https://mrwq.github.io/tools/paper/

A full-featured download manager.

Winnie makes fuzzing Windows applications easy

A simple proxy client

一个旨在使QQ变得更好用的开源Xposed模块

二进制安全相关的学习笔记，感谢滴水逆向的所有老师辛苦教学。

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.

Collection of methodology and test case for various web vulnerabilities.

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

A DOM fuzzer.

Fuzzing JavaScript Engines with Aspect-preserving Mutation

🐱‍💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...

Fast subdomains enumeration tool for penetration testers

A tool to check a bunch of URLs that contain reflecting params.

Chrome开发者工具中文手册

IoT固件漏洞复现环境

A coverage-guided and memory-detection enabled fuzzer for windows applications.

Materials for Windows Malware Analysis training (volume 1)

Collections of Orange Tsai's public presentation slides.

fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)

一款甲方资产巡航扫描系统。系统定位是发现资产，进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。