Fast service fingerprinting CLI for 120+ protocols (TCP/UDP/SCTP) - built by Praetorian

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

Humanizer 的汉化版本，Claude Code Skills，旨在消除文本中 AI 生成的痕迹。

wooyun-legacy skill for claude code

Convert documentation websites, GitHub repositories, and PDFs into Claude AI skills with automatic conflict detection

全自动字典生成---定向字典/社工字典/字典碰撞---火花(spark)

Enterprise distributed network asset scanning platform with port scanning, subdomain enumeration, fingerprinting, and vulnerability detection. Built with Go-Zero + Vue3.(端口扫描/子域名枚举/指纹识别/漏洞检测)

Shannon Lite is a fully autonomous AI pentester for web apps and APIs. 96.15% (100/104 exploits) on a hint-free, source-aware variant of the XBOW benchmark.

A powerful cross-platform port management tool for developers. Monitor ports, manage Kubernetes port forwards, integrate Cloudflare Tunnels, and kill processes with one click.

Vibe Coding 指南 - 涵盖 Prompt 提示词、Skill 技能库、Workflow 工作流的 AI 编程工作站

Interesting APT Report Collection And Some Special IOCs

体系化、实战化、step by step、目标清晰且具体的一个打怪升级、成长路径规划图

适用于红队攻防演练获得目标账户批量登录，报告编写

Fully automatic censorship removal for language models

A cross-platform GUI for ecapture built with Tauri, enabling eBPF-based, non-intrusive TLS inspection on Linux & Android, with remote clients for Windows, macOS, and Linux.

一款功能强大的Docker Registry 5000端口未授权浏览、下载和安全测试工具，集成了镜像管理、认证爆破、敏感信息搜索等多项实用功能。

Free and Open Source Reverse Engineering Platform powered by rizin

The best ChatGPT that $100 can buy.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Open source free capture HTTP(S) traffic software ProxyPin, supporting full platform systems

【Hello CTF】题目配套，免费开源的CTF入门教程，针对0基础新手编写，同时兼顾信息差的填补，对各阶段的CTFer都友好的开源教程，致力于CTF和网络安全的开源生态！

Memory layer for AI Agents. Replace complex RAG pipelines with a serverless, single-file memory layer. Give your agents instant retrieval and long-term memory.

AI-Powered Python & Python-Powered AI (Python-Use)

Nuclei POC，每2小时更新 | 自动整合全网Nuclei的漏洞POC，实时同步更新最新POC，保存已被删除的POC。通过批量克隆Github项目，获取Nuclei POC，并将POC按类别分类存放，使用Github Action实现。已有41w+POC，其中3.5w+高质量POC

瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf

Nacos 综合漏洞利用工具

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

The Leading Security Assessment Framework for Android.

一款部署于云端或本地的隧道代理池中间件，可将静态代理IP灵活运用成隧道IP，提供固定请求地址，一次部署终身使用