Trace Any Objective-C Method Calls

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

mpass移动开发框架ios端抓包hook脚本

Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

Xtools 是一款 Sublime Text 插件，同时是一款简单的资产处理、命令行调用工具。

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

HeapDump敏感信息提取工具

A big list of Android Hackerone disclosed reports and other resources.

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

ZincSearch . A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

Nuclei template to detect Apache servers vulnerable to CVE-2024-38473

旨在以攻促防，针对Docker TCP socket的开源利用工具

FunDex(基于Xposed实现的脱壳机,支持5-13,支持类抽取。)

基于 LKY_OfficeTools 构建的图形化版本。一键自动化下载、安装、激活 Office 正版的办公增强工具。该工具完全免费、无广告、绿色、无毒、简约、高效、安全。

一键自动化 下载、安装、激活 Office 的利器。

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

Oversecured Vulnerable iOS App

一款部署于云端或本地的代理池中间件，可将静态代理IP灵活运用成隧道IP，提供固定请求地址，一次部署终身使用

apk文件加固特征检查工具，汇总收集已知特征和手动收集大家提交的app加固特征，目前总计约170条特征，支持40个厂商的加固检测，欢迎大家提交无法识别的app

A Curated list of IoT Security Resources

A curated list of awesome embedded and IoT security resources.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

awesome hacking chinese version

自动化反编译微信小程序，小程序安全评估工具，发现小程序安全问题，自动解密，解包，可还原工程目录，支持Hook，小程序修改

🌸 A command-line fuzzy finder

magisk 一键集成环境，再也不用每次刷完机繁琐的配置环境了！