Skip to content
View bowman03's full-sized avatar

Block or report bowman03

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Showing results

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

Java 5,089 1,043 Updated May 11, 2026

HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite

Java 836 86 Updated Apr 1, 2026

A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise ide…

Python 2,987 459 Updated Jul 1, 2026

渗透测试Payload速查平台 | Pentest Payload Quick Reference | XSS/SQLi/SSRF/RCE | React+TypeScript

TypeScript 458 112 Updated Jul 16, 2026

🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites

Python 35,503 2,712 Updated Jul 18, 2026

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

Go 1,650 210 Updated Jun 16, 2024

NeuroSploit is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large language…

Rust 1,239 302 Updated Jul 11, 2026

玄镜 AegisScope:一个前端代码资产采集、网站嗅探、备案查询、指纹扫描、泄露扫描、漏洞审计、浏览器辅助与 Vue Router 运行分析的浏览器扩展工具。 面向授权安全测试、SRC 辅助审计、前端打包产物分析和接口风险梳理场景。

JavaScript 215 10 Updated Jul 14, 2026

纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY 的利用

Java 836 97 Updated Sep 18, 2023

Java Vulnerability Exploitation Platform

Dockerfile 2,125 171 Updated Apr 29, 2026

一款专注于 Java 主流 Web 中间件的内存马快速生成工具,致力于简化安全研究人员和红队成员的工作流程,提升攻防效率

Java 1,551 155 Updated Jul 16, 2026

JWT Auditor – Analyze, break, and understand your tokens like a pro.

HTML 585 94 Updated Jul 11, 2026

Web application fuzzer

Python 6,543 1,402 Updated Jan 21, 2026

SQL Injection Scout 是一个用于 Burp Suite 的扩展,专为帮助安全研究人员和开发人员检测和分析 SQL 注入漏洞而设计。该扩展提供了丰富的配置选项和直观的用户界面,便于用户自定义扫描和分析过程。

Kotlin 272 13 Updated Feb 6, 2026

魔改的chromium,指纹浏览器,过掉F12反调试,当前chromium版本140

518 80 Updated Apr 3, 2026

致命精准的红队作战兵器。模块化集成资产发现、漏扫与利用,重新定义渗透测试工作流 (Workflow) 的新一代安全平台。

TypeScript 387 18 Updated Jun 29, 2026
Go 172 13 Updated Dec 26, 2025

社工信息快速收集工具-GUI

Python 6 3 Updated Feb 9, 2026

Advanced JavaScript File Discovery and Analysis Tool

Python 188 19 Updated Nov 8, 2025

浏览器存储桶配置漏洞检测插件

JavaScript 273 9 Updated Nov 27, 2025

一个用于测试文件上传功能安全性的 Burp Suite 插件。通过 Intruder 模块自动生成各类绕过 payload,覆盖常见的文件上传限制场景。共1000+条payload

Python 621 46 Updated Dec 24, 2025

JavaScript Reverse Tools -- JS逆向工具

JavaScript 2,034 284 Updated Jun 16, 2026

🔍 Chrome扩展,为安全研究和渗透测试提供Google/百度/Bing高级搜索语法快捷执行。一键Dorking、批量提取URL、智能过滤黑名单,大幅提升信息收集效率。 🔍 Chrome extension for security research and penetration testing. One-click advanced search (Dorking) on Google…

TypeScript 147 8 Updated Oct 16, 2025

CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways. 信息洞察,智探千方!

Java 1,509 83 Updated May 25, 2026

EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破

Go 969 62 Updated Mar 6, 2024

burp插件,Oss漏洞被动扫描

Java 114 7 Updated Aug 8, 2025

通过谷歌语法自动收集敏感信息的信息搜集工具

229 8 Updated Mar 20, 2026

alienvault is way to find secret files on web server using alienvault . Its fetching urlss from Internet

Shell 1 1 Updated Feb 3, 2025

Swagger/OpenAPI/WSDL/SOAP 接口 Fuzz 工具, —— 面向 API 安全测试的轻量化命令行工具。

Python 15 1 Updated Oct 10, 2025
Next