🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…

OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora

Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.

🎬 A curated list of movies every hacker & cyberpunk must watch.

OSS-Fuzz - continuous fuzzing for open source software.

WireGuard VPN installer for Linux servers

Attack Surface Management Platform

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

This is a multi-use bash script for Linux systems to audit wireless networks.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Linux privilege escalation auditing tool

A repository with 3 tools for pwn'ing websites with .git repositories available

快速搭建各种漏洞环境(Various vulnerability environment)

Git All the Payloads! A collection of web attack payloads.

微信小助手的安装 / 更新工具。

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Automatically brute force all services running on a target.

Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理，代理API认证，全能跨平台代理服务器。

This script is intended to automate your reconnaissance process in an organized fashion

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advan…

403/401 Bypass Methods + Bash Automation + Your Support ;)

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

一键提取安卓应用中可能存在的敏感信息。

Automation for javascript recon in bug bounty.

uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web application…

Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true wit…