danielmiessler / SecLists

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

A curated list of the most common and most interesting robots.txt disallowed directories.

Parse source code directories and output list of URLs that are then sent through a proxy.

Quick script to gather stats on incoming credentials and IPs for a honey listener.

#夺旗赛 (CTF) 和网络安全资源#该仓库整理了Web安全相关攻击示例代码和资源

大模型Grok-1开源

Fast web fuzzer written in Go

Gobuster是一款用于网站目录/文件、DNS、虚拟主机vhost暴力穷举的工具，使用Go编写

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Windows、Linux/Unix*、MacOS 提权脚本合集

Nuclei 是一个基于YAML模板，自定义的漏洞扫描工具。

Open-Sora： 完全开源的高效复现类Sora视频生成方案

#夺旗赛 (CTF) 和网络安全资源#该仓库收集了一堆有用的工具、链接、技术博客、CheatSheet等等

#夺旗赛 (CTF) 和网络安全资源#😱 A curated list of amazingly awesome OSINT

Web path scanner

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

上传截图通过GPT生成HTML/Tailwind/JavaScript代码

#安全#sqlmap 是一个开源的渗透测试工具，可以用来自动化的检测，利用SQL注入漏洞，获取数据库服务器的权限。它具有功能强大的检测引擎,针对各种不同类型数据库的渗透测试的功能选项，包括获取数据库中存储的数据，访问操作系统文件甚至可以通过带外数据连接的方式执行操作系统命令。

#安卓#关于安全、黑客、渗透测试相关资源链接

#大语言模型#🙌 OpenHands: Code Less, Make More

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Fast subdomains enumeration tool for penetration testers