EasyTools/software.json at master · doki-byte/EasyTools · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
{
  "items": [
    {
      "id": "burp suite",
      "name": "Burp Suite",
      "description": "Burp Suite是一款集成化的渗透测试工具，包含了很多功能，可以帮助我们高效地完成对Web应用程序的渗透测试和攻击。",
      "latestVersion": "v20251212",
      "toolType": "常用工具,渗透工具,代理工具,抓包工具",
      "toolLanguage": "Java",
      "lastUpdated": "2022-03-09",
      "author": "PortSwigger",
      "homepage": "https://portswigger.net/burp",
      "isNew": false
    },
    {
      "id": "幻影",
      "name": "幻影",
      "description": "一款面向 SRC 场景的浏览器扩展），自动收集页面及相关资源中的敏感信息与可疑线索，支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置。",
      "latestVersion": "1.8.0",
      "toolType": "浏览器插件,信息搜集",
      "toolLanguage": "JavaScript,HTML",
      "lastUpdated": "2025-01-01",
      "author": "Team-intN18-SoybeanSeclab",
      "homepage": "https://github.com/Team-intN18-SoybeanSeclab/Phantom/",
      "isNew": false
    },
    {
      "id": "tscanplus",
      "name": "TscanPlus",
      "description": "一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。",
      "latestVersion": "v3.0.2",
      "toolType": "常用工具,信息搜集,渗透工具",
      "toolLanguage": "Python",
      "lastUpdated": "2025-10-10",
      "author": "TideSec",
      "homepage": "https://github.com/TideSec/TscanPlus",
      "isNew": false
    },
    {
      "id": "rotorgoddess",
      "name": "RotorGoddess",
      "description": "转子女神",
      "latestVersion": "",
      "toolType": "常用工具,信息搜集,渗透工具,js分析",
      "toolLanguage": "JavaScript,CSS,HTML",
      "lastUpdated": "2025-09-06",
      "author": "",
      "homepage": "https://github.com/Snow-Mountain-Passengers/Rotor-Goddess",
      "isNew": false
    },
    {
      "id": "tsojanscan",
      "name": "TsojanScan",
      "description": "TsojanScan 提供了多种扫描模块，支持主动和被动的漏洞探测，优化了扫描性能和兼容性，是一个强大的渗透测试工具。本着市面上各大漏洞探测插件的功能比较单一，TsojanScan 在已有框架的基础上修改并增加常用的漏洞探测POC，会以最少的数据包请求来准确检测各漏洞存在与否，你只需要这一个足矣",
      "latestVersion": "v1.4.6",
      "toolType": "burp插件,渗透工具",
      "toolLanguage": "Java",
      "lastUpdated": "2024-09-12",
      "author": "",
      "homepage": "https://github.com/Tsojan/TsojanScan",
      "isNew": false
    },
    {
      "id": "cobalt strike",
      "name": "Cobalt Strike",
      "description": "Cobalt Strike 是一款高级威胁模拟平台，是一个集成了多种攻击技术的协同作战框架。",
      "latestVersion": "v4.10.1",
      "toolType": "常用工具,渗透工具,C2",
      "toolLanguage": "Java",
      "lastUpdated": "2025-10-13",
      "author": "Raphael Mudge",
      "homepage": "https://www.cobaltstrike.com/",
      "isNew": false
    },
    {
      "id": "brup_mcp",
      "name": "brup_MCP",
      "description": "burp_MCP的插件，可以直接和trae或者其他大模型平台链接，需要2025版，要求jdk21",
      "latestVersion": "",
      "toolType": "burp插件,渗透工具,tips,AI",
      "toolLanguage": "",
      "lastUpdated": "2025-10-13",
      "author": "",
      "homepage": "https://github.com/portswigger/mcp-server",
      "isNew": false
    },
    {
      "id": "mitan",
      "name": "mitan",
      "description": "主要包含资产信息收集，IP端口查询，备案信息查询，子域名爆破（支持多级递归），搜索引擎语法自动生成（FOFA,Hunter,Quake,ZoomEye,google,github），资产测绘（FOFA，hunter，Quake，ZoomEye , 零零信安 的查询及结果导出），指纹识别、敏感信息（暴露接口并可以自动探测未授权），文件扫描（包含目录，备份文件，spring信息泄漏，自定义字典等）、端口扫描、弱口令爆破、sessionkey加解密、jwt密钥爆破、代理池、swagger未授权探测、渗透技能路线备忘录，常用网络安全网站导航等功能。",
      "latestVersion": "v1.2.3",
      "toolType": "常用工具,信息搜集,渗透工具",
      "toolLanguage": "Java",
      "lastUpdated": "2025-05-10",
      "author": "kkbo8005",
      "homepage": "https://github.com/kkbo8005/mitan",
      "isNew": false
    },
    {
      "id": "wappalyzer",
      "name": "wappalyzer",
      "description": "Wappalyzer可通过检测网站源代码、HTTP头文件等信息，揭示其使用的CMS、Web框架、服务器软件等技术信息",
      "latestVersion": "",
      "toolType": "浏览器插件,js分析",
      "toolLanguage": "Python,Go",
      "lastUpdated": "2025-10-13",
      "author": "ElbertAlias",
      "homepage": "https://www.wappalyzer.com/",
      "isNew": false
    },
    {
      "id": "中国蚁剑",
      "name": "中国蚁剑",
      "description": "中国蚁剑（AntSword）是一款开源跨平台的Webshell管理工具，主要用于合法授权的渗透测试和网站管理",
      "latestVersion": "v2.1.15",
      "toolType": "webshell管理工具",
      "toolLanguage": "JavaScript",
      "lastUpdated": "2022-07-17",
      "author": "",
      "homepage": "https://github.com/AntSwordProject/antSword",
      "isNew": false
    },
    {
      "id": "哥斯拉",
      "name": "哥斯拉",
      "description": "该工具是一款强大的webshell管理工具，可以帮助安全研究人员和管理员在渗透测试或安全评估过程中对服务器进行远程操作。",
      "latestVersion": "v4.0.1",
      "toolType": "webshell管理工具",
      "toolLanguage": "Java",
      "lastUpdated": "2021-09-01",
      "author": "张一臣",
      "homepage": "https://github.com/BeichenDream/Godzilla/",
      "isNew": false
    },
    {
      "id": "冰蝎",
      "name": "冰蝎",
      "description": "冰蝎是一个动态二进制加密的Webshell管理工具，冰蝎相对而言偏向于后渗透阶段。",
      "latestVersion": "v4.1 tools专版",
      "toolType": "webshell管理工具",
      "toolLanguage": "Java",
      "lastUpdated": "2025-10-13",
      "author": "Tas9er@A.E.0.S Security Team",
      "homepage": "https://github.com/rebeyond/Behinder/releases",
      "isNew": false
    },
    {
      "id": "snibypassgui",
      "name": "SNIBypassGUI",
      "description": "通过 Nginx 反向代理实现绕过 SNI 阻断，达到直连Google以及国外网站",
      "latestVersion": "v4.6",
      "toolType": "tips,翻翻,代理工具",
      "toolLanguage": "C#",
      "lastUpdated": "2025-04-14",
      "author": "",
      "homepage": "https://github.com/racpast/SNIBypassGUI",
      "isNew": false
    },
    {
      "id": "dirsearch",
      "name": "dirsearch",
      "description": "dirsearch 是一个开源的、功能强大的命令行工具，专门用于对 Web 服务器进行基于字典的路径/目录和文件暴力扫描",
      "latestVersion": "v0.4.3",
      "toolType": "常用工具,信息搜集,渗透工具",
      "toolLanguage": "Python",
      "lastUpdated": "2022-10-05",
      "author": "Mauro Soria",
      "homepage": "https://github.com/maurosoria/dirsearch",
      "isNew": false
    },
    {
      "id": "rips",
      "name": "RIPS",
      "description": "是一款基于PHP的静态代码审计工具，主要用于检测PHP代码中的安全漏洞，支持SQL注入、XSS、文件泄露等20余种常见安全问题。",
      "latestVersion": "",
      "toolType": "代码审计",
      "toolLanguage": "PHP",
      "lastUpdated": "2025-10-20",
      "author": "",
      "homepage": "http://rips-scanner.sourceforge.net/",
      "isNew": false
    },
    {
      "id": "strix",
      "name": "Strix",
      "description": "Strix 是 usestrix 开源维护的 AI 渗透测试平台，核心“各司其职”的 AI 智能体。这些智能体仿佛专业黑客，能够协同工作，对你的应用（代码库、API、前端、生产环境等）发起探测、攻击和验证，并以 PoC（漏洞复现实例）方式给出真实可利用的漏洞报告。",
      "latestVersion": "0.5.0",
      "toolType": "渗透工具,AI,代码审计",
      "toolLanguage": "Python",
      "lastUpdated": "2025-11-12",
      "author": "",
      "homepage": "https://github.com/usestrix/strix",
      "isNew": false
    }
  ]
}