A CLI tool for efficient metadata-to-business data conversion, with basic interface calls and data processing.

A JavaFX-based FOFA client that simplifies access to FOFA's powerful search engine with a concise UI.

A fast, simple FOFA query tool written in Go, with customizable FX syntax queries via a YAML config file.

FofaMap v2.0 is the first AI-powered red team asset intelligence agent developed in Python 3. Building on its core functions—such as FOFA data collection, host discovery, statistical aggregation, icon hashing, and batch querying—version 2.0 natively supports the MCP protocol, enabling seamless integration with AI platforms like Cursor and Claude. Its built-in AI self-reflection mechanism automatically optimizes search syntax based on query results and intelligently links with Nuclei to recommend precise scanning strategies. This evolution shifts red team operations from passive data collection to proactive, intelligent decision-making.

A simple Python wrapper for the FOFA API (supports Python), enabling easy integration of FOFA data into projects.

A Java SDK for FOFA Pro API, simplifying integration for Java developers.

An asset mapping tool for port scanning, TCP fingerprinting, banner capture, and brute force cracking, with minimal packet usage. It is the first open-source RDP brute force tool on the Go platform.

CyberStrikeAI is an AI-native security testing platform built in Go. It integrates 100+ security tools, an intelligent orchestration engine, and comprehensive lifecycle management capabilities.

A Tampermonkey script that displays Fofa assets, providing a quick and intuitive overview of a website's assets.

A comprehensive info-gathering plugin for asset mapping, data collection, sensitive info extraction, and scanning (JS, directory, Vue), integrating popular platforms.

Cyberspace Mapping APT Automated Line Extension Tool

Milkyway is an all-in-one scanning tool with efficient features for host discovery, port scanning, protocol identification, fingerprinting, vulnerability scanning, and more.

Assist the attacker to quickly collect information, map target assets, and find weaknesses. Simply enter the root domain name to collect all relevant assets and detect vulnerabilities.

The TestNet Asset Management System aims to provide comprehensive and efficient internet asset management and monitoring services, building a detailed asset information library. This system can help enterprise security teams or penetration testers conduct in-depth reconnaissance and analysis of target assets, provide continuous risk monitoring from an attacker's perspective, assist users in real-time understanding of asset dynamics, identify and fix security vulnerabilities, effectively reduce the attack surface, and enhance overall security protection capabilities.

ReconFTW is an automated reconnaissance tool for target domains, performing scans, vulnerability checks, and subdomain enumeration to gather maximum information.

OneForAll is a powerful subdomain collection tool.

Quickly discover exposed hosts on the internet using multiple search engines.

In-depth attack surface mapping and asset discovery.