fsocietyon Goto Github PK
Type: User
fsocietyon's Projects
apkleaks
Scanning APK file for URIs, endpoints & secrets.
ashxlessspy
ashx China Chopper WebShell
awvs13_batch_py3
针对 AWVS扫描器开发的批量扫描脚本,支持log4j漏洞专项,支持联动xray、burp、w13scan等被动批量
blaster
blaster 是一款弱密码隐患检测工具,用于网站登录弱密码检测。
captcha-killer-java8
captcha-killer-modified
captcha-killer的修改版,主要用于验证码爆破,适配新版Burpsuite
cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
codeqlrule
个人使用CodeQL编写的一些规则
crawlergo_x_xray
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
cve-2023-21839
Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)
domainnamepredictor
一个简单的现代化公司域名使用规律预测及生成工具
fso.github.io
blog & blog theme🤘
fuck_waf_jspx
能绕过waf的jspx cmd shell,参考了sevck前辈的https://www.cnblogs.com/sevck/p/7069251.html
fuzzdicts
Web Pentesting Fuzz 字典,一个就够了。
jspspy.jsp
Jsp木马远程控制脚本(大马)
log4j2scan
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
micro_service_seclab
Java漏洞靶场
mscan
方便快捷是这款扫描器的优点,能随意修改增加模块。目前的版本功能如下:支持子域名收集、POC批量验证、目录扫描、检测CDN、域名转IP、主机扫描、过滤重复、检测HTTP状态、压缩程序、XRAY扫描。
pentest-tools
Custom pentesting tools
pycmd
python+php+jsp WebShell(一句话木马)
redteamnotes
红队笔记
superwordlist
基于实战沉淀下的各种弱口令字典
webfuzzing
自用字典,收集实战中遇到的奇特目录名、后门文件名等。不定期更新!
weblogicpoc
Weblogic Vuln POC EXP cve-2020-2551 cve-2020-2555 cve-2020-2883 ,。。。
webshell
This is a webshell open source project
webshell-1
这是一个WebShell收集项目
webshell-2
WebShell Collect
webshells
php - asp - aspx
xia_sql
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.