GithubHelp home page GithubHelp logo

原来是老王's Projects

jwt_tool icon jwt_tool

:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

k0otkit icon k0otkit

k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.

kernelhub icon kernelhub

:palm_tree:Windows exploits提权漏洞合集,附带编译环境,演示GIF图,漏洞详细信息,可执行文件

keye icon keye

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

killdefender icon killdefender

A small POC to make defender useless by removing its token privileges and lowering the token integrity

knockknock icon knockknock

A simple reverse whois lookup tool which returns a list of domains owned by people or companies

kscan icon kscan

Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹2000+,暴力破解协议10余种。

kube-hunter icon kube-hunter

Hunt for security weaknesses in Kubernetes clusters

kubestalk icon kubestalk

KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.

leakinfo_finder icon leakinfo_finder

批量爬取JS文件中接口信息,添加spring boot actuator目录扫描以及手机号、身份证号码等敏感信息匹配

leaky-paths icon leaky-paths

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

learn-security-from-0 icon learn-security-from-0

从0开始学安全,注重实战+技巧的运用,分享各种安全攻防干货,包括但不限于:内网渗透、代码审计 、Web安全、企业安全等。

learnjavabug icon learnjavabug

Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

lfimap icon lfimap

Local file inclusion discovery and exploitation tool

ligolo icon ligolo

Ligolo : 用于内网渗透的反向隧道

lilly icon lilly

Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to validate the target in-scope.

listips icon listips

A script that uses nmap to expand IP ranges into a list of IPs

log4j-scan icon log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-sniffer icon log4j-sniffer

A tool that scans archives to check for vulnerable log4j versions

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.