laowang1026 Goto Github PK
Name: 原来是老王
Type: User
Bio: 一个热爱网络的青年
Location: 上海
Name: 原来是老王
Type: User
Bio: 一个热爱网络的青年
Location: 上海
JuicyPotato修改版
Bruteforce a JWT against a list of passwords
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Usefull JWT Tool.
A tool to test security of json web token
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
Various kernel exploits
:palm_tree:Windows exploits提权漏洞合集,附带编译环境,演示GIF图,漏洞详细信息,可执行文件
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
A small POC to make defender useless by removing its token privileges and lowering the token integrity
A simple reverse whois lookup tool which returns a list of domains owned by people or companies
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹2000+,暴力破解协议10余种。
无状态子域名爆破工具
Hunt for security weaknesses in Kubernetes clusters
KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
SRC子域名资产监控
批量爬取JS文件中接口信息,添加spring boot actuator目录扫描以及手机号、身份证号码等敏感信息匹配
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
从0开始学安全,注重实战+技巧的运用,分享各种安全攻防干货,包括但不限于:内网渗透、代码审计 、Web安全、企业安全等。
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Local file inclusion discovery and exploitation tool
Ligolo : 用于内网渗透的反向隧道
Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to validate the target in-scope.
Linux privilege escalation auditing tool
A script that uses nmap to expand IP ranges into a list of IPs
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
A tool that scans archives to check for vulnerable log4j versions
Remote Code Injection In Log4j
BurpSuite Extension: Log4j2 RCE Scanner
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.