waydmy Goto Github PK
Type: User
Type: User
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
A flexible scanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Burp插件,自动化挖掘SSRF,Redirect,Sqli漏洞,自定义匹配参数
Asynchronous HTTP/HTTPS proxy that intercepts and modifies messages(异步http/https代理,可拦截修改报文)
Burp Suite Pro Loader & Keygen
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
A swiss army knife for pentesting networks
deadpool代理池工具,可从hunter、quake、fofa等网络空间测绘平台取socks5代理,或本地导入socks5代理,轮询使用代理进行流量转发。
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
基于chrome、firefox插件的被动式信息泄漏检测工具
Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
File upload vulnerability scanner and exploitation tool.
用golang实现的Struts2扫描工具
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
l1ubai/SpringActuator-Unauthorized-Scan
ICP备案查询,从工业和信息化部政务服务平台抓取实时数据,提供本地API,自动过验证码,支持Web、APP、小程序、快应用名称查询,违法违规应用查询,支持根据备案号查询,支持根据企业名称查询
Jar Analyzer - 一个JAR包分析工具,批量分析搜索,方法调用关系搜索,字符串搜索,Spring分析,CFG分析,JVM Stack Frame分析等众多功能
java
通过jsp脚本扫描java web Filter/Servlet型内存马
HeapDump敏感信息提取工具
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
前端参数加密渗透测试通用解决方案
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.