0tian's Stars
feihong-cs/JspMaster-Deprecated
一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密
feihong-cs/ShiroExploit-Deprecated
Shiro550/Shiro721 一键化利用工具,支持多种回显方式
rabbitmask/WeblogicScan
Weblogic一键漏洞检测工具,V1.5,更新时间:20200730
timwhitez/crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
neex/phuip-fpizdam
Exploit for CVE-2019-11043
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
kbandla/APTnotes
Various public documents, whitepapers and articles about APT campaigns
huiyadanli/RevokeMsgPatcher
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
nian-hua/BurpExtender
ehang-io/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
tennc/webshell
This is a webshell open source project
JnuSimba/MiscSecNotes
some learning notes about Web Application Security、 Penetration Test
bytebuff/JSpider
JSpider会每周更新至少一个网站的JS解密方式,欢迎 Star,交流微信:13298307816
Brucetg/App_Security
LangziFun/BuTian_Spider
2019 补天厂商爬虫与数据可视化文件打包
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
google/vulncode-db
Vulncode-DB project
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
SilverPoision/Rock-ON
Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.
Techlord-RCE/Penetration-Testing
List of awesome penetration testing resources, tools and other shiny things
GitGuardian/APISecurityBestPractices
Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
euphrat1ca/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
euphrat1ca/fuzzdb-collect
网络上安全资源的搜集
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
1N3/Sn1per
Attack Surface Management Platform
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.