5wimming's Stars
Ares-X/shiro-exploit
Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload
RedSiege/EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
FeeiCN/GSIL
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
5wimming/gadgetinspector
利用链、漏洞检测工具
rabbitmask/WeblogicScan
Weblogic一键漏洞检测工具,V1.5,更新时间:20200730
urbanadventurer/WhatWeb
Next generation web scanner
BeichenDream/Godzilla
哥斯拉
CTF-MissFeng/NmapBrutes
解析nmap扫描结果,并调用hydra进行暴力破解
x90skysn3k/brutespray
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
vanhauser-thc/thc-hydra
hydra
jmk-foofus/medusa
Medusa is a speedy, parallel, and modular, login brute-forcer.
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
fnmsd/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
akkuman/HunterApi
奇安信的网络空间测绘引擎 hunter 的 api 查询导出工具
cvkki/src
日常src平台域名收集
starnightcyber/subDomains
互联网公司子域名收集
5wimming/ASE
asset scan engine
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
newpanjing/simpleui
A modern theme based on vue+element-ui for django admin.一款基于vue+element-ui的django admin现代化主题。全球20000+网站都在使用!喜欢可以点个star✨
yaleimeng/TextClassify_with_BERT
使用BERT模型做文本分类;面向工业用途
weinull/github_code_search
Github关键字搜索工具可控制自动下载搜索到的代码文件
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
5wimming/whois-domain
search CNAME/MX of domain, and get creation_date expiration_date by whois
5wimming/redis-scan
5wimming/url-fingerprint
wpscanteam/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
SecWiki/sec-chart
安全思维导图集合
zhzyker/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
awake1t/linglong
一款甲方资产巡航扫描系统。系统定位是发现资产,进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示
sv3nbeast/ShiroScan
Shiro<=1.2.4反序列化,一键检测工具