Pinned Repositories
--Java
代码审计知识点整理-Java
--php
代码审计知识点整理-php
Android-IOS-Security
移动安全
bypass-
...Webshell
Fuzz_dic
参数 | 字典 collections
POC-EXP
Web端POC-EXP 整理
POC-EXP-
客户端POC-EXP整理
POC-EXP--
操作系统POC-EXP整理
POC-EXP---
IOT POC-EXP 整理
Python-crack
Python-漏扫工具
7hang's Repositories
7hang/Fuzz_dic
参数 | 字典 collections
7hang/POC-EXP
Web端POC-EXP 整理
7hang/Bug-bounty
Ressources for bug bounty hunting
7hang/cyber-security-interview
...
7hang/fastjsonScan
fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
7hang/Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
7hang/Address
7hang/aliyun-accesskey-Tools
阿里云accesskey利用工具
7hang/blog
整理笔记
7hang/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
7hang/bscan
7hang/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
7hang/captcha-killer-modified
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
7hang/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
7hang/ffuf
Fast web fuzzer written in Go
7hang/FRIDA-DEXDump
Fast search and dump dex on memory.
7hang/IoV-Security-Wiki
Research sharing on offense and defense of IoV.
7hang/MindAPI
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
7hang/mySapAdventures
A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters
7hang/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
7hang/proxy_pool
Python爬虫代理IP池(proxy pool)
7hang/SeCDictionary
少而精的常用字典,积累各种场景实现字典进化,只追求更简单更有效,不建议star,但建议pr。
7hang/Sh4d0w-BlastingDictionary
自己搜集的爆破字典,包括常用用户名、密码弱口令、XSS的on事件遍历、SQL万能密码
7hang/shiro-550-with-NoCC
奇安信北京攻防团队: Shiro-550 不依赖CC链利用工具
7hang/ssrf-king
SSRF plugin for burp Automates SSRF Detection in all of the Request
7hang/swagger-exp
A Swagger API Exploit
7hang/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
7hang/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
7hang/weblogic-framework
weblogic-framework
7hang/weblogic_cmd_plus
weblogic full vulnerability exploit tool, support T3/XMLDecoder vulnerability scanning .