Pinned Repositories
Bridge
无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
evilpdf
Embedding executable files in PDF Documents
fastjson_rce_tool
fastjson_rce工具,不用搭建HTTP服务,不受JDK版本限制
MSSQL_SQL_BYPASS_WIKI
MSSQL注入提权,bypass的一些总结
PHP-Audit-Labs
一个关于PHP的代码审计项目
Scanners-Box
A powerful hacker toolkit which collects more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
shiro_rce
shiro rce 反序列 命令执行 一键工具
SuperWordlist
基于实战沉淀下的各种弱口令字典
vulnerability-assessment-tool
Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://sap.github.io/vulnerability-assessment-tool/
WindowsExploits
Windows Exploit List
Hacker-One's Repositories
Hacker-One/Bridge
无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
Hacker-One/PHP-Audit-Labs
一个关于PHP的代码审计项目
Hacker-One/fastjson_rce_tool
fastjson_rce工具,不用搭建HTTP服务,不受JDK版本限制
Hacker-One/shiro_rce
shiro rce 反序列 命令执行 一键工具
Hacker-One/SuperWordlist
基于实战沉淀下的各种弱口令字典
Hacker-One/LangSrcCurise
SRC子域名资产监控
Hacker-One/automactc
AutoMacTC: Automated Mac Forensic Triage Collector
Hacker-One/collection-document
Collection of quality safety articles
Hacker-One/CS-checklist
PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penestration checklist
Hacker-One/CVE-2019-11043
(PoC) Python version of CVE-2019-11043 exploit by neex
Hacker-One/CVE-2019-7609
exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
Hacker-One/fastjson-1.2.60-rce
autoType enable
Hacker-One/GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Hacker-One/graudit
grep rough audit - source code auditing tool
Hacker-One/JDSRC-Small-Classroom
京东SRC小课堂系列文章
Hacker-One/jumpserver
Jumpserver是全球首款完全开源的堡垒机,是符合 4A 的专业运维审计系统。
Hacker-One/nps
一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
Hacker-One/openrasp
🔥Open source RASP solution
Hacker-One/owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
Hacker-One/PoCBox
PoCBox - 赏金猎人的脆弱性测试辅助平台(破300star写重构版本,400star免费线上版本开放【在线食用地址:由于经常被DDOS导致服务器资源恶意被占用 费用过大决定关闭服务 】,1000star开源重构全新版本!)
Hacker-One/reverse-shell
Reverse Shell as a Service
Hacker-One/seecode-scanner
SeeCode Scanner 扫描引擎
Hacker-One/shiro-550-with-NoCC
奇安信北京攻防团队: Shiro-550 不依赖CC链利用工具
Hacker-One/Sn1per
Automated pentest framework for offensive security experts
Hacker-One/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
Hacker-One/taro
开放式跨端跨框架解决方案,支持使用 React/Vue/Nerv 等框架来开发微信/京东/百度/支付宝/字节跳动/ QQ 小程序/H5 等应用。 https://taro.jd.com/
Hacker-One/TPscan
一键ThinkPHP漏洞检测
Hacker-One/wordpress-exploit-framework
A Ruby framework designed to aid in the penetration testing of WordPress systems.
Hacker-One/wpscan
WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
Hacker-One/xray-crack
xray社区高级版证书生成,仅供学习研究,正常使用请支持正版