HenryLeno

HenryLeno's Stars

• Micropoor/Micro8

  Gitbook

  18k971466.8k

• maurosoria/dirsearch

  Web path scanner

  Language:Python12.4k3095522.3k

• chaitin/xray

  一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

  Language:Vue10.6k2094721.8k

• github/codeql

  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  Language:CodeQL7.9k2392.3k1.6k

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.8k9981.3k

• google/syzkaller

  syzkaller is an unsupervised coverage-guided kernel fuzzer

  Language:Go5.4k1951k1.2k

• LyleMi/Learn-Web-Hacking

  Study Notes For Web Hacking / Web安全学习笔记

  Language:Python4.7k9515884

• lc/gau

  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

  Language:Go4.1k50104462

• google/AFL

  american fuzzy lop - a security-oriented fuzzer

  Language:C3.8k8291650

• google/honggfuzz

  Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

  Language:C3.1k126255517

• sevagas/macro_pack

  macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

  Language:Python2.2k9475406

• jtpereyda/boofuzz

  A fork and successor of the Sulley Fuzzing Framework

  Language:Python2.1k51259347

• awake1t/linglong

  一款甲方资产巡航扫描系统。系统定位是发现资产，进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示

  Language:Go1.8k2496307

• Margular/frida-skeleton

  基于frida的安卓hook框架，提供了很多frida自身不支持的功能，将hook安卓变成简单便捷，人人都会的事情

  Language:Python8502836129

• googleprojectzero/p0tools

  Project Zero Docs and Tools

  Language:C++725644113

• jas502n/IDA_Pro_7.2

  IDA_Pro_7.2

  Language:Shell620

• shelld3v/JSshell

  JSshell - JavaScript reverse/remote shell

  Language:Python6092814113

• whitel1st/docem

  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

  Language:Python55813394

• payloadbox/open-redirect-payload-list

  🎯 Open Redirect Payload List

  544181192

• souravbaghz/RadareEye

  Tool for especially scanning nearby devices and execute a given command on its own system while the target device comes in range.

  Language:Shell35720549

• googleprojectzero/SkCodecFuzzer

  Fuzzing harness for testing proprietary image codecs supported by Skia on Android

  Language:C++335181477

• wpvsyou/mprop

  修改Android prop脚本工具

  31831114

• chrispetrou/FDsploit

  File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

  Language:Python26710377

• roncoo/spring-cloud-demo

  Spring Cloud的基础教程，由浅入深，一步一步学习Spring Cloud，最后学到的不单单是基础！Spring Boot基础教程请看：https://github.com/roncoo/spring-boot-demo

  Language:Java224322127

• Tr3jer/dnsAutoRebinding

  ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6

  Language:Python2176139

• 0Kee-Team/JavaProbe

  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition

  Language:Java2045023

• SaneBow/redirect-fuzzer

  Fuzzing script for redirect URL validator

  Language:Python48128

• nccgroup/Extractor

  Extension adds a new tab in Burp Suite called Extractor

  Language:Java428211

• jas502n/CVE-2020-26259

  CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights.

  Language:Java25101

• l3yx/javaDeserializeNotes

  Java反序列化漏洞学习笔记

  Language:Java15205