HippoCurl

HippoCurl's Stars

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  87.1k3.9k09k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP59.7k1.9k27324k

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go12.2k2196561.9k

• offensive-security/exploitdb

  The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb

  7.7k737951.9k

• s0md3v/AwesomeXSS

  Awesome XSS stuff

  Language:JavaScript4.8k23913771

• tomnomnom/waybackurls

  Fetch all the URLs that the Wayback Machine knows about for a domain

  Language:Go3.6k6844481

• sensepost/gowitness

  🔍 gowitness - a golang, web screenshot utility using Chrome Headless

  Language:Go3.4k49185363

• kelvinBen/AppInfoScanner

  一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

  Language:Python3.2k4343386

• techgaun/github-dorks

  Find leaked secrets via github search

  Language:Python2.9k9222591

• pentestmonkey/php-reverse-shell

  Language:PHP2.3k4681.9k

• teamssix/awesome-cloud-security

  awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

  1.8k270222

• bit4woo/knife

  A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

  Language:Java1.6k2877200

• d3vilbug/HackBar

  HackBar plugin for Burpsuite

  Language:Java1.6k652261

• BullsEye0/google_dork_list

  Google Dorks | Google helps you to find Vulnerable Websites that Indexed in Google Search Results. Here is the latest collection of Google Dorks. A collection of 13.760 Dorks. Author: Jolanda de Koff

  1.5k731294

• Schira4396/VcenterKiller

  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

  Language:Go1.4k1514167

• bitsadmin/fakelogonscreen

  Fake Windows logon screen to steal passwords

  Language:C#1.3k4115235

• projectdiscovery/nuclei-burp-plugin

  Nuclei plugin for BurpSuite

  Language:Java1.2k2942115

• CyberSecurityUP/Cloud-Security-Attacks

  Azure and AWS Attacks

  1.1k322239

• Ares-X/shiro-exploit

  Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload

  Language:Python887169123

• f0ng/log4j2burpscanner

  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

  Language:Java8071163111

• ChrisLinn/greyhame-2017

  知识星球"灰袍技能" 2017 精华

  795550187

• xiecat/fofax

  FOFAX是一个基于fofa.info的API命令行查询工具

  Language:Go753143576

• allanlw/svg-cheatsheet

  A cheatsheet for exploiting server-side SVG processors.

  70413192

• PortSwigger/backslash-powered-scanner

  Finds unknown classes of injection vulnerabilities

  Language:Java643292193

• capture0x/XSS-LOADER

  Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

  Language:Python569156115

• CompassSecurity/SAMLRaider

  SAML2 Burp Extension

  Language:Java410225674

• xiaoheiwo/GGSCAN

  一款渗透时快速资产探测工具

  Language:Python2235242

• p0desta/AutoBypass403-BurpSuite

  一个自动化bypass 403/auth的Burpsuite插件

  Language:Java1823214

• Damian89/xssfinder

  Toolset for detecting reflected xss in websites

  Language:Python1107636

• chryzsh/JenkinsPasswordSpray

  A tool to password spray Jenkins instances

  Language:PowerShell544012