Ho1mium's Stars
crawlab-team/crawlab
Distributed web crawler admin platform for spiders management regardless of languages and frameworks. 分布式爬虫管理平台,支持任何语言和框架
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
AlessandroZ/LaZagne
Credentials recovery project
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
ctf-wiki/ctf-wiki
Come and join us, we need you!
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
TophantTechnology/ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
c0ny1/upload-labs
一个想帮你总结所有类型的上传漏洞的靶场
c0ny1/vulstudy
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
0xbug/Hawkeye
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
w-digital-scanner/w13scan
Passive Security Scanner (被动式安全扫描器)
the-robot/sqliv
massive SQL injection vulnerability scanner
MiSecurity/x-patrol
github泄露扫描系统
0verSp4ce/DoraBox
DoraBox - Basic Web Vulnerability Training
0xbug/SQLiScanner
Automatic SQL injection with Charles and sqlmap api
RhinoSecurityLabs/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
c0ny1/xxe-lab
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
bsmali4/xssfork
xdnice/PCShare
PCShare是一款强大的远程控制软件,可以监视目标机器屏幕、注册表、文件系统等。
yyds-page/awvs-decode
The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
Tencent/wwsearch
A full-text search engine supporting massive users, real-time updating, fast fuzzy matching and flexible table splitting.
chorsley/python-Wappalyzer
Python driver for Wappalyzer, a web application detection utility.
githubmaidou/tools
Python渗透漏洞工具
joinsec/BadDNS
qiyeboy/BaseProxy
Asynchronous HTTP/HTTPS proxy that intercepts and modifies messages(异步http/https代理,可拦截修改报文)
c0ny1/WorkScripts
信息安全工程师工作常用脚本
Martin2877/sqliv-M
sqliv modified by Ali0th
boy-hack/BlueLotus_XSSReceiver
XSS平台 CTF工具 Web安全工具
Ho1mium/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.