Iamnotbad's Stars
hanbinglengyue/FART
ART环境下自动化脱壳方案
Margular/frida-skeleton
基于frida的安卓hook框架,提供了很多frida自身不支持的功能,将hook安卓变成简单便捷,人人都会的事情
RedSiege/GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
FeeiCN/Security-PPT
Security-related Slide Presentation & Security Research Report(大安全各领域各公司各会议分享的PPT以及各类安全研究报告)
izj007/wechat
微信收藏的文章
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
aleenzz/MYSQL_SQL_BYPASS_WIKI
mysql注入,bypass的一些心得
aleenzz/MSSQL_SQL_BYPASS_WIKI
MSSQL注入提权,bypass的一些总结
ax1sX/SecurityList
A list for Web Security and Code Audit
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
qi4L/CallbackLoader-go
Callback Function Loader Implemented in Go
qi4L/Unhooker-go
EDR绕过demo
TideSec/GoBypassAV
整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。
Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
gh0stkey/HaE
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
pmiaowu/BurpFastJsonScan
一款基于BurpSuite的被动式FastJson检测插件
matro7sh/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Mr-xn/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
projectdiscovery/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
BaizeSec/bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
MrWQ/vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
mm0r1/exploits
Pwn stuff.
WangYihang/Platypus
:hammer: A modern multiple reverse shell sessions manager written in go
lcvvvv/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
c0ny1/java-memshell-scanner
通过jsp脚本扫描java web Filter/Servlet型内存马
emo-crab/observer_ward
侦查守卫(observer_ward)Web应用和服务指纹识别工具
Threekiii/Awesome-POC
一个漏洞POC知识库 目前数量 1000+
s0md3v/Arjun
HTTP parameter discovery suite.