Luperson's Stars
sapics/ip-location-db
ip to location database by ASN, GeoFeed, Whois, iptoasn.com, db-ip lite, GeoLite2
nitefood/asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
lithnet/ad-password-protection
Active Directory password filter featuring breached password checking and custom complexity rules
guchangan1/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
UzJu/Cloud-Bucket-Leak-Detection-Tools
六大云存储,泄露利用检测工具
ccc-f/Fdict
一款面向企业的渗透测试字典生成工具。
Xwudao/hunhepan-pc
混合盘PC版本:混合盘PC是一个规则引擎,可以通过编写规则来实现全网资源的聚合搜索,包括但不限于网盘搜索、磁力搜索
mrknow001/API-Explorer
API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)
jayus0821/swagger-hack
自动化爬取并自动测试所有swagger接口
lijiejie/swagger-exp
A Swagger API Exploit
Orange-Cyberdefense/GOAD
game of active directory
ScoopInstaller/Scoop
A command-line installer for Windows.
Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ffffffff0x/gendict
字典生成工具
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
dair-ai/Prompt-Engineering-Guide
🐙 Guides, papers, lecture, notebooks and resources for prompt engineering
ASTTeam/SAST
《深入理解SAST静态应用安全测试》Static Application Security Testing.
Power7089/PenetrationTest-Tips
渗透测试,渗透测试小技巧,渗透测试Tips,师傅们跟我一起维护更新吧~
bytedance/appshark
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
mr-m0nst3r/Burpy
A plugin that allows you execute python and get return to BurpSuite.
jweny/Awesome-Security-Books
一个搬运工项目,分享一点点之前看过的文档/结构图/思维导图/ppt/电子书
cipher387/API-s-for-OSINT
List of API's for gathering information about phone numbers, addresses, domains etc
foxleezh/apkToJava
反编译工具,可以轻松将apk反编译为smali和Java,并进行动态调试
ASTTeam/CodeQL
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
cn-panda/JavaCodeAudit
Getting started with java code auditing 代码审计入门的小项目
j3ers3/Hello-Java-Sec
☕️ Java Security,安全编码和代码审计
wireghoul/graudit
grep rough audit - source code auditing tool
Endava/cats
CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.
pppscn/SmsForwarder
短信转发器——监控Android手机短信、来电、APP通知,并根据指定规则转发到其他手机:钉钉群自定义机器人、钉钉企业内机器人、企业微信群机器人、飞书机器人、企业微信应用消息、邮箱、bark、webhook、Telegram机器人、Server酱、PushPlus、手机短信等。包括主动控制服务端与客户端,让你轻松远程发短信、查短信、查通话、查话簿、查电量等。(V3.0 新增)PS.这个APK主要是学习与自用,如有BUG请提ISSUE,同时欢迎大家提PR指正
shieldfy/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API