No4l's Stars
pmiaowu/BurpReflectiveXssMiao
一款基于burp的反射xss检测插件
KrystianLi/ExchangeOWA
一款OutLook信息收集工具
webraybtl/CodeQLpy
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
josenk/vagrant-vmware-esxi
A Vagrant plugin that adds a vmware ESXi provider support.
No4l/W2Shell
记录获取WebSehll的方法
No4l/Burp4SSRF
burp extension for SSRF
depycode/burpsuite_hack
一款代理扫描器
0xPugal/fuzz4bounty
1337 Wordlists for Bug Bounty Hunting
hookmaster/frida-all-in-one
《FRIDA操作手册》by @hluwa @r0ysue
0x727/Space_view
Space_view 是一款Hunter(鹰图平台)或者FOFA平台 资产展示的浏览器油猴插件
Ggasdfg321/SmallProxyPool
一个免费高质量的小代理池,解决一些站点有WAF的情况下,进行目录扫描或者字典爆破
TheKingOfDuck/SBCVE
不定期记录一下浪费了时间去关注过的垃圾CVE漏洞。
ffuf/ffuf
Fast web fuzzer written in Go
RowTeam/SharpExchangeKing
Exchange 服务器安全性的辅助测试工具
dbader/schedule
Python job scheduling for humans.
HummerRisk/HummerRisk
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
Tsojan/TsojanScan
An integrated BurpSuite vulnerability detection plug-in.
4ra1n/shell-analyzer
已集成到 jar-analyzer 中 https://github.com/jar-analyzer/jar-analyzer
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Brum3ns/firefly
Black box fuzzer for web applications
huashengdun/webssh
:seedling: Web based ssh client
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
NewBee119/threat-intelligence
收集的一些国外能提供提供威胁情报的公司,涵盖网络安全、工控安全、终端安全、移动安全等领域
corener/JavaPassDump
JavaPassDump
Esonhugh/sshd_backdoor
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
YaS5in3/Bug-Bounty-Wordlists
yaklang/yakit
Cyber Security ALL-IN-ONE Platform
itwanger/toBeBetterJavaer
一份通俗易懂、风趣幽默的Java学习指南,内容涵盖Java基础、Java并发编程、Java虚拟机、Java企业级开发、Java面试等核心知识点。学Java,就认准二哥的Java进阶之路😄
CodeIntelligenceTesting/jazzer
Coverage-guided, in-process fuzzing for the JVM