Q1ngShan

Q1ngShan's Stars

• clash-verge-rev/clash-verge-rev

  Continuation of Clash Verge - A Clash Meta GUI based on Tauri (Windows, MacOS, Linux)

  Language:TypeScript43.9k1472.2k3.4k

• sensepost/gowitness

  🔍 gowitness - a golang, web screenshot utility using Chrome Headless

  Language:Go3.4k49185365

• r0oth3x49/ghauri

  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

  Language:Python3.2k38175327

• vvmdx/Sec-Interview-4-2023

  一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~

  2.5k356318

• teamssix/awesome-cloud-security

  awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

  1.8k270223

• pen4uin/java-memshell-generator

  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

  Language:Java1.7k2132198

• emo-crab/observer_ward

  侦查守卫(observer_ward)Web应用和服务指纹识别工具

  Language:Rust1.3k2389137

• selinuxG/Golin

  弱口令检测、 漏洞扫描、端口扫描（协议识别，组件识别）、web目录扫描、等保模拟定级、自动化运维、等保工具（网络安全等级保护现场测评工具）内置3级等保核查命令、基线核查工具、键盘记录器

  Language:Go1.3k1737208

• SexyBeast233/SecDictionary

  实战沉淀字典

  1.2k191162

• Meckazin/ChromeKatz

  Dump cookies and credentials directly from Chrome/Edge process memory

  Language:C++1.1k1317108

• wafinfo/DecryptTools

  DecryptTools-综合解密

  1.1k1019114

• SychicBoy/NETReactorSlayer

  An open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor

  Language:C#9815354230

• Autumn-27/ScopeSentry

  ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点

  Language:Python89415137137

• lemonlove7/EHole_magic

  EHole(棱洞)魔改。可对路径进行指纹识别；支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破

  Language:Go822102951

• qiwentaidi/Slack

  安全服务集成化工具平台，希望能帮助你少开几个应用测试

  Language:Go56473670

• chainreactors/spray

  Next Generation HTTP Dir/File Fuzz Artifact

  Language:Go53986642

• Li4n0/revsuit

  RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

  Language:Go525102064

• Whoopsunix/JavaRce

  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式

  Language:Java4786154

• ambionics/cnext-exploits

  Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

  Language:Python4268653

• Symph0nia/CyberEdge

  互联网资产综合扫描/攻击面测绘

  Language:Go3885339

• X1r0z/JNDIMap

  JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK

  Language:Java3535626

• Ridter/atexec-pro

  Fileless atexec, no more need for port 445

  Language:Python3475343

• jar-analyzer/jar-obfuscator

  Jar Obfuscator - 一个 JAR/CLASS 字节码混淆工具，支持包名/类名/方法名/字段名/参数名引用分析和重命名混淆方式，支持字符串加密/整型异或混淆/垃圾代码花指令混淆/等方式，支持方法和字段的隐藏，支持 NATIVE 层的 JVMTI 代码加密，配置简单，文档教程齐全，容易上手

  Language:Java33912435

• laluka/jolokia-exploitation-toolkit

  jolokia-exploitation-toolkit

  Language:Python2855030

• decoder-it/ADCSCoercePotato

  Language:C++2173130

• LxxxSec/CTF-Java-Gadget

  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段

  Language:Java2105012

• R0A1NG/Botgate_bypass

  绕过瑞数waf的动态验证机制，实现请求包重放，理论支持不同网站环境使用，如网页、小程序、APP等。

  Language:Python2021631

• r3ggi/electroniz3r

  Take over macOS Electron apps' TCC permissions

  Language:Swift1963012

• Whoopsunix/PPPYSO

  proof-of-concept for generating Java deserialization payload | Proxy MemShell

  Language:Java1795422

• nccgroup/VulnerableDotNetHTTPRemoting

  Example Vulnerable .NET HTTP Remoting

  Language:C#758023