RingFall's Stars
ossu/computer-science
🎓 Path to a free self-taught education in Computer Science!
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
alex/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
clearw5/Auto.js
Automation&Workflow JavaScript IDE on Android(安卓平台上的JavaScript编程IDE)
owasp-amass/amass
In-depth attack surface mapping and asset discovery
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
hslatman/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
angr/angr
A powerful and user-friendly binary analysis platform!
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
michenriksen/aquatone
A Tool for Domain Flyovers
microsoft/Detours
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
pry0cc/axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
reddelexc/hackerone-reports
Top disclosed reports from HackerOne
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
blechschmidt/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
grayddq/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
r4j0x00/exploits
r0eXpeR/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
shack2/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
erocarrera/pefile
pefile is a Python module to read and work with PE (Portable Executable) files
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
PortSwigger/param-miner
shack2/SuperSQLInjectionV1
超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库;支持手动灵活的进行SQL注入绕过,可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。
jmk-foofus/medusa
Medusa is a speedy, parallel, and modular, login brute-forcer.
jasonjfrank/gnmap-parser
Bash script to parse multiple Nmap (.gnmap) exports into various plain-text formats for easy analysis.