Saysomethings

Saysomethings's Stars

• DawnFlame/POChouse

  POC&EXP仓库、hvv弹药库、Nday、1day

  Language:Python1k272

• projectdiscovery/naabu

  A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

  Language:Go4.9k563

• blacklanternsecurity/bbot

  The recursive internet scanner for hackers. 🧡

  Language:Python7.4k561

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go12.2k1.9k

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go10.5k1.3k

• f0ng/autoDecoder-usages

  autoDecoder的用法及案例，包含加解密方法、绕waf、替换参数等操作。

  Language:Python22327

• GualaoXiaoLaji/infiltrate-guide

  此工具集成资产探测半自动化，WEB渗透，burp及浏览器插件，社工钓鱼，APP小程序渗透，批量漏洞扫描，漏洞利用，内网渗透，隧道代理，免杀，Windows及linux应急响应，训练靶场环境部署，CVE漏洞1000+POC等工具指引

  16217

• canc3s/cDomain

  利用天眼查查询企业备案

  Language:Go17121

• canc3s/cSubsidiary

  利用天眼查查询企业子公司

  Language:Go32734

• gubeihc/blasting

  Language:Python54547

• KimJun1010/WeblogicTool

  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）

  1.6k108

• shmilylty/netspy

  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

  Language:Go2k213

• baidu/dperf

  dperf is a 100Gbps network load tester.

  Language:C5.1k529

• tomnomnom/unfurl

  Pull out bits of URLs provided on stdin

  Language:Go1.1k124

• tw93/Pake

  🤱🏻 Turn any webpage into a desktop app with Rust. 🤱🏻 利用 Rust 轻松构建轻量级多端桌面应用

  Language:Rust33.8k6k

• niudaii/zpscan

  一个有点好用的信息收集工具。A somewhat useful information gathering tool.

  Language:Go1.1k100

• m3n0sd0n4ld/GooFuzz

  GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

  Language:Shell1.4k140

• komomon/Komo

  🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具，集成了20余款工具，通过多种方式对子域进行获取，收集域名邮箱，进行存活探测，域名指纹识别，域名反查ip，ip端口扫描，web服务链接爬取并发送给xray，对web服务进行POC漏洞扫描，对主机进行主机漏洞扫描。

  Language:Python52156

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.8k1.3k

• ivan-sincek/android-penetration-testing-cheat-sheet

  Work in progress...

  Language:JavaScript37657

• jayus0821/swagger-hack

  自动化爬取并自动测试所有swagger接口

  Language:Python990107

• rtcatc/Packer-Fuzzer

  Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

  Language:Python2.9k298

• zgjx6/SocialEngineeringDictionaryGenerator

  社会工程学密码生成器，是一个利用个人信息生成密码的工具

  Language:HTML1k135

• sry309/PwdBUD

  一款SRC密码生成工具，尝试top字典无果后，可以根据域名、公司名等因素来生成特定的字典

  28460

• t3l3machus/hoaxshell

  A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

  Language:Python3.1k484

• cseroad/Exp-Tools

  一款集成高危漏洞exp的实用性工具

  1.2k80

• xx025/carrot

  Free ChatGPT Site List 这儿为你准备了众多免费好用的ChatGPT镜像站点

  17.1k1.5k

• BloopAI/bloop

  bloop is a fast code search engine written in Rust.

  Language:Rust9.5k571

• github/copilot-docs

  Documentation for GitHub Copilot

  23.3k2.4k

• jixing-lab/blaster

  blaster 是一款弱密码隐患检测工具，用于网站登录弱密码检测。

  21226