Shad0w98's Stars
Aabyss-Team/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Potato-py/ipInfoSearch
ip域名反查、权重查询以及ICP备案查询。便于提交SRC时资产过滤。
york-cmd/CharVulFlow
满足公益漏洞大批量提交需要,减少人工时间成本,支持【补天 | 雷神 | 360众包】
expzhizhuo/cnvd_general_assets
配合爱企查和fofa实现注册资本大于5000w公司的公网通用资产查询搜索,方便证书挖掘
ttttmr/Wechat2RSS
微信公众号转RSS
DIYgod/RSSHub
🧡 Everything is RSSible
rememberber/WePush
专注批量推送的小而美的工具,目前支持:模板消息-公众号、模板消息-小程序、微信客服消息、微信企业号/企业微信消息、阿里云短信、阿里大于模板短信 、腾讯云短信、云片网短信、E-Mail、HTTP请求、钉钉、华为云短信、百度云短信、又拍云短信、七牛云短信
haozi/xss-demo
👮🏻♂️ XSS attack playground,there are answers in issues. XSS 攻防靶场,issues 有答案
lokerxx/JavaVul
JAVA 安全靶场,IAST 测试用例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability Reproduction, Code Auditing, SAST Test Cases, Security Scanning (Active and Passive), Java Vulnerability Testbed, RASP Test Cases
huge-dream/django-vue3-admin
Django-Vue3-Admin is a comprehensive basic development platform based on the RBAC (Role-Based Access Control) model for permission control, with column-level granularity. It follows a frontend-backend separation architecture, with
canc3s/cDomain
利用天眼查查询企业备案
wongzeon/ICP-Checker
ICP备案查询,可查询企业或域名的ICP备案信息,自动完成滑动验证,保存结果到Excel表格,适用于新版的工信部备案管理系统网站,告别频繁拖动验证,以及某站*工具要开通VIP才可查看备案信息的坑
zhengjim/Chinese-Security-RSS
网络安全、信息安全资讯的RSS订阅,网络安全、信息安全博客的RSS订阅,网络安全、信息安全公众号的RSS订阅
1n7erface/PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
sma11new/ip2domain
批量查询ip对应域名及百度权重、备案信息;ip反查域名;ip查备案信息;资产归属查询;百度权重查询
SecWiki/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
ReFirmLabs/binwalk
Firmware Analysis Tool
frida/frida
Clone this repo to build Frida
easysoft/zentaopms
Zentao is an agile(scrum) project management system/tool, Free Upgrade Forever!
TideSec/TscanPlus
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Vu1nT0tal/IoT-vulhub
IoT固件漏洞复现环境
zxwk1998/vue-admin-arco
🎉 vite+typescript+arco.design中后台前端框架,vue3 admin前端框架
alibaba/fastjson
FASTJSON 2.0.x has been released, faster and more secure, recommend you upgrade.
w5teams/w5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
czz1233/GBByPass
冰蝎 哥斯拉 WebShell bypass
BeichenDream/Godzilla
哥斯拉
AntSwordProject/antSword
**蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
Y4er/ysoserial
ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。