Pinned Repositories
awvs-cli
awvs-cli
bucket-takeover-lab
子域名接管的几种变体靶场
Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
go-wafw00f
使用golang重写的开源工具wafw00f,添加了多协程、从标准输入中读取url等新功能
hackflow
http-request-splitting-lab
HTTP请求拆分靶场
http2gopher
一个用来将http请求报文转换成gopher请求报文的工具
js-api-proxy
一个用来辅助反混淆js代码的bp插件
php-lab
基于docker搭建的一套环境,方便测试同一套PHP代码在不同PHP版本下运行的不一致性
vim-swp-exp
vim swp文件泄漏利用工具
ShangRui-hash's Repositories
ShangRui-hash/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
ShangRui-hash/Smap
replica of nmap that uses shodan's free API for scanning
ShangRui-hash/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
ShangRui-hash/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
ShangRui-hash/crawlergo
A powerful browser crawler for web vulnerability scanners
ShangRui-hash/CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
ShangRui-hash/DHLYK
大灰狼远控木马 V9.5 源码
ShangRui-hash/DictGenerate
使用Go语言编写的社工字典生成器(The social engineering dictionary generator written by Go)
ShangRui-hash/dingtalk-RCE
ShangRui-hash/go-mitmproxy
mitmproxy implemented with golang. 用 Golang 实现的中间人攻击(Man-in-the-middle),解析、监测、篡改 HTTP/HTTPS 流量。
ShangRui-hash/go-sec-code
Go相关的安全研究
ShangRui-hash/gshark
Scan for sensitive information easily and effectively.
ShangRui-hash/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
ShangRui-hash/HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
ShangRui-hash/JavaSecInterview
打造最强的Java安全研究与安全开发面试题库,包含问题和详细的答案,帮助师傅们找到满意的工作
ShangRui-hash/notifier
The tool is used to read standard input line by line and send it to enterprise wechat
ShangRui-hash/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
ShangRui-hash/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
ShangRui-hash/ParamSpider
Mining parameters from dark corners of Web Archives
ShangRui-hash/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ShangRui-hash/PentestDB
各种数据库的利用姿势
ShangRui-hash/phpfuncs
PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. You can use PHP like functions in your app, module etc. when you add this module to your project.
ShangRui-hash/retryabledns
Retryable DNS client in Go
ShangRui-hash/send2burp
A tool to send url to burp scanner
ShangRui-hash/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
ShangRui-hash/vscode-maudit
Simple source code security audit helper
ShangRui-hash/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ShangRui-hash/wappalyzergo
A high performance go implementation of Wappalyzer Technology Detection Library
ShangRui-hash/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
ShangRui-hash/yu
yu一款整理ip c段信息的脚本