Und3r1ine's Stars
composer/composer
Dependency Manager for PHP
pallets/flask
The Python micro framework for building web applications.
iceyhexman/flask_memory_shell
Flask 内存马
0dayCTF/reverse-shell-generator
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
xuanhusec/OscpStudyGroup
Oscp study group
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
MrWQ/vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
securego/gosec
Go security checker
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
waderwu/javaDeserializeLabs
javaDeserializeLabs
yhy0/github-cve-monitor
实时监控github上新增的cve、自定义关键字、安全工具更新、大佬仓库监控,并多渠道推送通知
wpscanteam/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
cider-security-research/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
XTLS/Xray-core
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
explosion/spaCy
💫 Industrial-strength Natural Language Processing (NLP) in Python
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
GerbenJavado/LinkFinder
A python script that finds endpoints in JavaScript files
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
s0md3v/Arjun
HTTP parameter discovery suite.
mm0r1/exploits
Pwn stuff.
GitHubDaily/GitHubDaily
坚持分享 GitHub 上高质量、有趣实用的开源技术教程、开发者工具、编程网站、技术资讯。A list cool, interesting projects of GitHub.
ohmyzsh/ohmyzsh
🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python, etc), 140+ themes to spice up your morning, and an auto-update tool that makes it easy to keep up with the latest updates from the community.
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
iswbm/magic-python
Python 黑魔法手册