Pinned Repositories
--Java
代码审计知识点整理-Java
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
a2sv
Auto Scanning to SSL Vulnerability
advisories
ail-framework
AIL framework - Analysis Information Leak framework
alog
王争哥数据结构与算法之美
antSword
中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
AppInfoScanner
一款适用于(Android、iOS、WEB、H5、静态网站),信息检索的工具,可以帮助渗透测试人员快速获取App或者WEB中的有用资产信息。
a1124510616's Repositories
a1124510616/pwntools
CTF framework and exploit development library
a1124510616/arachni
Web Application Security Scanner Framework
a1124510616/Kunyu
Kunyu, more efficient corporate asset collection
a1124510616/weblogic-infodetector
woodpecker框架weblogic信息探测插件
a1124510616/CTFd
CTFs as you need them
a1124510616/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
a1124510616/WinRpcTest
利用RPC服务,批量探测内网Windows出网情况
a1124510616/Java-Shellcode-Loader
基于Java实现的Shellcode加载器
a1124510616/dompdf-rce
RCE exploit for dompdf
a1124510616/Some-PoC-oR-ExP
各种漏洞poc、Exp的收集或编写
a1124510616/faraday
Collaborative Penetration Test and Vulnerability Management Platform
a1124510616/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
a1124510616/Elkeid
Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
a1124510616/bayonet
bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
a1124510616/awd-platform
platform for awd
a1124510616/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
a1124510616/AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
a1124510616/checkov
Prevent cloud misconfigurations during build-time for Terraform, CloudFormation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
a1124510616/ail-framework
AIL framework - Analysis Information Leak framework
a1124510616/tfsec
Security scanner for your Terraform code
a1124510616/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
a1124510616/traitor
:arrow_up: :skull_and_crossbones: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
a1124510616/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
a1124510616/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
a1124510616/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
a1124510616/muraena
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
a1124510616/linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
a1124510616/trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
a1124510616/ciscoconfparse
Parse, Audit, Query, Build, and Modify Cisco IOS-style configurations.
a1124510616/can-ctr-escape-cve-2022-0492
Test whether a container environment is vulnerable to container escapes via CVE-2022-0492