Pinned Repositories
--Java
代码审计知识点整理-Java
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
a2sv
Auto Scanning to SSL Vulnerability
advisories
ail-framework
AIL framework - Analysis Information Leak framework
alog
王争哥数据结构与算法之美
antSword
中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
AppInfoScanner
一款适用于(Android、iOS、WEB、H5、静态网站),信息检索的工具,可以帮助渗透测试人员快速获取App或者WEB中的有用资产信息。
a1124510616's Repositories
a1124510616/Bifrost
Bifrost ---- 面向生产环境的 MySQL 同步到Redis,MongoDB,ClickHouse,MySQL等服务的异构中间件
a1124510616/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
a1124510616/BurpLog4j2Scan
Burpsuite extension for log4j2rce
a1124510616/cnvd_fofa_gather
通过公司名称,在fofa上搜索可能存在通用产品的公司;如果想挖掘cnvd证书,可导出注册资金大于5000w的公司到这个脚本中进行通用系统收集。
a1124510616/CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
a1124510616/cyanide
a1124510616/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
a1124510616/Erebus
CobaltStrike后渗透测试插件
a1124510616/exploits
'>"><img src=x onerror=alert(1) /><b>asd</b>
a1124510616/FastGithub
github加速神器,解决github打不开、用户头像无法加载、releases无法上传下载、git-clone、git-pull、git-push失败等问题
a1124510616/FireDog
🔥开源跨平台轻量级病毒特征检测引擎。Open source cross-platform lightweight virus signature detection engine.
a1124510616/FireKylin
🔥火麒麟-网络安全应急响应工具(系统痕迹采集)Cybersecurity emergency response tool.
a1124510616/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
a1124510616/Godzilla
哥斯拉
a1124510616/GSIL
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
a1124510616/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
a1124510616/JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
a1124510616/maltrail
Malicious traffic detection system
a1124510616/My-Summarizing
我自己的一些总结
a1124510616/Pentest-Tools
a1124510616/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
a1124510616/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
a1124510616/uBlock
uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
a1124510616/volatility
An advanced memory forensics framework
a1124510616/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
a1124510616/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
a1124510616/w13scan
Passive Security Scanner (被动式安全扫描器)
a1124510616/xray-rad
xray+rad实现批量自动化扫描
a1124510616/yolov5
YOLOv5 🚀 in PyTorch > ONNX > CoreML > TFLite
a1124510616/ZoomEye-python
ZoomEye-python: The official Python library and CLI by Knownsec 404 Team.