Pinned Repositories
30-Days-Of-JavaScript
30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace.
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
AI-Sec-Paper-Sharing
该资源为作者AI安全相关论文的分享知识,包括PPT和PDF版本及原文,希望对您有所帮助。加油~
akto
Instant, Open source API security → API discovery, automated business logic testing and runtime detection.
Crescendo
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
gadgetinspector
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Information_Security_Books
150本信息安全方面的书籍书籍(持续更新)
Noriben
Noriben - Portable, Simple, Malware Analysis Sandbox
TrueTree
A command line tool for pstree-like output on macOS with additional pid capturing capabilities
asnblock's Repositories
asnblock/30-Days-Of-JavaScript
30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace.
asnblock/akto
Instant, Open source API security → API discovery, automated business logic testing and runtime detection.
asnblock/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
asnblock/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
asnblock/Artemis
A modular web reconnaissance tool and vulnerability scanner.
asnblock/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
asnblock/aws-customer-security-incidents
A repository of breaches of AWS customers
asnblock/BugBountyBooks
A collection of PDF/books about the modern web application security and bug bounty.
asnblock/cookiecrumbles
Cookie Crumbles: Breaking and Fixing Web Session Integrity
asnblock/cupp
Common User Passwords Profiler (CUPP) 密码生成器
asnblock/cybersecurity-career-path
Cybersecurity Career Path
asnblock/dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
asnblock/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
asnblock/FingerprintHub
侦查守卫(ObserverWard)的指纹库
asnblock/gophish
Open-Source Phishing Toolkit
asnblock/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
asnblock/HAC_Bored_Writing
各种漏洞批量扫描poc、exp,涵盖未授权、RCE、文件上传、sql注入、信息泄露等
asnblock/hfuzz
Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
asnblock/iOS-Internals-and-Security-Testing
iOS is Apple's proprietary operating system that runs on the iPhone, iPod Touch and iPad. A lot of components are specific to iOS. Here are key features of the iOS hardware and software security architecture and guide how to test your applications.
asnblock/IPAPatch
Patch iOS Apps, The Easy Way, Without Jailbreak.
asnblock/OneForAll
OneForAll是一款功能强大的子域收集工具
asnblock/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
asnblock/PetitPotato
Local privilege escalation via PetitPotam (perfectly on Windows 21H2 10.0.20348.1547)
asnblock/recog
Pattern recognition for hosts, services, and content
asnblock/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
asnblock/scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。 原理:https://mp.weixin.qq.com/s/U_llBwC05vb84U9wb8NZog
asnblock/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
asnblock/tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
asnblock/tests-library
Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities
asnblock/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose