b08of1sh

b08of1sh's Stars

• birdhan/SecurityProduct

  开源安全产品源码，IDS、IPS、WAF、蜜罐等

  910161

• Reanon/SEUThesisLatexTemplate

  东南大学 硕士毕业论文 Latex 模版 网络空间安全学院

  Language:TeX13624

• TianNaYa/ProxyDll

  beta

  Language:C10521

• sahlberg/libnfs

  NFS client library

  Language:C511200

• izj007/wechat

  微信收藏的文章

  618132

• cloud-native-security-news/cloud-native-security-news

  Cloud Native Security News

  543

• Metarget/cloud-native-security-book

  《云原生安全：攻防实践与体系构建》资料仓库

  Language:Go719126

• cqr-cryeye-forks/goby-pocs

  List of pocs for goby

  Language:Go8832

• Jarcis-cy/Google-Hacking-Crawler

  输入Google Hacking语句，自动调用Chrome浏览器爬取结果

  Language:Python51

• AQF0R/FUCK_AWD_TOOLS

  AWD

  Language:PHP23

• leohearts/awd-watchbird

  A powerful PHP WAF for AWD

  Language:PHP64093

• DasSecurity-HatLab/AoiAWD

  AoiAWD-专为比赛设计，便携性好，低权限运行的EDR系统。

  Language:PHP953172

• 0verSp4ce/PoCBox

  PoCBox - Vulnerability Test Aid Platform

  Language:JavaScript950172

• sule01u/SBSCAN

  SBSCAN是一款专注于spring框架的渗透测试工具，可以对指定站点进行springboot未授权扫描/敏感信息扫描以及进行spring框架漏洞扫描与验证的综合利用工具。 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]

  Language:Python45947

• xsshim/SecurityInterviewGuide

  网络信息安全从业者面试指南（持续补充各公司招聘面试题目和侧重点）

  3

• kekingcn/kkFileView

  Universal File Online Preview Project based on Spring-Boot

  Language:Java10.5k2.7k

• AabyssZG/SpringBoot-Scan

  针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

  Language:Python1.5k142

• Getshell/Mshell

  Memshell-攻防内存马研究

  Language:Java61085

• DataDog/stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  Language:Go1.8k201

• we1h0/redteam-tips

  关于红队方面的学习资料

  1.2k181

• we1h0/Cloud-Bucket-Leak-Detection-Tools

  六大云存储，泄露利用检测工具

  2

• piaolin/DetectDee

  DetectDee: Hunt down social media accounts by username, email or phone across social networks.

  Language:Go1.2k123

• fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp

  警惕 一种针对红队的新型溯源手段!

  39184

• frohoff/ysoserial

  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

  Language:Java7.7k1.7k

• Potato-py/shiroTool

  内置100多个key，爆破解密rememberMe加密字段内容，对解密内容进行反序列化，展示反序列化后字节流。 根据序列化协议，逐字节读取解析，进行对象结构化展示，ysoserial CommonsBeanutils CommonsCollections等payload都能识别。 对涉及class文件的，再进行class反编译出java代码。

  6

• Bywalks/DarkAngel

  DarkAngel 是一款全自动白帽漏洞扫描器，从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。

  Language:Ruby59274

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.7k1.3k

• cdk-team/CDK

  📦 Make security testing of K8s, Docker, and Containerd easier.

  Language:Go3.9k537

• projectdiscovery/nuclei-templates

  Community curated list of templates for the nuclei engine to find security vulnerabilities.

  Language:JavaScript9k2.6k

• gchq/CyberChef

  The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

  Language:JavaScript28.5k3.2k