Pinned Repositories
AES-Killer
Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
antSword
AntSword is a cross-platform website management toolkit.
APPPrivacyDetect
响应工信部通报的应用隐私检测——Frida检测APP违规收集信息
AVIator
Antivirus evasion project
Burpsuite-Plugins-Usage
Burpsuite-Plugins-Usage
bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
caterpillar_mail
用于便捷地收发解析邮件的python的高层封装
chunked-coding-converter
Burp suite 分块传输辅助插件
commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution.
bingyong's Repositories
bingyong/antSword
AntSword is a cross-platform website management toolkit.
bingyong/AVIator
Antivirus evasion project
bingyong/Burpsuite-Plugins-Usage
Burpsuite-Plugins-Usage
bingyong/chunked-coding-converter
Burp suite 分块传输辅助插件
bingyong/commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution.
bingyong/Demos
各种开发的工具,demo等
bingyong/doubi
一个逗比写的各种逗比脚本~
bingyong/fastjson-1.2.47-RCE
Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法
bingyong/fuxploider
File upload vulnerability scanner and exploitation tool.
bingyong/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
bingyong/FuzzScanner
一个主要用于信息搜集的工具集,主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
bingyong/hack-tools
hack tools
bingyong/internet-security
互联网资安风控实战
bingyong/Invoke-PSImage
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
bingyong/ipwndfu
open-source jailbreaking tool for many iOS devices
bingyong/javaserializetools
Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。
bingyong/ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
bingyong/Papers
Some papers about cyber security
bingyong/php-
php免杀后门
bingyong/redis-rce
Redis 4.x/5.x RCE
bingyong/redis-rogue-server
Redis 4.x/5.x RCE
bingyong/rhizobia_P
PHP安全SDK及编码规范
bingyong/ribsnetwork
bingyong/Safety-Project-Collection
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
bingyong/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
bingyong/vendor-android-cves
Collections of my POCs for android vendor CVEs
bingyong/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
bingyong/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
bingyong/xray
xray 安全评估工具
bingyong/yingji
应急检测脚本