briefcasehi

briefcasehi's Stars

• neex/phuip-fpizdam

  Exploit for CVE-2019-11043

  Language:Go1.8k249

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python61.6k14.7k

• projectzeroindia/CVE-2019-19781

  Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]

  Language:Shell371115

• DragonGrowlTeam/Address

  21037

• zhzyker/exphub

  Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

  Language:Python4.1k1.1k

• threedr3am/learnjavabug

  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

  Language:Java2.6k495

• jas502n/CVE-2019-19781

  Citrix ADC Remote Code Execution

  Language:Python8424

• daviddias/node-dirbuster

  Language:JavaScript179140

• rootphantomer/Blasting_dictionary

  爆破字典

  Language:Python5k2.9k

• xtiankisutsa/MARA_Framework

  MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.

  Language:Python630175

• LandGrey/ClassHound

  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码

  Language:Python69694

• sullo/nikto

  Nikto web server scanner

  Language:Perl8.7k1.3k

• ndelphit/apkurlgrep

  Extract endpoints from APK files

  Language:Go773107

• smicallef/spiderfoot

  SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

  Language:Python13.2k2.3k

• codingo/Interlace

  Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

  Language:Python1.2k179

• rastating/dnmasscan

  A script that can resolve an input file of domains and scan them with masscan

  Language:Shell15542

• blark/aiodnsbrute

  Python 3.5+ DNS asynchronous brute force utility

  Language:Python645113

• Cillian-Collins/subscraper

  Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomains to enumerate a list of subdomains for a given URL.

  Language:Python22146

• nsonaniya2010/SubDomainizer

  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

  Language:Python1.7k234

• pwn2winctf/challenges-2020

  Pwn2Win 2020 Challenges

  Language:Verilog5413

• SpiderLabs/HostHunter

  HostHunter a recon tool for discovering hostnames using OSINT techniques.

  Language:Python1.1k182

• mpgn/Spring-Boot-Actuator-Exploit

  Spring Boot Actuator (jolokia) XXE/RCE

  Language:Java31762

• threedr3am/JSP-WebShells

  Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

  Language:Java1.4k326

• mbechler/marshalsec

  Language:Java3.4k680

• TideSec/Decrypt_Weblogic_Password

  搜集了市面上绝大部分weblogic解密方式，整理了7种解密weblogic的方法及响应工具。

  Language:Java800176

• payloadbox/rfi-lfi-payload-list

  🎯 RFI/LFI Payload List

  540185

• mIcHyAmRaNe/okadminfinder

  [ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

  Language:Python578129

• allpaca/chrome-sbx-db

  A Collection of Chrome Sandbox Escape POCs/Exploits for learning

  801133

• teixeira0xfffff/Cybercrime-Forums

  Cybercrime forums for Cyber Threat Intelligence purpose

  7322

• codingo/DNSCewl

  A DNS Bruteforcing Wordlist Generator

  Language:C++35053