cccZc's Stars
0ang3el/Unsafe-JAX-RS-Burp
Burp Suite extension for JAX-RS
7dog7/bottleneckOsmosis
瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
ffuf/ffuf
Fast web fuzzer written in Go
k8gege/ChatLadon
Ladon渗透机器人,说人话自动GetShell ChatGPT编写Ladon渗透工具插件视频教程
dukedaily/solidity-expert
4年打磨-2022年海外一线大厂-以太坊开发教程(a solidity tutorial makes you a dapp expert)WIP
sting8k/BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
owasp-amass/amass
In-depth attack surface mapping and asset discovery
Aur0ra-m/APIKiller
API Security DAST & Oprations
AmazingAng/WTF-Solidity
WTF Solidity 极简入门教程,供小白们使用。Now supports English! 官网: https://wtf.academy
4x99/code6
码小六 - GitHub 代码泄露监控系统
wallarm/jwt-heartbreaker
The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
slowmist/Knowledge-Base
Knowledge Base 慢雾安全团队知识库
hashcat/hashcat
World's fastest and most advanced password recovery utility
brendan-rius/c-jwt-cracker
JWT brute force cracker written in C
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
ethereum/remix-ide
Documentation for Remix IDE
UzJu/Cloud-Bucket-Leak-Detection-Tools
六大云存储,泄露利用检测工具
payloadbox/ssti-payloads
🎯 Server Side Template Injection Payloads
TEag1e/BurpCollector
通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。
theLSA/burp-unauth-checker
burpsuite extension for check unauthorized vulnerability
kelvinBen/AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
jar-analyzer/jar-analyzer-v1-gui
建议使用新版:https://github.com/jar-analyzer/jar-analyzer
4ra1n/super-xray
Web漏洞扫描工具XRAY的GUI启动器
ExpLangcn/EPScan
被动收集资产并自动进行SQL注入检测(插件化 自动Bypass)、XSS检测、RCE检测、敏感信息检测
jorhelp/Ingram
网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool
F6JO/RouteVulScan
Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
StarCrossPortal/scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.