chaserw

chaserw's Stars

• microsoft/vscode

  Visual Studio Code

  Language:TypeScript169k3.3k192k31.2k

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  90.4k3.9k09.2k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP61.6k1.9k27824.2k

• psf/requests

  A simple, yet elegant, HTTP library.

  Language:Python52.6k1.3k4k9.4k

• sqlmapproject/sqlmap

  Automatic SQL injection and database takeover tool

  Language:Python33.7k1.1k5.3k5.8k

• vulhub/vulhub

  Pre-Built Vulnerable Environments Based on Docker-Compose

  Language:Dockerfile18.5k5601904.6k

• Micropoor/Micro8

  Gitbook

  18.1k967466.8k

• maurosoria/dirsearch

  Web path scanner

  Language:Python12.7k3085622.4k

• chaitin/xray

  一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

  Language:Vue10.7k2064761.8k

• stevenjoezhang/live2d-widget

  把萌萌哒的看板娘抱回家 (ノ≧∇≦)ノ | Live2D widget for web platform

  Language:JavaScript9.4k871322.5k

• Mr-xn/Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  Language:HTML6.8k25582k

• SecWiki/sec-chart

  安全思维导图集合

  6.3k33532.3k

• rebeyond/Behinder

  “冰蝎”动态二进制加密网站管理客户端

  5.9k133306975

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.9k9981.3k

• zhzyker/exphub

  Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

  Language:Python4.2k14861.1k

• hluwa/frida-dexdump

  A frida tool to dump dex in memory to support security engineers analyzing malware.

  Language:Python4.2k6660915

• xiaoy-sec/Pentest_Note

  渗透测试常规操作记录

  3.8k793945

• Threekiii/Awesome-Redteam

  一个攻防知识仓库 Red Teaming and Offensive Security

  Language:Python3.8k592673

• knownsec/pocsuite3

  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

  Language:Python3.7k98232783

• lijiejie/subDomainsBrute

  A fast sub domain brute tool for pentesters

  Language:Python3.5k115631k

• fofapro/vulfocus

  🚀Vulfocus 是一个漏洞集成平台，将漏洞环境 docker 镜像，放入即可使用，开箱即用。

  Language:Vue3.3k52201515

• welk1n/JNDI-Injection-Exploit

  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

  Language:Java2.7k277730

• feihong-cs/ShiroExploit-Deprecated

  Shiro550/Shiro721 一键化利用工具，支持多种回显方式

  Language:Java1.9k2252300

• safe6Sec/Fastjson

  Fastjson姿势技巧集合

  1.7k185345

• Lucifer1993/struts-scan

  Python2编写的struts2漏洞全版本检测和利用工具

  Language:Python1.4k5917507

• Hel10-Web/Databasetools

  一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接

  Language:Go78581492

• AlphabugX/Alphalog

  DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。

  Language:Go4297553

• XinRoom/go-portScan

  High-performance port scanner. 高性能端口扫描器. syn scanner

  Language:Go29882744

• A-D-Team/attackRmi

  2194022

• antoinet/burp-decompressor

  An extension for BurpSuite used to access and modify compressed HTTP payloads without changing the content-encoding.

  Language:Java82310