chaserw

chaserw's Stars

• Hel10-Web/Databasetools

  一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接

  Language:Go70985

• XinRoom/go-portScan

  High-performance port scanner. 高性能端口扫描器. syn scanner

  Language:Go27138

• Threekiii/Awesome-Redteam

  一个攻防知识仓库 Red Teaming and Offensive Security

  Language:Python3.5k614

• microsoft/vscode

  Visual Studio Code

  Language:TypeScript162k28.5k

• antoinet/burp-decompressor

  An extension for BurpSuite used to access and modify compressed HTTP payloads without changing the content-encoding.

  Language:Java810

• AlphabugX/Alphalog

  DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red)，Alphalog与传统DNSLog不同，更快、更安全。

  Language:Go41150

• safe6Sec/Fastjson

  Fastjson姿势技巧集合

  1.6k336

• A-D-Team/attackRmi

  21522

• rebeyond/Behinder

  “冰蝎”动态二进制加密网站管理客户端

  5.7k960

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.7k1.3k

• welk1n/JNDI-Injection-Exploit

  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

  Language:Java2.5k720

• hluwa/frida-dexdump

  A frida tool to dump dex in memory to support security engineers analyzing malware.

  Language:Python3.9k883

• xiaoy-sec/Pentest_Note

  渗透测试常规操作记录

  3.6k918

• sqlmapproject/sqlmap

  Automatic SQL injection and database takeover tool

  Language:Python31.8k5.7k

• maurosoria/dirsearch

  Web path scanner

  Language:Python11.8k2.3k

• stevenjoezhang/live2d-widget

  把萌萌哒的看板娘抱回家 (ノ≧∇≦)ノ | Live2D widget for web platform

  Language:JavaScript8.6k2.4k

• zhzyker/exphub

  Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

  Language:Python4.1k1.1k

• feihong-cs/ShiroExploit-Deprecated

  Shiro550/Shiro721 一键化利用工具，支持多种回显方式

  Language:Java1.9k302

• fofapro/vulfocus

  🚀Vulfocus 是一个漏洞集成平台，将漏洞环境 docker 镜像，放入即可使用，开箱即用。

  Language:Vue3.1k497

• Mr-xn/Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  Language:HTML6.5k1.9k

• chaitin/xray

  一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

  Language:Vue10.2k1.8k

• vulhub/vulhub

  Pre-Built Vulnerable Environments Based on Docker-Compose

  Language:Dockerfile17.3k4.4k

• psf/requests

  A simple, yet elegant, HTTP library.

  Language:Python51.9k9.3k

• knownsec/pocsuite3

  pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

  Language:Python3.6k776

• Hack-with-Github/Awesome-Hacking

  A collection of various awesome lists for hackers, pentesters and security researchers

  82k8.8k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP56.6k23.7k

• SecWiki/sec-chart

  安全思维导图集合

  6.1k2.3k

• Micropoor/Micro8

  Gitbook

  18k6.8k

• lijiejie/subDomainsBrute

  A fast sub domain brute tool for pentesters

  Language:Python3.4k1k

• Lucifer1993/struts-scan

  Python2编写的struts2漏洞全版本检测和利用工具

  Language:Python1.4k509