Pinned Repositories
0xsp-Mongoose
Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
3102
A domain/ip fuzzing tool for vulnerability mining
404StarLink2.0-Galaxy
404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目
abuse-ssl-bypass-waf
Bypassing WAF by abusing SSL/TLS Ciphers
acme.sh
A pure Unix shell script implementing ACME client protocol
Decryption-Tools
Decryption-Tools
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
upload_fuzz
上传payload太多,使用脚本批量跑
code4security's Repositories
code4security/anyproxy
A fully configurable http/https proxy in NodeJS
code4security/appmon
Documentation:
code4security/Arjun
HTTP parameter discovery suite.
code4security/BrowserGhost
这是一个抓取浏览器密码的工具,后续会添加更多功能
code4security/build
TeaWeb-可视化的Web代理服务。DEMO: http://teaos.cn:7777
code4security/clair
Vulnerability Static Analysis for Containers
code4security/ClashEditor
:triangular_ruler: An editor for writing Clash config
code4security/CSharpTools
Collection of useful CSharp Tools for assessments.
code4security/CTF_Hacker-Tools
CTF-渗透测试~工具合集
code4security/dex2jar
Tools to work with android .dex and java .class files
code4security/DroidPlugin
A plugin framework on android,Run any third-party apk without installation, modification or repackage
code4security/fingerprintjs2
Modern & flexible browser fingerprinting library
code4security/HookTestDemo
小肩膀安卓逆向frida专题demo
code4security/LuWu
红队基础设施自动化部署工具
code4security/Mars
Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等
code4security/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
code4security/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
code4security/neofetch
🖼️ A command-line system information tool written in bash 3.2+
code4security/okhttp
Square’s meticulous HTTP client for Java and Kotlin.
code4security/onfido-android-sdk
Onfido's identity verification SDK for Android devices - Note: we are improving our documentation. Please visit https://developers.onfido.com/guide/android-sdk-reference to see the new version of the SDK documentation.
code4security/owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
code4security/param-miner
code4security/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
code4security/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
code4security/study_frida
frida视频教程
code4security/TPscan
一键ThinkPHP漏洞检测
code4security/uTools-Manuals
uTools插件,内置了十多个实用的离线中文手册,包括:Linux、PHP、Python、JS等,以及提供了搜索devdocs、dash/zeal上的文档的功能
code4security/wsltools
Web Scan Lazy Tools - Python Package
code4security/XposedFridaBridge
A frida script implement XposedBridge & load xposed modules, without installing xposed framwork.
code4security/XSStrike
Most advanced XSS scanner.