craCk30's Stars
4dogs-cn/TXPortMap
Port Scanner & Banner Identify From TianXiang
hackerscrolls/SecurityTips
salesforce/ja3
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
iiiusky/alicloud-tools
阿里云ECS、策略组辅助小工具
summitt/Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
rtcatc/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
EnableSecurity/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
CTFTraining/CTFTraining
CTF Training 经典赛题复现环境
Y4er/CVE-2020-2551
Weblogic IIOP CVE-2020-2551
rapid7/metasploit-framework
Metasploit Framework
aaaguirrep/offensive-docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Cherrison/CrackMinApp
(反编译微信小程序)一键获取微信小程序源码(傻瓜式操作), 使用了C#加nodejs制作
lijiejie/GitHack
A `.git` folder disclosure exploit
fofapro/vulfocus
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。
yyds-page/awvs-decode
The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
qazbnm456/awesome-web-security
🐶 A curated list of Web Security materials and resources.
WrBug/dumpDex
💯一款Android脱壳工具,需要xposed支持, 易开发已集成该项目。
r0ysue/AndroidSecurityStudy
安卓应用安全学习
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
TryCatchHCF/Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
boy-hack/wooyun-payload
从wooyun中提取的payload,以及burp插件
Medicean/VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
knownsec/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
yingshang/banruo
cn-panda/JavaCodeAudit
Getting started with java code auditing 代码审计入门的小项目
1120362990/vulnerability-list
在渗透测试中快速检测常见中间件、组件的高危漏洞。
bollwarm/SecToolSet
The security tool(project) Set from github。github安全项目工具集合
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
baidu-security/openrasp-iast
IAST 灰盒扫描工具