eiyiaioyou's Stars
ffuf/ffuf
Fast web fuzzer written in Go
wy876/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1200多个poc/exp,长期更新。
WeiYe-Jing/datax-web
DataX集成可视化页面,选择数据源即可一键生成数据同步任务,支持RDBMS、Hive、HBase、ClickHouse、MongoDB等数据源,批量创建RDBMS数据同步任务,集成开源调度系统,支持分布式、增量同步数据、实时查看运行日志、监控执行器资源、KILL运行进程、数据源信息加密等。
jaredthecoder/awesome-vehicle-security
🚗 A curated list of resources for learning about vehicle security and car hacking.
Skyvern-AI/skyvern
Automate browser-based workflows with LLMs and Computer Vision
iBotPeaches/Apktool
A tool for reverse engineering Android apk files
bytedance/appshark
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
jeremylong/Open-Vulnerability-Project
Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)
chainreactors/gogo
面向红队的, 高度可控可拓展的自动化引擎
six2dez/OneListForAll
Rockyou for web fuzzing
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
owasp-amass/amass
In-depth attack surface mapping and asset discovery
jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
1N3/Sn1per
Attack Surface Management Platform
Funsiooo/chunsou
Chunsou(春蒐),Python3编写的多线程Web指纹识别工具,适用于安全测试人员前期的资产识别、风险收敛以及企业互联网资产风险摸查。
Threekiii/Vulnerability-Wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
jweny/pocassist
傻瓜式漏洞PoC测试框架
qazbnm456/awesome-cve-poc
✍️ A curated list of CVE PoCs.
trickest/cve
Gather and update all available and newest CVEs with their PoC.
euphrat1ca/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
jeremylong/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
bytedance/bitsail
BitSail is a distributed high-performance data integration engine which supports batch, streaming and incremental scenarios. BitSail is widely used to synchronize hundreds of trillions of data every day.
aboutcode-org/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
kempy007/VulManAgg
Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
zadam/trilium
Build your personal knowledge base with Trilium Notes
fofapro/vulfocus
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。