fr1sh's Stars
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Micropoor/Micro8
Gitbook
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
TheKingOfDuck/fuzzDicts
You Know, For WEB Fuzzing ! 日站用的字典。
Bypass007/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
slowmist/Knowledge-Base
Knowledge Base 慢雾安全团队知识库
L-codes/Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
tarunkant/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
teddysun/lamp
Install LAMP (Linux + Apache + MySQL/MariaDB + PHP) for AlmaLinux/RockyLinux/CentOS/Debian/Ubuntu
ph4ntonn/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
danni-cool/wechatbot-webhook
轻量、可部署的微信机器人webhook服务,使用http接口收发微信消息, 用它作为个人通知、AIGC 应用或者 coze、n8n等自动化工作流的消息节点
CTF-MissFeng/bayonet
bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
momosecurity/FindSomething
基于chrome、firefox插件的被动式信息泄漏检测工具
smxiazi/xia_sql
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
r35tart/Penetration_Testing_Case
用于记录分享一些有趣的案例
boy-hack/wooyun-payload
从wooyun中提取的payload,以及burp插件
UltimateSec/ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
Harmoc/CTFTools
Personal CTF Toolkit
realgam3/pymultitor
PyMultitor - Python Multi Threaded Tor Proxy
iamHuFei/HVVault
梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。
Weik1/Artillery
JAVA 插件化漏洞扫描器,Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。
zyylhn/zscan
Zscan a scan blasting tool set
pureqh/bypasswaf
关于安全狗和云锁的自动化绕过脚本
0xs1riu5/vulawdhub
该项目是利用docker技术创建的有漏洞的cms环境集合,可以进行练习
Twi1ight/AD-Pentest-Script
Active Directory pentest scripts
gowsp/wsp
socks5 and reverse proxy based on websocket
R1card0-tutu/MailDOG
Jumbo-WJB/JPentest
Jumbo Python Penetration testing framework