Pinned Repositories
AgileTC
AltoroJ
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
AssetManage
backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
baseline-checker
针对Windows Server 2008 R2的基线安全检测系统,后台使用SpringBoot搭建,客户端用python编写。
bugCatcher
方便产品、开发、测试三方协同管理、测试、监控项目进度和质量,以持续交付。
cobra
Source Code Security Audit (源代码安全审计)
Cobra-W
Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版
CodeScanner
A code security platform based on fortify sca windows
Security-Baseline
Linux安全基线扫描、报告生成与自动修复程序
goodhal's Repositories
goodhal/Security-Baseline
Linux安全基线扫描、报告生成与自动修复程序
goodhal/AltoroJ
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
goodhal/bugCatcher
方便产品、开发、测试三方协同管理、测试、监控项目进度和质量,以持续交付。
goodhal/cobra
Source Code Security Audit (源代码安全审计)
goodhal/CodeScanner
A code security platform based on fortify sca windows
goodhal/DB_BaseLine
数据库基线检查工具
goodhal/Enterprise_-Security_tools
企业安全建设中用到的开源or“免费”的工具
goodhal/Fiddler2LRScript
采用Python开发,实现了Fiddler抓包文件(saz)转换为LoadRunner脚本的功能,弥补了LoadRunner有时因环境问题而无法录制脚本的缺陷。
goodhal/framework
goodhal/freebencher
A free-style benchmarking tool that can test anything callable by Java. And it produces apache-ab-like results
goodhal/isafe
安全扫描平台,主要原理是通过命令行调用WVS、APPscan生成报告,整理并展示
goodhal/jMeter-LoadVariablesSampler
Load variables described in a json to jMeter
goodhal/jMeterRedisClient
Redis Client Sampler for jMeter
goodhal/jmonitor
专业java监控平台
goodhal/LoadRunnerSamples
Sample Loadrunner Scripts
goodhal/Nessus_to_report
Nessus中文报告自动化脚本
goodhal/NessusReportInChinese
半自动化将 Nessus 英文报告(csv格式)生成中文 excel ,中文漏洞库已有700多条常见漏洞,后续再进一步加上新漏洞自动翻译,实现全自动化
goodhal/ngtesting-platform
Next Generation Testing Tools
goodhal/Penetration-Testing
渗透测试工程师笔试题/面试题
goodhal/Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
goodhal/pikachu
一个好玩的Web安全-漏洞测试平台
goodhal/RF-auto-test-demo
公司现用的RF所有测试公共方法及资源组织架构,包括API测试、UI测试、JMeter性能测试 样例,自定义库NdolLibrary、redis、mysql、Opencv、xml、date、appium等公共封装,PAI基础关键字、UI基础关键字、业务组合关键字、常规逻辑的通用封装等内容。并包含大量基础的测试练习demo
goodhal/spring-cloud-contract-swagger-sample
Samples for Spring Cloud Contract with Swagger specifications as contracts
goodhal/tessdata
goodhal/watermark
Add watermark to PDF and Office files
goodhal/websqlmap
Based on sqlmapapi and flask.