h1pmnh

h1pmnh's Stars

• FiloSottile/mkcert

  A simple zero-config tool to make locally trusted development certificates with any names you'd like.

  Language:Go51.7k4813402.7k

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.8k9981.3k

• Ekultek/WhatWaf

  Detect and bypass web application firewalls and protection systems

  Language:Python2.7k751.6k451

• BishopFox/cloudfox

  Automating situational awareness for cloud penetration tests.

  Language:Go2k2925191

• mandatoryprogrammer/xsshunter-express

  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

  Language:JavaScript1.7k1026337

• rootsecdev/Azure-Red-Team

  Azure Security Resources and Notes

  Language:PowerShell1.5k300205

• hakluke/weaponised-XSS-payloads

  XSS payloads designed to turn alert(1) into P1

  Language:JavaScript1.4k463218

• ptoomey3/evilarc

  Create tar/zip archives that can exploit directory traversal vulnerabilities

  Language:Python987150182

• pwm-project/pwm

  pwm

  Language:Java92082413251

• bitquark/shortscan

  An IIS short filename enumeration tool

  Language:Go85571886

• disclose/bug-bounty-platforms

  A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.

  659232149

• blacklanternsecurity/badsecrets

  A library for detecting known secrets across many web frameworks

  Language:Python57793949

• pawitp/protobuf-decoder

  JavaScript-based web UI to decode ad-hoc Protobuf data

  Language:JavaScript439827101

• jthack/PIPE

  Prompt Injection Primer for Engineers

  4039141

• lanjelot/kb

  All my infosec notes I have been building up over the years

  32824085

• noobpk/frida-intercept-encrypted-api

  A tool to help you intercept encrypted APIs in iOS or Android apps

  Language:JavaScript2606435

• makuga01/dnsFookup

  DNS rebinding toolkit

  Language:JavaScript2514539

• X1r0z/ActiveMQ-RCE

  ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具

  Language:Go2364629

• nikitastupin/param-miner-doc

  Unofficial documentation for the great tool Param Miner

  1764426

• horizon3ai/CVE-2023-34362

  MOVEit CVE-2023-34362

  Language:Python1374034

• ARPSyndicate/kenzer-templates

  essential templates for kenzer [DEPRECATED]

  Language:Python11012136

• projectmonke/shortnameguesser

  A tool to guess the rest of the shortnames provided by vulnerable IIS instances.

  Language:Python37407

• CanardMandarin/csp-bypass

  Need any help bypassing CSP ?

  Language:JavaScript25103

• codeplutos/MySQL-JDBC-Deserialization-Payload

  MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload

  Language:C++130014

• hieuminhnv/CVE-2022-21587-POC

  CVE-2022-21587 POC

  Language:Python12117

• JeffJerseyCow/eviloauth

  OAuth 2.0 exploitation, attack and research tools.

  Language:Python11201

• MSU-NatSci/MuraCMS

  A copy of Mura when it was still open-source in August 2020

  103117

• irsdl/BlazorTrafficProcessor

  Language:Java6102

• pingidentity/bug-bounty-server-profiles

  6613

• 0xDexter0us/h1-scope-fetcher

  A tool to fetch all in scope assets of HackerOne programs for integration in your automation and hacking workflow using HackerOne's hacker API

  Language:Go3102