hipety's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
projectdiscovery/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
ory/hydra
The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
Tencent/secguide
面向开发人员梳理的代码安全指南
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
sml2h3/ddddocr
带带弟弟 通用验证码识别OCR pypi版
HackJava/HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
opensec-cn/kunpeng
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
n0b0dyCN/redis-rogue-server
Redis(<=5.0.5) RCE
jayus0821/swagger-hack
自动化爬取并自动测试所有swagger接口
Ridter/redis-rce
Redis 4.x/5.x RCE
broken5/bscan
safe6Sec/CodeqlNote
Codeql学习笔记
redtoolskobe/scaninfo
fast scan for redtools
i11us0ry/goon
goon,集合了fscan和kscan等优秀工具功能的扫描爆破工具。功能包含:ip探活、port扫描、web指纹扫描、title扫描、压缩文件扫描、fofa获取、ms17010、mssql、mysql、postgres、redis、ssh、smb、rdp、telnet、tomcat等爆破以及如netbios探测等功能。
gh0stkey/CaA
CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
hellogoldsnakeman/masnmapscan-V1.0
一款用于资产探测的端口扫描工具。整合了masscan和nmap两款扫描器,masscan扫描端口,nmap扫描端口对应服务,二者结合起来实现了又快又好地扫描。
0ang3el/aem-hacker
nullt3r/jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
artsploit/yaml-payload
A tiny project for generating SnakeYAML deserialization payloads
7hang/--Java
代码审计知识点整理-Java
7dog7/masscan_to_nmap
基于masscan和nmap的快速端口扫描和指纹识别工具,优化版本(获取标题,页面长度,过滤防火墙)
ExpLangcn/WanLi
方便红队人员对目标站点进行安全检测,快速获取资产。It is convenient for red team personnel to conduct security detection on the target site and quickly obtain assets.
Al1ex/CVE-2021-22205
CVE-2021-22205& GitLab CE/EE RCE
lz2y/yaml-payload-for-ruoyi
A memory shell for ruoyi
ttonys/Scrapy-CVE-CNVD
漏洞监控,基于scrapy,scrapy-redis,获取每日最新的CVE和CNVD漏洞,邮件通知
cwkiller/unauthorized-check
扫描常见未授权访问(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)
jeansgit/Pentest
Pentest 收集、整理、分享
wpsec/wpsecdict
自用字典
bitterzzZZ/CVE-2021-43297-POC
CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE