l1angfeng's Stars
Java-Chains/web-chains
Web 版 Java Payload 生成与利用工具,提供 Java 反序列化、Hessian 1/2 反序列化等Payload生成,以及 JNDI、Fake Mysql、JRMPListener 等利用|The web version of Java Payload generation and utilization tool provides Payload generation such as Java deserialization and Hessian 1/2 deserialization, as well as JNDI, Fake Mysql, JRMPListener, etc
c0r1/BypassPro
AutoBypass403-BurpSuite 插件二开重构,优化执行逻辑
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
xuchengsheng/wx-dump-4j
一款基于Java开发的微信数据分析工具。
auuunya/eventwatcher
EventWatcher is an open-source library designed for real-time monitoring of Windows Event Logs. It offers an efficient solution for tracking system events, application logs, and other critical event sources. Ideal for debugging, auditing, and system management.
ys1231/appproxy
基于flutter的Android vpn代理工具 Android VPN Proxy Tool Based on Flutter
d78ui98/APKDeepLens
Android security insights in full spectrum.
darkarmorlab/goflsh
一款办公应用云凭证利用工具
Whoopsunix/JavaRce
Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
LawRefBook/Laws
SunWeb3Sec/DeFiVulnLabs
To learn common smart contract vulnerabilities using Foundry!
SunWeb3Sec/DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry.
imthaghost/goclone
Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.
MaximeBeasse/KeyDecoder
KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
mttaggart/OffensiveNotion
Notion as a platform for offensive operations
drwetter/testssl.sh
Testing TLS/SSL encryption anywhere on any port
soxoj/maigret
🕵️♂️ Collect a dossier on a person by username from thousands of sites
a1phaboy/JsonDetect
A burp Extender to detect json, include fastjson,jackson,gson
wecooperate/iMonitorSDK
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
gojue/ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
aleenzz/Cobalt_Strike_wiki
Cobalt Strike系列
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Getshell/LinuxTQ
《Linux提权方法论》
home-assistant/core
:house_with_garden: Open source home automation that puts local control and privacy first.
agourlay/hprof-slurp
JVM heap dump analyzer
6vr/Bug-Bounty-Tips
A collection of notes, checklists, writeups on bug bounty hunting and web application security.
sry309/PwdBUD
一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典
aquasecurity/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
lijiejie/ds_store_exp
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.