Pinned Repositories
awesome-list
Enterprise_-Security_tools
企业安全建设中用到的开源or“免费”的工具
GitHack
A `.git` folder disclosure exploit
nginx-systemtap-toolkit
Real-time analyzing and diagnosing tools for Nginx based on SystemTap
ngx_lua_waf
ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
ortbot
Open Red Team Bag of Tricks - Red Teaming and Pentesting cheat sheet and trick book
PHP-WebShell-Bypass-WAF
记录与分享PHP WebShell 绕过WAF 的一些经验 Share some experience PHP WebShell bypass WAF
rtcp
security.vcl
protect your websites with varnish rules
VFW
Varnish Firewall
loveshell's Repositories
loveshell/ngx_lua_waf
ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
loveshell/atexec-pro
Fileless atexec, no more need for port 445
loveshell/jumpserver
开源跳板机/堡垒机:认证,授权,审计,自动化运维(Open source springboard machine / machine fortress: authentication, authorization, auditing, operation and maintenance of automation).http://www.jumpserver.org
loveshell/acra
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
loveshell/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
loveshell/ChatGPTScan-SAST
一个基于 ChatGPT 的开源代码审计平台。
loveshell/datasploit
A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.
loveshell/django-DefectDojo
DefectDojo is an open source defect tracker
loveshell/dnscat2
loveshell/DVCS-Pillage
Pillage web accessible GIT, HG and BZR repositories
loveshell/elastalert
Easy & Flexible Alerting With ElasticSearch
loveshell/gaeproxy
GAEProxy for Android
loveshell/genpmk-hadoop
A hadoopified version of genpmk
loveshell/graylog2-server
Graylog2 is an open source syslog implementation that stores your logs in ElasticSearch. It consists of a server written in Java that accepts your syslog messages via TCP or UDP and stores it in the database. The second part is a Ruby on Rails web interface that allows you to view the log messages.
loveshell/jmet
Java Message Exploitation Tool
loveshell/jxotp
企业SSH登陆双因素认证系统
loveshell/kunpeng
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
loveshell/ldap_shell
AD ACL abuse
loveshell/malcom
Malcom - Malware Communications Analyzer
loveshell/minion
loveshell/Mobile-Security-Framework-MobSF
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
loveshell/pocassist
pocassist是一款全新的开源漏洞测试框架,无需代码知识也可实现对poc的在线编辑、管理、测试。 使用之前请先阅读文档。
loveshell/rails3book-code
loveshell/Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
loveshell/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
loveshell/repoguard
Repoguard is a simple tool to check and alert on interesting changes in a git repository.
loveshell/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
loveshell/SQLiScanner
Automatic SQL injection with Charles and sqlmapapi
loveshell/webzmap
Zmap on Web
loveshell/wetty
Terminal in browser over http/https. (Ajaxterm/Anyterm alternative, but much better)