muzihuakai

muzihuakai's Stars

• tangxiaofeng7/ARL

  ARL 2.6.2-docker国内环境快速部署

  Language:Python122

• wy876/POC

  收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1100多个poc/exp，长期更新。

  3.7k796

• yhy0/passive-scan-client

  Burp被动扫描流量转发插件

  Language:Java6710

• wafinfo/DecryptTools

  DecryptTools-综合解密

  975109

• ProbiusOfficial/RCE-labs

  【Hello-CTF labs】一个想帮你收集所有RCE技巧的靶场。

  Language:Hack13412

• allinurl/goaccess

  GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.

  Language:C18.4k1.1k

• grayddq/GScan

  本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

  Language:Python2.6k618

• Ackites/KillWxapkg

  自动化反编译微信小程序，小程序安全评估工具，发现小程序安全问题，自动解密，解包，可还原工程目录，支持Hook，小程序修改

  Language:Go3.4k735

• sulab999/JsApiScan

  一款扫描js中敏感api的burp插件

  33

• P1-Team/AlliN

  A flexible scanner

  Language:Python1.1k152

• hicode0101/HiProxy

  A Chrome proxy extension （MV3）

  Language:JavaScript121

• TuyaSecurity/SSRF-Auto

  Burp-plugin

  Language:Java122

• libaibaia/BucketVulTools

  Burpsuite存储桶配置不当漏洞检测插件

  Language:Java19

• outlaws-bai/Galaxy

  Burp插件，通过自定义 hook 自动解密加密报文，并支持联动 sqlmap、xray 等，让你测试加密报文时像明文一样简单。 The Burp plugin automatically decrypts encrypted messages through custom hooks and supports linkage with sqlmap, xray, etc., making you as simple as plain text when testing encrypted messages.

  Language:Java64352

• chushuai/wscan

  Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

  Language:Go51964

• wanghongenpin/network_proxy_flutter

  Open source free capture HTTP(S) traffic software ProxyPin, supporting full platform systems

  Language:Dart6.7k574

• honmashironeko/ARL-docker

  基于ARL v2.6.2版本源码，生成docker镜像进行快速部署，同时提供七千多条指纹

  Language:Shell29635

• huntingsec/ARL-Limited-Edition

  原汁原味的ARL灯塔，在基础上进行了魔改优化

  Language:Shell10122

• adysec/ARL

  ARL 资产侦察灯塔系统（可运行，添加指纹，提高并发，升级工具及系统，无限制修改版） | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

  Language:Python364169

• theLSA/burp-unauth-checker

  burpsuite extension for check unauthorized vulnerability

  Language:Python22625

• chainreactors/gogo

  面向红队的, 高度可控可拓展的自动化引擎

  Language:Go1.4k143

• eeeeeeeeee-code/e0e1-wx

  微信小程序辅助渗透-自动化

  Language:Python842135

• toeverything/AFFiNE

  There can be more than Notion and Miro. AFFiNE(pronounced [ə‘fain]) is a next-gen knowledge base that brings planning, sorting and creating all together. Privacy first, open-source, customizable and ready to use.

  Language:TypeScript41.3k2.7k

• system-cpu/wxappUnpacker

  基于node反编译小程序 已经配置完成

  Language:JavaScript486275

• j4k0xb/webcrack

  Deobfuscate obfuscator.io, unminify and unpack bundled javascript

  Language:TypeScript900102

• Aabyss-Team/ARL

  ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

  Language:Python1k542

• roottusk/vapi

  vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

  Language:HTML1.2k303

• API-Security/APISandbox

  Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.

  Language:FreeMarker38451

• F6JO/JsRouteScan

  Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件

  Language:Java20410

• ki9mu/ARL-plus-docker

  基于ARL-V2.6.2修改后的版本

  Language:Shell712113