nino-James's Stars
nefarius/udpflood
Simple network stress test tool which penetrates a target host with random UDP packages.
ksang/stress
Distributed network performance testing tool
dhyan-singh/hitchhikerAPI
veo/vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
cyprosecurity/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
andresriancho/w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
flipkart-incubator/Astra
Automated Security Testing For REST API's
Fuzzapi/fuzzapi
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
SmartBear/soapui
SoapUI is a free and open source cross-platform functional testing solution for APIs and web services.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
source-xu/docker-vuls
详细的记录了一些Docker漏洞的原理、环境搭建、漏洞复现
ivre/ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.
Zh9ng9/everythingToExcel
Ehole、scan、Yasso扫描输出结果转Excel,同时支持txt、csv自定义表头生成Excel。
shuanx/BurpFingerPrint
BurpSuite插件集成Ehole指纹库并进行常见OA弱口令爆破插件
lemonlove7/EHole_magic
EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破
EdgeSecurityTeam/EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
CTF-MissFeng/Watchdog
Watchdog是bayonet修改版,重新优化了数据库及web及扫描程序,加入多节点
CTF-MissFeng/bayonet
bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
ChinaRan0/BlueTeamTools
蓝队工具箱
Dog556/Webscan
Webscan
source-xu/ossx
存储桶遍历漏洞利用脚本
LinWin-Cloud/setool-master
SetoolMaster是一款让你入门即入狱的python3开发的进阶型社会工程学工具。包括了全球定位、Ngrok内网穿透、Seeker高精度定位、网页钓鱼、病毒攻击、恐吓勒索信、爬虫、网站克隆、物联网设备搜索等,同时拥有中文支持,内置大量钓鱼模板,设计用于组织级别红队渗透测试,用于团队组织设备型协同,经过非常多的实战演练,效果出众,远超同行产品
d3ckx1/Fvuln
F-vuln(全称:Find-Vulnerability)是为了自己工作方便专门编写的一款自动化工具,主要适用于日常安全服务、渗透测试人员和RedTeam红队人员,它集合的功能包括:存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。
jwt1399/Sec-Tools
🍉一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。
Clouditera/SecGPT
SecGPT网络安全大模型
ossec/ossec-hids
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
StamusNetworks/SELKS
A Suricata based IDS/IPS/NSM distro
Magentron/chkrootkit
This program locally checks for signs of a rootkit. 'Forked' to fix false-positive for SucKIT rootkit
huan-cdm/info_scan
自动化漏洞扫描系统,一键完成相关漏洞扫描和信息收集、资产处理、IP基础信息探测,系统采用B/S架构,系统分为源码安装和配置好环境的虚拟机,项目会持续更新,欢迎在Issues中提交需求,如果对您有所帮助,欢迎留下宝贵的star!!!