onliang

onliang's Stars

• Qftm/Information_Collection_Handbook

  Handbook of information collection for penetration testing and src

  810155

• uknowsec/frpModify

  修改frp支持域前置与配置文件自删除

  38981

• AlessandroZ/BeRoot

  Privilege Escalation Project - Windows / Linux / Mac

  Language:Python2.5k459

• EdOverflow/bugbounty-cheatsheet

  A list of interesting payloads, tips and tricks for bug bounty hunters.

  6.1k1.6k

• DeEpinGh0st/Erebus

  CobaltStrike后渗透测试插件

  Language:PowerShell1.5k220

• DeEpinGh0st/Webshell-bypass-collection

  收集的一些各种语言的免杀webshell

  Language:PHP10123

• jaeles-project/jaeles

  The Swiss Army knife for automated Web Application Testing

  Language:Go2.2k323

• bugcrowd/bugcrowd_university

  Open source education content for the researcher community

  2.7k561

• bugcrowd/HUNT

  Language:Python2.3k418

• nsonaniya2010/SubDomainizer

  A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

  Language:Python1.8k234

• 1ndianl33t/Gf-Patterns

  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

  1.3k289

• QAX-A-Team/BrowserGhost

  这是一个抓取浏览器密码的工具，后续会添加更多功能

  Language:C#1.4k206

• defparam/smuggler

  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

  Language:Python1.9k313

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP61.9k24.3k

• Cl0udG0d/edusrc_POC

  在edusrc平台上对于一些通用漏洞检测时编写的简单python POC脚本

  Language:Python5425

• SpiderLabs/Responder

  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

  Language:Python4.6k1.7k

• ffffffff0x/1earn

  ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

  Language:C++5.5k1.2k

• heroanswer/XSS_Cheat_Sheet_2020_Edition

  xss漏洞模糊测试payload的最佳集合 2020版

  505122

• PDWR/AVKiller

  利用图形化识别技术快速关闭目标机器上的杀毒软件

  Language:Python27942

• 1N3/Sn1per

  Attack Surface Management Platform

  Language:Shell8.6k1.9k

• 1N3/IntruderPayloads

  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

  Language:BlitzBasic3.8k1.2k

• koutto/jok3r

  Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

  Language:HTML1k255

• orleven/Tentacle

  Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.

  Language:Python372113

• TheTwitchy/xxer

  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.

  Language:Python51688

• zer0yu/CyberSecurityRSS

  CyberSecurityRSS: A collection of cybersecurity rss to make you better!

  1.8k235

• Qianlitp/crawlergo

  A powerful browser crawler for web vulnerability scanners

  Language:Go2.9k486

• timwhitez/crawlergo_x_XRAY

  360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能

  Language:Python1.2k212

• Lucifer1993/TPscan

  一键ThinkPHP漏洞检测

  Language:Python1.1k184

• w-digital-scanner/w13scan

  Passive Security Scanner (被动式安全扫描器)

  Language:Smarty1.9k368

• insightglacier/Shiro_exploit

  Apache Shiro 反序列化漏洞检测与利用工具

  Language:Python538123