shohoku3's Stars
upx/upx
UPX - the Ultimate Packer for eXecutables
xfiftyone/STS2G
Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang
EasyJailbreak/EasyJailbreak
An easy-to-use Python framework to generate adversarial jailbreak prompts.
LoRexxar/Kunlun-M
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
chatchat-space/Langchain-Chatchat
Langchain-Chatchat(原Langchain-ChatGLM)基于 Langchain 与 ChatGLM, Qwen 与 Llama 等语言模型的 RAG 与 Agent 应用 | Langchain-Chatchat (formerly langchain-ChatGLM), local knowledge based LLM (like ChatGLM, Qwen and Llama) RAG and Agent app with langchain
wafinfo/Sunflower_get_Password
一款针对向日葵的识别码和验证码提取工具
meirwah/awesome-incident-response
A curated list of tools for incident response
feiwww/PROMISE-backup
PRIMISE dataset for sofware defect prediction
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
AngelKitty/stegosaurus
A steganography tool for embedding payloads within Python bytecode.
olist213/Information_Security_Books
信息安全方面的书籍
wgpsec/ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Threekiii/Awesome-POC
一个漏洞POC知识库 目前数量 1000+
EdgeSecurityTeam/Eeyes
Eeyes(棱眼)-快速筛选真实IP并整理为C段
denny0223/scrabble
Simple tool to recover .git folder from remote server
Trisia/randomness
该工具库实现了《GM/T 0005-2021 随机性检测规范》中描述的15种随机性检测方法
BugScanTeam/GitHack
.git 泄漏利用工具,可还原历史版本
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
TheTh1nk3r/SecBooks
安全类各家文库大乱斗
TheTh1nk3r/hvv_vul
hvv 漏洞整理收集
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
AntSwordProject/antSword
**蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
EdgeSecurityTeam/EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
r0eXpeR/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
orleven/Tentacle
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
phith0n/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
Quitten/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
theLSA/burp-unauth-checker
burpsuite extension for check unauthorized vulnerability
f0ng/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks