su18's Stars
yzddmr6/webshell-venom
免杀webshell无限生成工具
spyoungtech/grequests
Requests + Gevent = <3
jiangsir404/Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
Ridter/redis-rce
Redis 4.x/5.x RCE
yingshang/banruo
Coalfire-Research/java-deserialization-exploits
A collection of curated Java Deserialization Exploits
maK-/parameth
This tool can be used to brute discover GET and POST parameters
ppabc/security_check
LINUX安全检查脚本,支持centos5,centos6,ubuntu
decoder-it/whoami-priv-Hackinparis2019
Slides from my talk in "Hackinparis" 2019 edition
conwnet/wpa-dictionary
WPA/WPA2 密码字典,用于 wifi 密码暴力破解
airbnb/streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
aleenzz/php_bug_wiki
代码审计相关的一些知识
l3m0n/pentest_study
从零开始内网渗透学习
numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
lufeirider/Project
lightless233/Java-Unserialization-Study
QAQ Just study unserialize vulnerabilities in Java :)
Tuhinshubhra/CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Mochazz/ThinkPHP-Vuln
关于ThinkPHP框架的历史漏洞分析集合
jiansiting/Decryption-Tools
Decryption-Tools
matthiaskaiser/jmet
Java Message Exploitation Tool
ring04h/pentest
渗透测试用到的东东
k8gege/CiscoExploit
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
BeichenDream/MysqlT
伪造Myslq服务端,并利用Mysql逻辑漏洞来获取客户端的任意文件反击攻击者
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Rvn0xsy/nse_vuln
Nmap扫描、漏洞利用脚本
myvyang/chromium_for_spider
dynamic crawler for web vulnerability scanner
TideSec/TideFinger
TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。
0vercl0k/CVE-2019-9810
Exploit for CVE-2019-9810 Firefox on Windows 64-bit.
sql-machine-learning/sqlflow
Brings SQL and AI together.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.