Pinned Repositories
360Quake
360 QuakeAPI批量查询工具
3klCon
Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
awvs14-scan
针对 Acunetix AWVS扫描器开发的批量扫描脚本,支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项,支持联动xray、burp、w13scan等被动批量
Hosts_scanV2
这是一个用于IP和域名碰撞匹配访问的小工具优化版,能减少碰撞中出来的误报,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
ihoneyBakFileScan
多进程批量网站备份文件泄露扫描工具v0.2
log4j-fuzz-head-poc
批量检测log4j漏洞,主要还是批量fuzzz 头
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Scanunauthorized
SScan
一款src捡洞扫描器
TTScan
test502git's Repositories
test502git/awvs14-scan
针对 Acunetix AWVS扫描器开发的批量扫描脚本,支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项,支持联动xray、burp、w13scan等被动批量
test502git/Hosts_scanV2
这是一个用于IP和域名碰撞匹配访问的小工具优化版,能减少碰撞中出来的误报,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
test502git/log4j-fuzz-head-poc
批量检测log4j漏洞,主要还是批量fuzzz 头
test502git/Grafana-0day
Grafana 任意文件读取漏洞poc
test502git/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
test502git/BountyHunterInChina
重生之我是赏金猎人系列,分享自己和团队在SRC、项目实战漏洞测试过程中的有趣案例
test502git/HackJava
《深入理解Java代码审计》
test502git/JNDIMonitor
一个LDAP请求监听器,摆脱dnslog平台
test502git/Log4j2Scan-1
Log4j2 RCE Passive Scanner plugin for BurpSuite
test502git/xia_sql
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
test502git/xray
xray 安全评估工具
test502git/3klCon
Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
test502git/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
test502git/AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
test502git/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
test502git/bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti and Immunefi!
test502git/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
test502git/CVE-2021-22205
CVE-2021-22205& GitLab CE/EE RCE
test502git/FireKylin
火麒麟-网络安全应急响应工具(系统痕迹采集)Cybersecurity emergency response tool.
test502git/fluidity
test502git/FrpClient-Win
frpc Windows 图形界面客户端, frpc Windows GUI client.图形化配置frpc,支持开机启动.
test502git/Gitlab-CVE-2021-22205
test502git/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
test502git/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
test502git/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
test502git/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
test502git/nerdbug
Full Nuclei automation script with logic explanation.
test502git/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
test502git/SpringScan
SpringScan 漏洞检测 Burp插件
test502git/SXF_aTrust_sandbox_bypass
深信服零信任沙箱逃逸( 正常功能,所以我也不打算再提交CNVD, 给使用这款产品的用户介绍下功能效果)