ti4nly's Stars
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
s0md3v/XSStrike
Most advanced XSS scanner.
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
knownsec/ksubdomain
无状态子域名爆破工具
lz520520/railgun
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
hanc00l/nemo_go
Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
safe6Sec/Fastjson
Fastjson姿势技巧集合
veo/vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
telegram-sgk/SGK_Sites_and_Bots
免费在线社工库,免费Telegram社工库
dwisiswant0/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
SleepingBag945/dddd
dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标
niudaii/zpscan
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
a1phaboy/FastjsonScan
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
OWASP-Benchmark/BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
chainreactors/spray
Next Generation HTTP Dir/File Fuzz Artifact
ac0d3r/Hyuga
Hyuga 是一个用来监控带外(Out-of-Band)流量的工具。🪤
jjf012/gopoc
用cel-go重现了长亭xray的poc检测功能的轮子
chainreactors/zombie
The most powerful bruteforcer / password sprayer Artifact
youki992/VscanPlus
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
lokerxx/JavaVul
JAVA 安全靶场,IAST 测试用例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability Reproduction, Code Auditing, SAST Test Cases, Security Scanning (Active and Passive), Java Vulnerability Testbed, RASP Test Cases
Goqi/Ni
Ni-nuclei二开
yuuuuu422/Gopo
📌 a poc framework supported for YAML and custom script
TI4NLI4NG/TLScan
Golang编写的一款GUI漏洞扫描工具,非开发人员也能通过yaml格式文件根据模板编写相应poc
ti4nly/pocScan_gui