Pinned Repositories
-RAT-
大灰狼远控 源码
160-Crackme
对160个Crackme的详细分析记录
Active-Directory-Pentest-Notes
个人域渗透学习笔记
admin-panel-finder
A powerful admin login page finder in python
afl-training
Exercises to learn how to fuzz with American Fuzzy Lop
Scanners-Box
The toolbox of open source scanners(a.k.a scanbox) - 安全行业从业者自研开源扫描器合辑
scripts
脚本工具
superl-url
通知:Star到350,增加Bing(必应)!!!根据关键词,对搜索引擎内容检索结果的网址内容进行采集的一款轻量级软程序。 程序主要运用于安全渗透测试项目,以及批量评估各类CMS系统0DAY的影响程度,同时也是批量采集自己获取感兴趣的网站的一个小程序~~ 可自动从搜索引擎采集相关网站的真实地址与标题等信息,可保存为文件,自动去除重复URL。同时,也可以自定义忽略多条域名等。
WebMap
Nmap Web Dashboard and Reporting
toygang's Repositories
toygang/160-Crackme
对160个Crackme的详细分析记录
toygang/archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
toygang/BurpSuite-collections
BurpSuite收集:包括不限于 Burp 文章、破解版、插件、汉化等相关教程,欢迎添砖加瓦
toygang/CICFlowMeter
CICFlowmeter-V4.0 (formerly known as ISCXFlowMeter) is a network traffic Bi-flow generator and analyzer for anomaly detection that has been used in many Cybersecurity datsets such as Android Adware-General Malware dataset (CICAAGM2017), IPS/IDS dataset (CICIDS2017) and Android Malware dataset (CICAndMal2017).
toygang/cloudflare-worker-blog
Cloudflare workers + Github 实现的动态博客系统,使用边缘计算,无需服务器
toygang/CMSmap
CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
toygang/commix
Automated All-in-One OS command injection and exploitation tool.
toygang/EverydayWechat
每日自动给女朋友发微信暖心话。
toygang/Fofa-Cscan
a Simple tool.Based on fofa.so
toygang/fuxploider
File upload vulnerability scanner and exploitation tool.
toygang/git-all-secrets
A tool to capture all the git secrets by leveraging multiple open source git searching tools
toygang/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
toygang/machinae
Machinae Security Intelligence Collector
toygang/Machine-Learning-with-Python
Python code for common Machine Learning Algorithms
toygang/MS17-010-Python
MS17-010: Python and Meterpreter
toygang/Osmedeus
Fully automated offensive security tool for reconnaissance and vulnerability scanning
toygang/Python-100-Days
Python - 100天从新手到大师
toygang/QRLJacking
QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
toygang/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
toygang/TabNine
The all-language autocompleter: https://tabnine.com/
toygang/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
toygang/theHarvester
E-mails, subdomains and names Harvester - OSINT
toygang/tko-subs
A tool that can help detect and takeover subdomains with dead DNS records
toygang/TrackRay
溯光 (TrackRay) 3 Beta 版插件式渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|AWVS|NMAP|Metasploit)
toygang/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
toygang/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
toygang/Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,弱口令探测,POC扫描,SQL注入等功能
toygang/WeblogicScan-1
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持
toygang/XSStrike
Most advanced XSS scanner.
toygang/zaproxy
The OWASP ZAP core project