toygang's Stars
vnpy/vnpy
基于Python的开源量化交易平台开发框架
hashcat/hashcat
World's fastest and most advanced password recovery utility
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
rapiz1/rathole
A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
hiifeng/V2ray-for-Doprax
The tool can install v2ray on the Doprax, including VMess and VLess protocols, it will automatically switch IP, you need to fork this projects, read readme.md and run it. Create By ifeng.
xmendez/wfuzz
Web application fuzzer
davinci1010/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
knownsec/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
net4people/bbs
Forum for discussing Internet censorship circumvention
threedr3am/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
0xn0ne/weblogicScanner
weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883
Juude/droidReverse
reverse engineering tools for android(android 逆向工程工具集)
skavngr/rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
murphysecurity/murphysec
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
VKSRC/Github-Monitor
Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
zhengjim/camille
基于Frida的Android App隐私合规检测辅助工具
chriskaliX/AD-Pentest-Notes
用于记录内网渗透(域渗透)学习 :-)
TideSec/Tide
目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
msoedov/agentic_security
Agentic LLM Vulnerability Scanner / AI red teaming kit
SecWiki/office-exploits
office-exploits Office漏洞集合 https://www.sec-wiki.com
0x0FB0/pulsar
Network footprint scanner platform. Discover domains and run your custom checks periodically.
0xbug/biu
网络资产攻击面梳理
gfw-report/trojan-go
使用最新的uTLS来缓解GFW自2022年10月3日以来的大规模封锁。 Use the latest uTLS library to mitigate the GFW's large scale blocking since October 3, 2022.
kapytein/jsonp
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.
ckcsec/wiki-vitepress
面向网络安全从业者的知识文库
ylcangel/binary_vulnerability
二进制漏洞之栈溢出原理和利用技术、绕过安全保护技术(绕过 NX、 ASLR、PIE、Canary、RELRO 等)、格式化字符串漏洞原理是利用技术、整数溢出漏 洞原理和利用技术、glibc2.30 内存管理源码深入分析、堆溢出漏洞(fastbin 攻击、 UAF、double free、堆重叠和扩展攻击、unlink 攻击、house 系列攻击)漏洞原理和攻 击技巧
gfw-report/shadowsocks-rust
我们有证据表明这个修改版的Shadowsocks-rust可以绕过当前GFW对Shadowsocks的检测和封锁。(https://gfw.report/publications/usenixsecurity23/zh/#sec:popcount) | We have evidences that this modified Shadowsocks-rust can bypass the detection and blocking by the GFW. (https://gfw.report/publications/usenixsecurity23/en/#sec:popcount)
NewOrbit/MalwareScan.AMSI
gfw-report/censorbib
The Internet censorship bibliography.