Pinned Repositories
ASCTF-platform
一个简单的CTF测试平台,做培训上用,目前没有做相关安全方面的策略,不要部署到线上
bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
DCblog
使用python编写,基于Django和clean-blog前端框架的博客系统
phone_dict
一个实用的特殊手机号字典
portscan
一个基于Python+Go的端口扫描及服务探测脚本
Proxy_list
Python脚本-从西刺上获取代理IP并验证真实性
ProxyPools
免费代理池-30分钟抓取一次,10分钟验证一次可用性,可根据验证次数判断代理IP的可用性强度
r0capture
安卓应用层抓包通杀脚本
vulwiki
常见漏洞知识库文档
wooyunDic
爬取乌云所有漏洞地址,并获取所有漏洞的漏洞地址字典
w2n1ck's Repositories
w2n1ck/ProxyPools
免费代理池-30分钟抓取一次,10分钟验证一次可用性,可根据验证次数判断代理IP的可用性强度
w2n1ck/DCblog
使用python编写,基于Django和clean-blog前端框架的博客系统
w2n1ck/Antenna
Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。
w2n1ck/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
w2n1ck/CodeAnalysis
Static Code Analysis
w2n1ck/CodeQLRule
个人使用CodeQL编写的一些规则
w2n1ck/conote-community
Conote 综合安全测试平台社区版。
w2n1ck/container-escape-check
docker container escape check || Docker 容器逃逸检测
w2n1ck/ddddocr
w2n1ck/elastalert2
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
w2n1ck/Elkeid
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
w2n1ck/eyes.sh
Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.
w2n1ck/FakeToa
TCP IP伪造,建议使用 ubuntu 22.04
w2n1ck/Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
w2n1ck/GoogleRecaptchaBypass
Solve Google reCAPTCHA in less than 5 seconds! 🚀
w2n1ck/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
w2n1ck/gungnir
CT Log Scanner
w2n1ck/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
w2n1ck/my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 ...
w2n1ck/nginx-ssl-ja3
nginx module for SSL/TLS ja3 fingerprint.
w2n1ck/onionscan
OnionScan is a free and open source tool for investigating the Dark Web.
w2n1ck/sd-evil-scrpits
sd-evil-scrpits
w2n1ck/sec-note
记录各语言、框架中危险的sink,个人代码审计、漏洞研究使用。
w2n1ck/SecEval
w2n1ck/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
w2n1ck/so-vits-svc
SoftVC VITS Singing Voice Conversion
w2n1ck/spider-flow
新一代爬虫平台,以图形化方式定义爬虫流程,不写代码即可完成爬虫。
w2n1ck/Tai-e-assignments
Tai-e assignments for static program analysis
w2n1ck/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
w2n1ck/yapi
YApi 是一个可本地部署的、打通前后端及QA的、可视化的接口管理平台