wzqs

wzqs's Stars

• python-telegram-bot/python-telegram-bot

  We have made you a wrapper you can't refuse

  Language:Python26k5992.2k5.3k

• drduh/macOS-Security-and-Privacy-Guide

  Guide to securing and improving privacy on macOS

  21.2k6832601.5k

• GoogleChrome/chrome-extensions-samples

  Chrome Extensions Samples

  Language:JavaScript15.2k6794318.1k

• it-ebooks-0/geektime-books

  :books: 极客时间电子书

  10.6k99113.5k

• threedr3am/learnjavabug

  Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

  Language:Java2.6k756491

• wendux/ajax-hook

  Intercepting browser's http requests which made by XMLHttpRequest.

  Language:JavaScript2.6k39108495

• phith0n/JavaThings

  Share Things Related to Java - Java安全漫谈笔记相关内容

  Language:Java1.7k331207

• nccgroup/house

  A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

  Language:JavaScript1.4k4536225

• wh1t3p1g/tabby

  A CAT called tabby ( Code Analysis Tool )

  Language:Java1.3k2264152

• fransr/postMessage-tracker

  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

  Language:JavaScript1k365144

• jar-analyzer/jar-analyzer

  Jar Analyzer - 一个JAR包分析工具，SCA漏洞分析，批量分析JAR包，方法调用关系搜索，字符串搜索，Spring组件分析，CFG程序分析，JVM栈帧分析，进阶表达式搜索，字节码指令级的动态调试分析，反编译JAR包一键导出，一键提取序列化数据恶意代码，一键分析BCEL字节码

  Language:Java99976994

• R4gd0ll/I-Wanna-Get-All

  OA漏洞利用工具

  986162577

• Drun1baby/JavaSecurityLearning

  记录一下 Java 安全学习历程，也算是半条学习路线了

  Language:Java92912293

• f0ng/autoDecoder

  Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。

  Language:Java88892868

• lemono0/FastJsonParty

  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用

  Language:Python8179493

• 0x727/BypassPro

  对权限绕过自动化bypass的burpsuite插件

  Language:Java81411546

• lemonlove7/dirsearch_bypass403

  目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别

  Language:Python70651258

• outlaws-bai/Galaxy

  Burp插件，让你测试加密报文时像明文一样简单，支持用js/python/java实现hook脚本或任意语言实现grpc/http hook服务来自动解密报文。A Burp plugin makes testing encrypted messages as simple as plain text, supporting the use of js/python/java to implement hook scripts or any language to implement grpc/http hook services to automatically decrypt messages.

  Language:Java57991043

• praetorian-inc/fingerprintx

  Standalone utility for service discovery on open ports!

  Language:Go5618843

• 7hang/--Java

  代码审计知识点整理-Java

  5173067

• abc123info/UserNameDictTools

  用户名密码字典生成工具(将中文汉字姓名转成14种格式的拼音、IP地址处理、网络设备密码生成)

  2993216

• snchengqi/course-robot

  知学云网上大学学习助手（**电信、**移动、**人民保险、国家电投、**石油、**广核集团）（知学云要求，永久关闭该仓库！）

  244396

• blocksecteam/metasuites

  MetaSuites powered by BlockSec. Help crypto users explore blockchain smoothly.

  Language:TypeScript24131536

• noobpk/frida-intercept-encrypted-api

  A tool to help you intercept encrypted APIs in iOS or Android apps

  Language:JavaScript2356431

• PortSwigger/bambdas

  Bambdas collection for Burp Suite Professional and Community.

  Language:Java1938728

• jitcor/frida-ios-cipher

  Intercept all cryptography-related functions on iOS with Frida Api.

  Language:TypeScript1737441

• ChiChou/gossip-summer-school-2018

  Source code repo for Let's GOSSIP summer school 2018

  Language:C1579037

• KTH-LangSec/server-side-prototype-pollution

  A collection of Server-Side Prototype Pollution gadgets and exploits

  Language:JavaScript1245211

• z3n70/Frida-Script-Runner

  Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.

  Language:JavaScript1144131

• JSREI/js-xhr-monitor-debugger-hook

  ajax请求加密逆向神器：监控可视化、Hook打断点

  Language:JavaScript8112