yonghuXa

yonghuXa's Stars

• lenve/vhr

  微人事是一个前后端分离的人力资源管理系统，项目采用SpringBoot+Vue开发。

  Language:Java27.4k87825410.3k

• robertdavidgraham/masscan

  TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

  Language:C23.7k6505673.1k

• Tencent/secguide

  面向开发人员梳理的代码安全指南

  13.3k211511.9k

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go10.3k1554591.3k

• knownsec/404StarLink

  404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

  8.6k235154822

• projectdiscovery/httpx

  httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

  Language:Go7.8k80635844

• TheKingOfDuck/fuzzDicts

  Web Pentesting Fuzz 字典,一个就够了。

  Language:Python7.6k157102.4k

• youlookwhat/DesignPattern

  📚 Java 23种设计模式全归纳

  Language:Java4.8k72251.4k

• projectdiscovery/naabu

  A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

  Language:Go4.8k70347550

• zhzyker/exphub

  Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

  Language:Python4.1k14961.1k

• lijiejie/subDomainsBrute

  A fast sub domain brute tool for pentesters

  Language:Python3.5k116631k

• zhzyker/vulmap

  Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

  Language:Python3.4k5373572

• mbechler/marshalsec

  Language:Java3.4k6732680

• wgpsec/ENScan_GO

  一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

  Language:Go3.1k32129297

• brendan-rius/c-jwt-cracker

  JWT brute force cracker written in C

  Language:C2.4k4216258

• gh0stkey/Web-Fuzzing-Box

  Web Fuzzing Box - Web 模糊测试字典与一些Payloads

  Language:HTML2.2k331373

• HatBoy/Struts2-Scan

  Struts2全漏洞扫描利用工具

  Language:Python2.2k2432495

• insightglacier/Dictionary-Of-Pentesting

  Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

  Language:Shell1.9k472355

• LandGrey/webshell-detect-bypass

  绕过专业工具检测的Webshell研究文章和免杀的Webshell

  Language:Classic ASP1.7k482405

• evilc0deooo/PentesterSpecialDict

  构建并优化高效的渗透 Fuzz 字典，提升网络安全从业人员的渗透测试效率。

  Language:PHP1.6k351304

• lijiejie/ds_store_exp

  A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.

  Language:Python1.5k2011292

• Wh0ale/SRC-experience

  工欲善其事，必先利其器

  Language:HTML1.5k380324

• WooyunDota/DroidSSLUnpinning

  Android certificate pinning disable tools

  Language:JavaScript1.4k359342

• FeeiCN/ESD

  Enumeration sub domains(枚举子域名)

  Language:Python1.1k2661161

• Mochazz/ThinkPHP-Vuln

  关于ThinkPHP框架的历史漏洞分析集合

  1.1k215166

• 78778443/xssplatform

  一个经典的XSS渗透管理平台

  Language:PHP708928196

• ffffffff0x/BerylEnigma

  ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集，用来进行渗透测试，密码学研究，CTF和日常使用。

  Language:Java6791116101

• praetorian-inc/PortBender

  TCP Port Redirection Utility

  Language:C67784112

• tangxiaofeng7/SecExample

  JAVA 漏洞靶场 (Vulnerability Environment For Java)

  Language:HTML434112106

• Becivells/iconhash

  fofa shodan favicon.ico hash icon ico 计算器

  Language:Go1694124