zhl2008's Stars
fatedier/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
mitmproxy/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
AlessandroZ/LaZagne
Credentials recovery project
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
n1nj4sec/pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
offensive-security/exploitdb
The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
SecWiki/sec-chart
安全思维导图集合
AhMyth/AhMyth-Android-RAT
Android Remote Administration Tool
Marten4n6/EvilOSX
An evil RAT (Remote Administration Tool) for macOS / OS X.
bytecode77/r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
bdamele/icmpsh
Simple reverse ICMP shell
mandatoryprogrammer/CursedChrome
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
gianlucaborello/libprocesshider
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
fengzhizi715/NetDiscovery
NetDiscovery 是一款基于 Vert.x、RxJava 2 等框架实现的通用爬虫框架/中间件。
graniet/chromebackdoor
Chromebackdoor is a PoC of pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malicious extension or script on most popular browsers, and send all DOM datas on command and control.
offensive-security/exploitdb-papers
The legacy Exploit Database paper repository - New repo located at https://gitlab.com/exploit-database/exploitdb-papers
threedr3am/gadgetinspector
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
tavenli/port-forward
Go语言开发的端口转发工具 for port data forward (TavenLi)
Scribery/tlog
Terminal I/O logger
baidu-security/app-env-docker
基于 Docker 的真实应用测试环境
fengzhizi715/user-agent-list
常用浏览器的user-agent列表
t57root/pwnginx
Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
MagicZer0/fastjson-rce-exploit
exploit for fastjson remote code execution vulnerability
Flameeyes/modsec-flameeyes
Flameeyes's Ruleset for ModSecurity
olivo/TaintPHP
Taint Analysis for PHP
c26root/TWeb
3gstudent/LaZagne
Credentials recovery project
diemori/anti-crawler
Anti Distributed Crawler
zhl2008/anti-crawler
Haozigege's Master degree thesis project for crawler detection and crawler exploit