ziduhuihai

ziduhuihai's Stars

• SonarSource/sonarqube

  Continuous Inspection

  Language:Java9.1k32902k

• wpscanteam/wpscan

  WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

  Language:Ruby8.6k2681.4k1.3k

• github/codeql

  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  Language:CodeQL7.7k2362.3k1.5k

• PyCQA/bandit

  Bandit is a tool designed to find common security issues in Python code.

  Language:Python6.5k66650607

• rtcatc/Packer-Fuzzer

  Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

  Language:Python2.9k3088292

• obheda12/GitDorker

  A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

  Language:Python2.3k6737419

• m4ll0k/SecretFinder

  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

  Language:Python2k4770375

• shmilylty/netspy

  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

  Language:Go2k1912212

• arthaud/git-dumper

  A tool to dump a git repository from a website

  Language:Python1.9k1925253

• 0xHJK/dumpall

  一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

  Language:Python1.4k1720144

• wyzxxz/heapdump_tool

  heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等

  1.3k1315139

• lijiejie/swagger-exp

  A Swagger API Exploit

  Language:JavaScript1.2k1917128

• UzJu/Cloud-Bucket-Leak-Detection-Tools

  六大云存储，泄露利用检测工具

  Language:Python1.1k1816138

• dionach/CMSmap

  CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

  Language:Python1k2729253

• jayus0821/swagger-hack

  自动化爬取并自动测试所有swagger接口

  Language:Python9601313104

• n00py/WPForce

  Wordpress Attack Suite

  Language:Python9395022221

• Ice3man543/SubOver

  A Powerful Subdomain Takeover Tool

  Language:Go9312831200

• KathanP19/JSFScan.sh

  Automation for javascript recon in bug bounty.

  Language:Shell9001733165

• nccgroup/VCG

  VisualCodeGrepper - Code security scanning tool.

  Language:Visual Basic .NET5294119115

• xinyu2428/TDOA_RCE

  通达OA综合利用工具

  Language:Java47511471

• zsdlove/Hades

  Static code auditing system

  Language:Python460128101

• zangcc/Aazhen-RexHa

  自研JavaFX图形化漏洞扫描工具，支持扫描的漏洞分别是： ThinkPHP-2.x-RCE， ThinkPHP-5.0.23-RCE， ThinkPHP5.0.x-5.0.23通杀RCE， ThinkPHP5-SQL注入&敏感信息泄露， ThinkPHP 3.x 日志泄露NO.1， ThinkPHP 3.x 日志泄露NO.2， ThinkPHP 5.x 数据库信息泄露的漏洞检测，以及批量检测的功能。漏洞POC基本适用ThinkPHP全版本漏洞。

  45371159

• Summer177/seeyon_exp

  致远OA综合利用工具

  Language:Python3866369

• ripsscanner/rips

  RIPS - A static source code analyser for vulnerabilities in PHP scripts

  Language:PHP34731261

• c1y2m3/ATAttack

  敌后侦察

  Language:Python2339337

• linshaoSec/SeeyonExploit-GUI

  致远OA综合利用工具

  2236043

• Y0-kan/HostInfoScan

  红队小工具 | 利用DCERPC协议，无需认证获取Windows机器主机信息和多网卡信息

  Language:Python421011

• dwagon/Hostinfo

  Host Information Database for Unix Sysadmins

  Language:Python103534

• code-star/sbt-findsecbugs

  An SBT plugin for FindSecurityBugs

  Language:Scala75146

• attacker-codeninja/wprecon

  Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.

  Language:Go10049