asaotomo Goto Github PK
Type: User
Company: Hx0战队
Bio: 挑战论英雄,探索无极限
Type: User
Company: Hx0战队
Bio: 挑战论英雄,探索无极限
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
HTTP parameter discovery suite.
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
Zoneminder 未授权访问批量检测工具:ZoneMinder v1.30和v1.29捆绑的Apache HTTP Server配置中存在信息泄露和认证绕过漏洞,允许远程未认证攻击者浏览web根目录下的所有目录。
Apache 远程代码执行 (CVE-2021-42013)批量检测工具:Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点,发现 Apache HTTP Server 2.4.50 中针对 CVE-2021-41773 的修复不够充分。攻击者可以使用路径遍历攻击将 URL 映射到由类似别名的指令配置的目录之外的文件。如果这些目录之外的文件不受通常的默认配置“要求全部拒绝”的保护,则这些请求可能会成功。如果还为这些别名路径启用了 CGI 脚本,则这可能允许远程代码执行。此问题仅影响 Apache 2.4.49 和 Apache 2.4.50,而不影响更早版本。
Grafanav8.*版本任意文件读取漏洞批量检测工具:该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
FofaMap是一款基于Python3开发的跨平台FOFA API数据采集器,支持普通查询、网站存活检测、统计聚合查询、Host聚合查询、网站图标查询、批量查询等查询功能。同时FofaMap还能够自定义查询FOFA数据,并根据查询结果自动去重和筛选关键字,生成对应的Excel表格。另外春节特别版还可以调用Nuclei对FofaMap查询出来的目标进行漏洞扫描,让你在挖洞路上快人一步。
FofaMap云查询版是基于C/S架构打造的Fofa数据采集器,仅需配置好一个服务端,即可实现多个客户端同时在线查询,其客户端支持FofaMap国庆版全部功能。
[403绕过检测工具]Hx0战队定制优化,优化对HTTPS网站的检测效果。
freeGui:一款渗透测试工具的图形化管理框架,帮助构建符合自己习惯的工具链,可以自由管理类别、添加工具,同时提供随记、快速启动、进入目录等便捷操作支持。后期会慢慢补充工具到里面。
警惕 一种针对红队的新型溯源手段!
A WeChat official account crawler based on Python
程序员在家做饭方法指南。Programmer's guide about how to cook at home (Chinese only).
A next generation HTTP client for Python. 🦋
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool
Tool for port forwarding & intranet proxy
手机号字典生成器:可以根据用户需求定制化生成**各大运营商和指定区域的手机号字典,并输出为CVS文件。
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
SearchMap是一款集域名解析、IP反查域名、WHOIS查询、CDN检测、端口扫描、目录扫描、子域名挖掘为一体的前渗透测试综合信息收集工具。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.