- 🔭 I'm concentrating on port fingerprinting.
- 🌱 I’m currently learning front-end knowledge Vue2 and Vue3.
- 📫 My Blog: https://medasz.github.io
- 😄 I enjoy developing security tools including asset detection, vulnerability scanning, etc.
Type: User
Company: Shanghai
Bio: 三年打鱼,两年晒网
Location: Shanghai
Code samples for No Starch Press Black Hat Go
BinAbsInspector: Vulnerability Scanner for Binaries
网络资产发现、漏洞扫描
BkScanner 分布式、插件化web漏洞扫描器
《Black.Hat.Go》中文翻译
GUI based offensive penetration testing tool (Open Source)
C2/post-exploitation framework
AngularJS Bootstrap Admin Panel Framework
Bob 是一款 Mac 端翻译软件,支持划词翻译、截图翻译以及手动输入翻译。
BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience.
A Python-powered exploitation framework and botnet.
攻防演习/渗透测试资产处理小工具,对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
BYOB (Build Your Own Botnet)
**菜刀官方版本,拒绝黑吃黑,来路清晰
Automated Adversary Emulation Platform
Web Content Discovery Tool
The FLARE team's open-source tool to identify capabilities in executable files.
CaptfEncoder是一款可扩展跨平台网络安全工具套件,提供网络安全相关编码转换、古典密码、密码学、非对称加密、特殊编码、杂项等工具,并聚合各类在线工具。
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
:fire: CHAOS is a Remote Administration Tool that allow generate binaries to control remote operating systems.
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
a simple tool to detect potential security threat in php code
This program locally checks for signs of a rootkit. 'Forked' to fix false-positive for SucKIT rootkit
《Chrome插件开发全攻略》配套完整Demo,欢迎clone体验
《架构整洁之道》中文翻译
Go client and SDK for Falco
CMS漏洞测试用例集合
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.