w4n95 Goto Github PK
Name: w4n95
Type: User
w4n95's Projects
redteam_blueteam_hw
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
rotateproxy
利用fofa搜索socks5开放代理进行代理池轮切的工具
saidict
弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
sbscan
SBSCAN是一款专注于spring框架的渗透测试工具,可以对指定站点进行spring boot敏感信息扫描以及进行spring相关漏洞的扫描与验证。 (SBSCAN is a penetration testing tool focused on the spring framework that can scan spring boot sensitive information for specified sites and scan and validate spring related vulnerabilities.)
scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。 原理:https://mp.weixin.qq.com/s/U_llBwC05vb84U9wb8NZog
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
sec-note
记录安全方面的笔记/工具/漏洞合集
sec-tool-list
More than 21K security related open source tools, sorted by star count. Both in markdown and json format.
secexample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
security-ppt
Security-related Slide Presentation(大安全各领域各公司各会议分享的PPT)
securityservicebox
一个既可以满足安服仔日常渗透工作也可以批量刷洞的工具盒子。集合了常见的域名收集、目录扫描、ip扫描、指纹扫描、PoC验证等常用工具,方便安服仔快速展开渗透测试
serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
shelling
SHELLING - a comprehensive OS command injection payload generator
shiroandfastjson
shiro加fastjson环境
springbootvulexploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
sublist3r
Fast subdomains enumeration tool for penetration testers
sunloginrce
向日葵RCE,网段扫描/中文显示
swallow
代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema
sylas
数据库综合利用工具
systemsecurity-reverseanalysis
该资源为系统安全和逆向分析实验,包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本,基础性文章,希望对您有所帮助~
tabby
A CAT called tabby ( Code Analysis Tool )
teemo
A Domain Name & Email Address Collection Tool
teler
Real-time HTTP Intrusion Detection
threat_hunting_with_elk
天御攻防实验室 - 威胁猎杀实战系列
tomcatmemshell
拿来即用的Tomcat7/8/9/10版本Listener/Filter/Servlet内存马,支持注入CMD内存马和冰蝎内存马
trackattacker
TrackAttacker | 追踪攻击者工具 | HW蓝队 | 溯源必备
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
tscanplus
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
tsojanscan
一个集成的BurpSuite漏洞探测插件
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.