SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

☁️ Nextcloud server, a safe home for all your data

Damn Vulnerable Web Application (DVWA)

A PHP Blogging Platform. Simple and Powerful.

This is a webshell open source project

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

☁️ ownCloud web server core (Files, DAV, etc.)

SQLI labs to test error based, Blind boolean based, Time based.

This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

一个想帮你总结所有类型的上传漏洞的靶场

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

ThinkPHP3.2 ——基于PHP5的简单快速的面向对象的PHP框架

A single page file explorer that can be hosted on static website. 吾爱破解论坛 爱盘 https://down.52pojie.cn/ 页面的源代码

A collection of PHP backdoors. For educational or testing purposes only.

Webshell && Backdoor Collection

CMS漏洞测试用例集合

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up t…

收集一些小型实用的工具

Security technique research and some funny work on it !

OWASP Broken Web Applications Project

complex webshell manager, quasi-http botnet.

Yet Another Source Code Analyzer

A web interface to automate Scanning, Generating metasploit payload, Network Testing,Exploring CMS,Information Gathering and much more

thinkphp反序列化漏洞复现及POC编写

基于 LARAVEL 打造的安全应急响应中心平台

A set of XSS vulnerable PHP scripts for testing

HRSRC是一个安全响应平台，基于SRCMS二次开发的