SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Firefly III: a personal finances manager

Damn Vulnerable Web Application (DVWA)

This is a webshell open source project

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

SQLI labs to test error based, Blind boolean based, Time based.

It counts how many times your GitHub profile has been viewed. Free cloud micro-service.

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

【Hello CTF】题目配套，免费开源的CTF入门教程，针对0基础新手编写，同时兼顾信息差的填补，对各阶段的CTFer都友好的开源教程，致力于CTF和网络安全的开源生态！

Collection of CTF Web challenges I made

A semi-interactive PHP shell compressed into a single file.

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

CrackStation.net's Lookup Table Implementation.

XBOW Validation Benchmarks

分享PHP WebShell 绕过WAF 的一些经验 Share some experience about PHP WebShell bypass WAF and Anti-AV

Web Based Command Control Framework (C2) #C2 #PostExploitation #CommandControl #RedTeam #C2Framework #PHPC2 #.NETMalware #Malware #PHPMalware #CnC #infosec #offensivesecurity #Trojan