A PHP parser written in PHP

This is a webshell open source project

SQLI labs to test error based, Blind boolean based, Time based.

This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

一个想帮你总结所有类型的上传漏洞的靶场

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

A single page file explorer that can be hosted on static website. 吾爱破解论坛 爱盘 https://down.52pojie.cn/ 页面的源代码

A collection of PHP backdoors. For educational or testing purposes only.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

Webshell && Backdoor Collection

一个关于PHP的代码审计项目

Pwn stuff.

Cacti ™

CMS漏洞测试用例集合

PHP代码审计分段讲解

一个各种方式突破Disable_functions达到命令执行的shell

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

OpenSource Poc && Vulnerable-Target Storage Box.

MASSCAN Web UI

Clone of svn repository of http://insecurety.net/projects/web-malware/ project

网站目录

Windows杀软在线对比辅助

跟踪真实漏洞相关靶场环境搭建

A PHP-based sandboxing library with a full suite of configuration and validation options.

此项目不再维护，推荐使用AdGuard Home来替代。

利用XSS入侵内网(Use XSS automation Invade intranet)