SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig, and Symfony

ShowDoc is a tool greatly applicable for an IT team to share documents online一个非常适合IT团队的在线API文档、技术文档工具

AV 电影管理系统， avmoo , javbus , javlibrary 爬虫，线上 AV 影片图书馆，AV 磁力链接数据库，Japanese Adult Video Library,Adult Video Magnet Links - Japanese Adult Video Database

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

一个好玩的Web安全-漏洞测试平台

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

AWSGoat : A Damn Vulnerable AWS Infrastructure

构建优化高效的渗透 fuzz 字典合集

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

Pwn stuff.

AoiAWD-专为比赛设计，便携性好，低权限运行的EDR系统。

Various webshells. We accept pull requests for additions to this collection.

PHP Secure Configuration Checker

针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具

OpenSource Poc && Vulnerable-Target Storage Box.

记录自己写的工具和学习笔记

a simple tool to detect potential security threat in php code

PHP后台管理系统

Target practice for ffuf

WordPress win10exp主题

Web App Pen Tester (Web Interface)

向TSRC投稿的文章，对应的pdf，代码和思维导图