Starred repositories
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
FASTJSON 2.0.x has been released, faster and more secure, recommend you upgrade.
An enterprise friendly way of detecting and preventing secrets in code.
资产端口实时监控系统,支持1-65525端口 7*24小时实时监控 ,支持异常发送邮件,邮箱hacker9090@126.com,作者:秋某人的傻逼[熊猫爱皮卡丘]
Proxy_Pool(代理资源池),一个小巧的代理ip抓取+评估+存储+展示的一体化的工具,包括了web展示和接口。
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform…
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
Tool for checking Whether a domain or its multiple sub-domains are up and running.
洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
Six Degrees of Domain Admin
快速搭建各种漏洞环境(Various vulnerability environment)
Execute DLL via the Excel.Application object's RegisterXLL() method
A python3 program to filter Burp Suite log file.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
AndroidHttpCapture网络诊断工具 是一款Android手机抓包软件 主要功能包括:手机端抓包、PING/DNS/TraceRoute诊断、抓包HAR数据上传分享。你也可以看成是Android版的"Fiddler" \(^o^)/~
JumpServer is an open-source Privileged Access Management (PAM) platform that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints…
A little tool to play with Windows security