A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Adversary Emulation Framework

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

A list of interesting payloads, tips and tricks for bug bounty hunters.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

渗透测试常规操作记录

Collections of tools and methods created to aid in OSINT collection

自动整合全网Nuclei的漏洞POC，实时同步更新最新POC！

各种漏洞poc、Exp的收集或编写

自己学习java安全的一些总结，主要是安全审计相关

A fast tool to scan CRLF vulnerability written in Go

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

这个仓库收集了所有在 GitHub 上能找到的 CVE 漏洞利用工具。 This repository collects all CVE exploits found on GitHub.

Global Security Database

🎈 B站用户数据报告（Web App）

用于渗透测试和红队基础设施建设的 payload 和 bypass 字典。A list of payload and bypass lists for penetration and red team infrastructure build.

基于selenium实现台湾公司详细信息爬取