这个仓库收集了所有在 GitHub 上能找到的 CVE 漏洞利用工具。 This repository collects all CVE exploits found on GitHub.

自动整合全网Nuclei的漏洞POC，实时同步更新最新POC！

用于渗透测试和红队基础设施建设的 payload 和 bypass 字典。A list of payload and bypass lists for penetration and red team infrastructure build.

Global Security Database

各种漏洞poc、Exp的收集或编写

A fast tool to scan CRLF vulnerability written in Go

Collections of tools and methods created to aid in OSINT collection

Adversary Emulation Framework

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A list of interesting payloads, tips and tricks for bug bounty hunters.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

基于selenium实现台湾公司详细信息爬取

自己学习java安全的一些总结，主要是安全审计相关

渗透测试常规操作记录

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

🎈 B站用户数据报告（Web App）