Accurately Locate Smartphones using Social Engineering

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Phishing Tool & Information Collector

nodejsscan is a static security code scanner for Node.js applications.

CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues

Stuff about it-security that might be good to know

定时任务管理器

Fermion, an electron wrapper for Frida & Monaco.

Web漏洞演练平台

分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform

Pwnable|Web Security|Cryptography CTF-style challenges

OpenDNS Data Visualization Framework

Lab for exploring SSRF vulnerabilities

a .js scanner, built in php. designed to scrape urls and other info

My CTF Challenges

Damn Vulnerable Cloud Application

Darknet Osint Graph Explorer

一个Web版的docker管理程序，可以用来运行各种docker漏洞环境和CTF环境。

CapFuzz - capture, fuzz & intercept web traffic.

SubdomainDB is a simple self-hosted API that allows you to maintain your own subdomain database.

A developer tool panel that helps pen-testers to perform manual web security testing inside their browser. This addon is writed in webextension and alternatives to the XUL version of original Hackbar.

[FOS:RASP-PHP] PHP Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)

What-Security Home Page

自留地·知识库第一版