Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file upload…
PHP Static Analysis Tool - discover bugs in your code without running it!
ShowDoc is a tool greatly applicable for an IT team to share documents online一个非常适合IT团队的在线API文档、技术文档工具
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
[DEPRECATED -- Use Symfony instead] The PHP micro-framework based on the Symfony Components
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
A single page file explorer that can be hosted on static website. 吾爱破解论坛 爱盘 https://down.52pojie.cn/ 页面的源代码
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
High performance HTTP proxy originally written by your friends at Lantern and now maintained by a stellar group of volunteer open source programmers.
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
PHP frontend for security.symfony.com
Browser sniffing gone too far — A useragent parser library for PHP