daybreak's starred repositories
superSearchPlus
superSearchPlus是聚合型信息收集插件,支持综合查询,资产测绘查询,信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。
icp-domains
输入一个域名,输出ICP备案所有关联域名
OpenSCA-cli
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
sweetPotato
基于burpsuite的资产分析工具
SharpWxDump
微信客户端取证,可获取用户个人信息(昵称/账号/手机/邮箱/数据库密钥(用来解密聊天记录));支持获取多用户信息,不定期更新新版本偏移,目前支持所有新版本、正式版本
FastjsonScan
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
Fuzzing-Dicts
Web Security Dictionary
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
nju-software-analysis-homework
南京大学《软件分析》课程课后作业(非Bamboo) NJU's software analysis homework; ... Not official, just a reference
Z1-AggressorScripts
适用于Cobalt Strike的插件
go-memexec
Run code from memory
RW_Password
此项目用来提取收集以往泄露的密码中符合条件的强弱密码
JNDI-Injection-Exploit-Plus
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
BeeScan-web
网络空间资产探测、网络测绘、Go语言、分布式、扫描、资产探测、资产测绘、红队、SRC | Cyberspace Asset Detection, Network Mapping, Go Language, Distributed, Scanning, Asset Detection, Asset Mapping, Red Team, SRC