Romanov's starred repositories
ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
PNG-IDAT-Payload-Generator
Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
cloud_native_security_test_case
🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]
masnmapscan-V1.0
一款用于资产探测的端口扫描工具。整合了masscan和nmap两款扫描器,masscan扫描端口,nmap扫描端口对应服务,二者结合起来实现了又快又好地扫描。
PowerTools
Veil's PowerTools are a collection of PowerShell projects with a focus on offensive operations.
webrtc-ips
Demo: https://diafygi.github.io/webrtc-ips/
dns-rebinding-tool
dns rebind tool with custom scripts
TideFinger
TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。
web-log-parser
An open source analysis web log tool
Mirai-Source-Code
Leaked Mirai Source Code for Research/IoC Development Purposes
iTerm2-Color-Schemes
Over 250 terminal color schemes/themes for iTerm/iTerm2. Includes ports to Terminal, Konsole, PuTTY, Xresources, XRDB, Remmina, Termite, XFCE, Tilda, FreeBSD VT, Terminator, Kitty, MobaXterm, LXTerminal, Microsoft's Windows Terminal, Visual Studio, Alacritty
kali-tools-zh
kali linux 工具使用中文说明书