Deadpoo3

Romanov's starred repositories

ant-application-security-testing-benchmark

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

Language:JavaApache-2.030100

PNG-IDAT-Payload-Generator

Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)

Language:Python19400

cpg-neo4j

Neo4J visualisation tool for the Code Property Graph

1400

cpg

A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.

Language:KotlinApache-2.027000

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Language:HTMLApache-2.0648100

marshalsec

Language:JavaMIT334100

JNDI-Injection-Exploit

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Language:JavaMIT254300

learnjavabug

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Language:JavaMIT257700

cloud_native_security_test_case

🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]

Language:Shell7900

masnmapscan-V1.0

一款用于资产探测的端口扫描工具。整合了masscan和nmap两款扫描器，masscan扫描端口，nmap扫描端口对应服务，二者结合起来实现了又快又好地扫描。

Language:Python77000

PowerTools

Veil's PowerTools are a collection of PowerShell projects with a focus on offensive operations.

Language:PowerShellNOASSERTION9800

Depix

Recovers passwords from pixelized screenshots

Language:PythonNOASSERTION2574300

Cardinal

CTF🚩 AWD (Attack with Defense) 线下赛平台 / AWD platform - 欢迎 Star~ ✨

Language:GoAGPL-3.089100

webrtc-ips

Demo: https://diafygi.github.io/webrtc-ips/

Language:HTMLMIT343500

dns-rebinding-tool

dns rebind tool with custom scripts

Language:JavaScript7400

DnslogSqlinj

Language:Python17800

DNSLog

DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。

Language:Python140700

scrabble

Simple tool to recover .git folder from remote server

Language:ShellMIT41300

TideFinger

TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。

Language:Python190200

weblogger

针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具

Language:PHP69700

pcap-search

Language:Python5400

TPscan

一键ThinkPHP漏洞检测

Language:Python109600

web-log-parser

An open source analysis web log tool

Language:HTML42300

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT1733900

azazel

Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.

Language:CGPL-2.077000

Mirai-Source-Code

Leaked Mirai Source Code for Research/IoC Development Purposes

Language:CGPL-3.0844100

iTerm2-Color-Schemes

Over 250 terminal color schemes/themes for iTerm/iTerm2. Includes ports to Terminal, Konsole, PuTTY, Xresources, XRDB, Remmina, Termite, XFCE, Tilda, FreeBSD VT, Terminator, Kitty, MobaXterm, LXTerminal, Microsoft's Windows Terminal, Visual Studio, Alacritty

Language:ShellNOASSERTION2457700