Ethancck's repositories
cloud-native-security-book
《云原生安全:攻防实践与体系构建》资料仓库
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
api-development-tools
:books: A collection of useful resources for building RESTful HTTP+JSON APIs.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
awesome-cloud-security
🛡️ Awesome Cloud Security Resources ⚔️
Blockchain-dark-forest-selfguard-handbook
Blockchain dark forest selfguard handbook. Master these, master the security of your cryptocurrency.
Bug_Bounty_writeups
BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
cherrybomb
Stop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
CodeqlNote
Codeql学习笔记
dalfox
🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
hackerone-reports
Top disclosed reports from HackerOne
kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹2000+,暴力破解协议10余种。
kube-hunter
Hunt for security weaknesses in Kubernetes clusters
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
OneListForAll
Rockyou for web fuzzing
PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
scodescanner
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.
sshd_backdoor
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
tabby
A CAT called tabby ( Code Analysis Tool )
xnLinkFinder
A python tool used to discover endpoints (and potential parameters) for a given target