Hacker-One's repositories
PHP-Audit-Labs
一个关于PHP的代码审计项目
fastjson_rce_tool
fastjson_rce工具,不用搭建HTTP服务,不受JDK版本限制
SuperWordlist
基于实战沉淀下的各种弱口令字典
LangSrcCurise
SRC子域名资产监控
collection-document
Collection of quality safety articles
CS-checklist
PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penestration checklist
CVE-2019-11043
(PoC) Python version of CVE-2019-11043 exploit by neex
CVE-2019-7609
exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
fastjson-1.2.60-rce
autoType enable
GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
JDSRC-Small-Classroom
京东SRC小课堂系列文章
jumpserver
Jumpserver是全球首款完全开源的堡垒机,是符合 4A 的专业运维审计系统。
nps
一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
reverse-shell
Reverse Shell as a Service
seecode-scanner
SeeCode Scanner 扫描引擎
shiro-550-with-NoCC
奇安信北京攻防团队: Shiro-550 不依赖CC链利用工具
Sn1per
Automated pentest framework for offensive security experts
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
wordpress-exploit-framework
A Ruby framework designed to aid in the penetration testing of WordPress systems.
wpscan
WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
xray-crack
xray社区高级版证书生成,仅供学习研究,正常使用请支持正版