Beast code in Giters

HeiChat's starred repositories

BlackDex

BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.

Language:C++Apache-2.0555500

Python-100-Days

Python - 100天从新手到大师

Language:Python15310600

CVEs

A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

Language:PythonBSD-3-Clause78400

Summit_PPT

各种安全大会PPT PDF

Language:Ruby91700

App_Security

55600

PocList

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE

Language:Java107900

poor

A demo of pay face-to-face with Alipay

Language:PHPApache-2.04600

log4j-shell-poc

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

Language:PythonMIT177500

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPMIT5578600

fuzzDicts

Web Pentesting Fuzz 字典,一个就够了。

Language:Python726100

ShiroScan

Shiro<=1.2.4反序列化，一键检测工具

Language:Python95700

ShiroScan

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

Language:Java76600

JavaTools

一些Java编写的小工具。

29200

linux-kernel-exploits

linux-kernel-exploits Linux平台提权漏洞集合

Language:CMIT518800

Micro8

Gitbook

1802000

dnspop

Analysis of DNS records to find popular trends

Language:ShellMIT43800

404StarLink-Project

Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink)

80200

ksubdomain

无状态子域名爆破工具

Language:GoMIT218100

discuz.ml

Language:PHP100

ctf-wiki

Come and join us, we need you!

Language:PythonNOASSERTION788900

K8CScan

K8Ladon大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Language:PythonMIT119500