RainClown's repositories
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Code-Audit-Challenges
Code-Audit-Challenges
ds_store_exp
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
ESD
Enumeration sub domains(枚举子域名)
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
grocery-shop
Personal project
hack-requests
The hack-requests is an http network library for hackers
hello-world
Just a begin
process-inject
在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
sites-using-cloudflare
:broken_heart: Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement.
sqli-labs
SQLI labs to test error based, Blind boolean based, Time based.
SRC-script
挖掘src常用脚本
SuperWordlist
基于实战沉淀下的各种弱口令字典
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Web-Security-Attack
Web安全相关内容
yaml-payload
A tiny project for generating SnakeYAML deserialization payloads