aa2288207

altdns

Generates permutations, alterations and mutations of subdomains and then resolves them

antSword

【**蚁剑】一款跨平台的开源网站管理工具 // AntSword is a cross platform website management tools.

BadTunnel_exp

Usage: python badtunnel.py wpad_server_ip

BadUSB-code

收集badusb的一些利用方式及代码

cobra

Cobra（眼镜蛇） - Static code security scanner & analyser (白盒代码安全扫描与分析系统)

dede_exp_collect

collection dedecms exp use pocsuite framework 收集织梦的一些漏洞，并用pocsuite框架写出利用程序。打造一键日dede

Dionaea

基于Docker的蜜罐系统

Dockerfile-BaseImage

一些常用的Docker基础镜像

EQGRP-Free-Files

EQGRP-Free-Files here.,

fluxion

Fluxion is a easy to use wifi cracker, to test your own network

Fox-scan

Fox-scan is a initiative and passive SQL Injection vulnerable Test tools.

Go_Struts2

一款Python 3编写的Struts2安全检测集成工具

GourdScanV2

被动式漏洞扫描系统

handbook

这里放置我的笔记、搜集、摘录、实践，不保证正确。

jexboss

JexBoss: Jboss verify and EXploitation Tool

lfi-labs

small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns

libQtShadowsocks

A lightweight and ultra-fast shadowsocks library written in C++/Qt

mysql-tutorial

MySQL入门教程（MySQL tutorial book）

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

public-pentesting-reports

Curated list of public penetration testing reports released by several consulting firms

Python

Scanners-Box

[Project-Kob-6]The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合集👻

scrapy_doc_chs

scrapy中文翻译文档

sqlite-lab

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

sqlmap4burp

sqlmap embed in burpsuite

toolforspider

a new spider based on python with more function including Network fingerprint search

tools

一些实用的python脚本

wooyun_public

乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

xunfeng

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

XX-Net

a web proxy tool