acatcannotlaugh

160-Crackme

对160个Crackme的详细分析记录

403fuzzer

Fuzz 403/401ing endpoints for bypasses

acefile

read/test/extract ACE 1.0 and 2.0 archives in pure python

BurpExtender

cobalt-strike

Resources About Cobalt Strike. 100+ Tools And 200+ Posts.

CVE-2019-0708-PoC-Hitting-Path

It's only hitting vulnerable path in termdd.sys!!! NOT DOS

E-cology-WorkflowServiceXml-

泛微OA /services%20/WorkflowServiceXml的反序列化调整

easyXssPayload

XssPayload List . Usage:

Emergency-Response-Notes

应急响应实战笔记，一个安全工程师的自我修养。

exploits

Pwn stuff.

exploits-1

JSFinder

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

jsinfo-scan

jsinfo-scan简单改版，增加了swagger、druid目录扫描和手机号、身份证号敏感信息匹配

kernel-exploits

Various kernel exploits

linux-kernel-exploits

linux-kernel-exploits Linux平台提权漏洞集合

lxhToolHTTPDecrypt

HTTPDecrypt

Micro8

MYSQL_SQL_BYPASS_WIKI

mysql注入,bypass的一些心得

ParamSpider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

penetration

渗透 超全面的渗透资料💯 包含：0day，xss，sql注入，提权……

Scanners-Box

安全从业人员常用开源工具资料合集

Shiro_exploit

Apache Shiro 反序列化漏洞检测与利用工具

SuperWordlist

基于实战沉淀下的各种弱口令字典

tilde_enum

Takes a URL and checks the system for the tilde enum vuln and then find the files.

tools

vulnerability-paper

收集的文章

webshell

This is a webshell open source project

WebShell-1

Webshell && Backdoor Collection

xss.js

xss