Lord Leonardo's repositories
WebFuzzList
用于Web安全测试的字典
ListenTinel
Web服务器日志分析工具
seek_ransomware
这是一个处于教育和演示目的的勒索软件demo
vpnmonitor
该工具用于检测vpn流量使用情况
google_hacker_est
根据google hack语法,获取大量目标,然后批量验证漏洞存在与否的工具
python-cheatsheet
Comprehensive Python Cheatsheet
single_xss
这是一个单纯对参数进行xss检测的工具,没有爬虫功能! 没有爬虫功能! 没有爬虫功能!
AngelSword
Python3编写的CMS漏洞检测框架
bigblackhat.github.io
jijJIJUEue-blBLOGog
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
gasoline
一个web压力测试工具
GSIL
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
huxpro.github.io
My Blog / Jekyll Themes / PWA
jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
JustTest
it's a test
redis-rogue-getshell
redis 4.x/5.x master/slave getshell module
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
top-500-username
看见一个top 500的用户名字典,觉得还可以,因为是中文,所以搞了了很low的脚本转换一下。
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.