blackstarkk's repositories
BurpSuite
BurpSuite using the document and some extensions
captcha-killer
burp验证码识别接口调用插件
cobra
Source Code Security Audit (源代码安全审计)
cowrie
Cowrie SSH/Telnet Honeypot http://cowrie.readthedocs.io
etacsufbo
基于 AST 变换的简易 Javascript 反混淆辅助工具
firminator_backend
The first open source vulnerability scanner for firmwares
grr
GRR Rapid Response: remote live forensics for incident response
HellRaiser
Vulnerability Scanner
invoke
Pythonic task management & command execution.
J2EEScan
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
JSVerbalExpressions
JavaScript Regular expressions made easy
malspider
Malspider is a web spidering framework that detects characteristics of web compromises.
pocscan
Will to be a niubility scan-framework
pyinstaller
Freeze (package) Python programs into stand-alone executables
pysonar2
PySonar2: an advanced semantic indexer for Python
pyspider
A Powerful Spider(Web Crawler) System in Python.
requests
A simple, yet elegant HTTP library.
Scan-T
a new crawler based on python with more function including Network fingerprint search
Scumblr
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
sec-admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
SecGen
Create randomly insecure VMs
sqli-hunter
SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
wdb
An improbable web debugger through WebSockets
WebGoat
WebGoat is a deliberately insecure application
WebGoat-Legacy
Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.