dabeike

google-hacking

a short script helps to search a pacific keyword when you can't google it directly

http_put_shell

upload shell using http put/copy/move method

waf

A simplified waf based on NodeJS. It's works in university period.

auto_post_extension

For dzw

NoSQLMap

Automated Mongo database and NoSQL web application exploitation tool

1000php

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

2018-JData-Unicom-RiskUser

2018-JData-联通-基于移动网络通讯行为的风险用户识别：Baseline 0.77

Beebeeto-framework

Beebeeto FrameWork

Benchmarks

常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器，安卓、IOS、云的安全配置 For benchmarks.cisecurity.org

bypass_disablefunc_via_LD_PRELOAD

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

dabeike.github.io

blog

DeTTECT

Detect Tactics, Techniques & Combat Threats

Hacker-Analysis

hacker and bugs analysis,using echarts、python

js-vuln-db

A collection of JavaScript engine CVEs with PoCs

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

maupassant-hexo

maupassant Hexo版简洁博客主题，求个star

MemShellDemo

memshell demo for java and php

mobileRiskUser

基于移动网络通讯行为的风险用户识别

PassiveDataSorting

自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费

red_team_tool_countermeasures

snuck

Automatic XSS filter bypass

sslyze

Fast and full-featured SSL scanner.

subdomain-takeover

SubDomain TakeOver Scanner by 0x94

subDomainsBrute

A simple and fast sub domain brute tool for pentesters

thc-hydra

hydra

tplmap

Automatic Server-Side Template Injection Detection and Exploitation Tool

weakfilescan

动态多线程敏感信息泄露检测工具

wooyun_public

乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

wpscan

WPScan is a black box WordPress vulnerability scanner.

yulong-hids

一款由 YSRC 开源的主机入侵检测系统