diguaranran's repositories
APKDeepLens
Android security insights in full spectrum.
apkleaks
Scanning APK file for URIs, endpoints & secrets.
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
camille
基于Frida的Android App隐私合规检测辅助工具
Damn-Vulnerable-Bank
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Damn_Vulnerable_C_Program
An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
diva-android
DIVA Android - Damn Insecure and vulnerable App for Android
dpia
GDPR个人数据合规评估
dvja
Damn Vulnerable Java (EE) Application
findcrypt-yara
IDA pro plugin to find crypto constants (and more)
flare-ida
IDA Pro utilities from FLARE team
FridaContainer
FridaContainer 整合了网上流行的和自己编写的常用的 frida 脚本,为逆向工作提效之用。 frida 脚本模块化,Java & Jni Trace。
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
HIKVISION_iSecure_Center-RCE
HIKVISION iSecure Center RCE 海康威视综合安防管理平台任意文件上传 POC&EXP(一键getshell)
IDOR_detect_tool
一款API水平越权漏洞检测工具
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
NsePocsuite-lua
网络摄像头漏洞检测脚本.Nmap (Nse Nmap script engine)
qark
Tool to look for several security related Android application vulnerabilities
r0capture
安卓应用层抓包通杀脚本
SafeLine
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
sqlmap
Automatic SQL injection and database takeover tool
sqlmap-gui
基于SQLmap工具进行汉化,并提供GUI界面
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
w5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
WebGoat
WebGoat is a deliberately insecure application
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档