diguaranran's repositories
sqlmap-gui
基于SQLmap工具进行汉化,并提供GUI界面
APKDeepLens
Android security insights in full spectrum.
SafeLine
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。
flare-ida
IDA Pro utilities from FLARE team
WebGoat
WebGoat is a deliberately insecure application
autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
FridaContainer
FridaContainer 整合了网上流行的和自己编写的常用的 frida 脚本,为逆向工作提效之用。 frida 脚本模块化,Java & Jni Trace。
dvja
Damn Vulnerable Java (EE) Application
qark
Tool to look for several security related Android application vulnerabilities
Damn-Vulnerable-Bank
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
r0capture
安卓应用层抓包通杀脚本
w5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
findcrypt-yara
IDA pro plugin to find crypto constants (and more)
camille
基于Frida的Android App隐私合规检测辅助工具
Damn_Vulnerable_C_Program
An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
HIKVISION_iSecure_Center-RCE
HIKVISION iSecure Center RCE 海康威视综合安防管理平台任意文件上传 POC&EXP(一键getshell)
diva-android
DIVA Android - Damn Insecure and vulnerable App for Android
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
sqlmap
Automatic SQL injection and database takeover tool
apkleaks
Scanning APK file for URIs, endpoints & secrets.
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
IDOR_detect_tool
一款API水平越权漏洞检测工具
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
dpia
GDPR个人数据合规评估
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
NsePocsuite-lua
网络摄像头漏洞检测脚本.Nmap (Nse Nmap script engine)