doanhnhq's repositories
AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
AutoRDPwn
The Shadow Attack Framework
Bug-Bounty-Toolz
BBT - Bug Bounty Tools
BurpBountyPlus
BurpBounty 魔改版本
BurpSuitePro-2.1
什么? 你想用免费的BurpSuitePro版本!!!
chaos-public-program-list
Source for bug bounty programs available on Chaos website.
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
CVE-2020-1472
Test tool for CVE-2020-1472
dalfox
DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
design-resources-for-developers
Curated list of design and UI resources from stock photos, web templates, CSS frameworks, UI libraries, tools and much more
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Github-Monitor
Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
HowToHunt
Some Tutorials and Things to Do while Hunting That Vulnerability.
injection
Windows process injection methods
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
ParamSpider
Mining parameters from dark corners of Web Archives
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
posta
🐙 Cross-document Messaging security research tool
QuasarRAT
Remote Administration Tool for Windows
rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
SonarSearch
A MongoDB importer and API for Project Sonars DNS datasets
static-analysis
Static analysis tools for all programming languages, build tools, config files and more.
SwiftnessX
A cross-platform note-taking & target-tracking app for penetration testers.
vulfocus
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。