Beast code in Giters

neo's starred repositories

http-server

a simple zero-configuration command-line http server

Language:JavaScriptMIT1358900

awesome-google-vrp-writeups

🐛 A list of writeups from the Google VRP Bug Bounty program

Language:Python113100

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

Language:PowerShellBSD-3-Clause329500

frida-snippets

Hand-crafted Frida examples

Language:JavaScript226500

Juggler

A system that may trick hackers. 针对黑客的拟态欺骗系统。

Language:GoApache-2.043700

yaml-payload

Spring Cloud SnakeYAML 反序列化一键注入cmdshell和reGeorg

Language:Java12900

7kbscan-WebPathBrute

7kbscan-WebPathBrute Web路径暴力探测工具

131200

APT_Digital_Weapon

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

GPL-3.088500

BurpFastJsonScan

一款基于BurpSuite的被动式FastJson检测插件

Language:Java112600

HaE

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

Language:JavaApache-2.0298000

domainNamePredictor

一个简单的现代化公司域名使用规律预测及生成工具

Language:Python37700

31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

209600

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

431600

cnblogs-theme-silence

📖 一款专注于阅读的博客园主题

Language:HTMLMIT202600

JSFinder

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

Language:Python259900

BugBounty

RepoToStoreBugBountyInfo

Language:CSS26700

Pentest_Note

渗透测试常规操作记录

366700

fileleak

又一款敏感文件泄漏检测工具

10600

common-regex

:jack_o_lantern: 常用正则表达式 - 收集一些在平时项目开发中经常用到的正则表达式。

MIT308100

fuxi

Penetration Testing Platform

Language:PythonMIT133400

redtool

日常积累的一些红队工具及自己写的脚本，更偏向于一些diy的好用的工具，并不是一些比较常用的msf/awvs/xray这种

Language:Shell135500

Learn-Web-Hacking

Study Notes For Web Hacking / Web安全学习笔记

Language:PythonCC0-1.0456300

wso-webshell

🕹 wso php webshell

Language:PHPMIT34300

BBTz

BBT - Bug Bounty Tools (examples💡)

Language:Python169900

xsshunter

The XSS Hunter service - a portable version of XSSHunter.com

Language:JavaScriptMIT147700

Mars

Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等

Language:Ruby123300

Spring-Boot-Actuator-Exploit

Spring Boot Actuator (jolokia) XXE/RCE

Language:Java31800

Violation_Pnetest

渗透红线Checklist

43800

webshell-detect-bypass

绕过专业工具检测的Webshell研究文章和免杀的Webshell

Language:Classic ASP168100

AppInfoScanner

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Language:PythonGPL-3.0313300