Stevie Phan's repositories
ExtAnalysis
Browser Extension Analysis Framework
Fuzzing-Dictionary
Fuzzing Collection for Web Application
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
albatar
Albatar is a SQLi exploitation framework in Python
AWS-Cloud-Security
This Repo for Cloud Security
aws-container-devsecops-workshop
This workshop is designed to help attendees understand the security concerns of container images and learn how to create a devsecops pipeline for securely building and releasing images.
blackhat-go
As hackers, we put a premium on function over elegance as time is always scarce. When you need to quickly create a solution to a problem, style concerns come secondary.
Blisqy
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Bug-Bounty-Toolz
BBT - Bug Bounty Tools
Caidao-AES-Version
一个Burp插件,实现用AES算法透明加密原版菜刀Caidao.exe与服务器端交互的http数据流
drinkteawithstevie
Drink tea like Stevie
ghsec-jaeles-signatures
Signatures for jaeles scanner by @j3ssie
hetty
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
HiveNightmare
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11
JCE
JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
JitDasm
Disassemble jitted .NET methods
prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
recon-basic
Basic Recon Subdomain
researching
Blockchain Handbook
security-solution
Saved script and automation tools for Security Solution
SqliRegex
Sqli Error regex
ssh-mitm
ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
tungphan.github.com
Github Pages
Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,弱口令探测,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
Wazuh
Tips , Optimaze for Wazuh
webshell
This is a webshell open source project