hcjcn's starred repositories
jjjjjjjjjjjjjs
爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应
vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
dev-sidecar
开发者边车,github打不开,github加速,git clone加速,git release下载加速,stackoverflow加速
PasswordDic
渗透测试常用密码字典合集(持续更新)
autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
BurpExtend
基于Burp插件开发打造渗透测试自动化
JS-Forward
前端参数加密渗透测试通用解决方案
slacking-off-tools
上班摸鱼工具集
Share-SSR-V2ray
机场推荐/SSR V2ray节点订阅机场/镜像直连/工具推荐
google-access-helper2022
google-access-helper谷歌访问助手2021全版本合集,访问谷歌商店,谷歌搜索,谷歌地图等...
SwitchHosts
Switch hosts quickly!
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
SqlMap-GUI
A SqlMap GUI
JSP-WebShells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
OneListForAll
Rockyou for web fuzzing
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
woodpecker-framework-release
高危漏洞精准检测与深度利用框架