huangzccn's repositories
dronesploit
Drone pentesting framework console
SaiDict
弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
burp-javascript-security-extension
A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates JavaScript resources against threat intelligence data.
isf
ISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
Github-Monitor
Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
ctf-wscan
为ctf而生的web扫描器
dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
x-patrol
github泄露扫描系统
F-NAScan-PLUS
F-NAScan-PLUS 安服资产搜集
chunked-coding-converter
Burp suite 分块传输辅助插件
PoCBox
PoCBox - Vulnerability Test Aid Platform
abu
阿布量化交易系统(股票,期权,期货,比特币,机器学习) 基于python的开源量化交易,量化投资架构
xwaf
Automatic bypass (brute force) waf
Struts2-Scan
Struts2全漏洞扫描利用工具
BaiLu-SED-Tool
白鹿社工字典生成器,灵活与易用兼顾。
ATT-CK-CN
ATT&CK实操
RedTeam-BCS
BCS(北京网络安全大会)2019 红队行动会议重点内容
Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
xss_payloads
Exploitation for XSS
WeblogicScanLot
WeblogicScanLot系列,Weblogic漏洞批量检测工具,V2.2
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
web-sec-interview
Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
PmWebDirScan
多线程的web目录扫描工具
LayerDomainFinder
Layer子域名挖掘机
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
Taie-RedTeam-OS
泰阿安全实验室-基于XUbuntu私人订制的红蓝对抗渗透操作系统
AwesomeXSS
Awesome XSS stuff
DoraBox
DoraBox - Basic Web Vulnerability Training
BloodHound
Six Degrees of Domain Admin
Mobile-Security-Framework-MobSF
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.