kzaopa

kzaopa's repositories

tools

捣鼓的一些脚本。

Language:Shell300

captcha-killer-modified

captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite

Language:Java100

fscan

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Language:GoMIT100

setup-ipsec-vpn

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Language:ShellNOASSERTION100

ToolsFx

基于kotlin+tornadoFx的跨平台密码学工具箱.包含编解码,编码转换,加解密, 哈希,MAC,签名,大数运算,压缩,二维码功能,ctf等实用功能,支持插件

Language:KotlinISC100

attackRmi

000

awvs13_batch_py3

针对 AWVS扫描器开发的批量扫描脚本，支持联动xray、burp、w13scan等被动批量

Language:Python000

ctf_challenges

适用于一线安服的ctf培训题目，全docker环境一键启动

Language:PHP000

DNSlog-GO

DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具，自带WEB界面

Language:GoMIT000

fastjson-c3p0

fastjson不出网利用、c3p0

Language:Java000

godnslog

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

Language:GoApache-2.0000

henggeFish

自动化批量发送钓鱼邮件（横戈安全团队出品）

Language:Go000

ksubdomain

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

MIT000

kzaopa.github.io

Language:HTML000

Log4j2Scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

Apache-2.0000

mqtt-pwn

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

GPL-3.0000

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:PythonMIT000

QingScan

一个漏洞扫描器粘合剂；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

Language:PythonGPL-3.0000

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT000

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Language:VueNOASSERTION000

xssplatform

一个经典的XSS渗透管理平台

000

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Language:JavaMIT000