lanpan999

Burp-Sqlmap

Python版的Burp-Sqlmap插件

x-crack

x-crack - Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB

ArbitraryFileReadList

CTF中任意文件读取的fuzz列表 (Arbitrary file read fuzz list in CTF)

Commodity-Injection-Signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

Controls

Controls用来生成控制系统的POC

domainNamePredictor

一个简单的现代化公司域名使用规律预测及生成工具

EquityInfoer

快速获取天眼查中目标公司的股权穿透数据

examples

A repository to host examples and tutorials for Gin.

github-subdomains

Find subdomains on GitHub

go-gin-example

An example of gin

go_meterpreter

Golang实现的x86下的Meterpreter reverse tcp

gohttpproxy

Go http proxy, 一个高性能的http代理服务器,用于代理上网

hacks

A collection of hacks and one-off scripts

Hawkeye

GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)

interview

golang后端知识点总结，从各个博客、公众号收集提炼了一些知识点，希望大家一起学习进步吧，感谢开源的力量🙏

IntruderPayloads

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

ksubdomain

无状态子域名爆破工具

kuzi

LadonGo

Ladon Scanner For Golang (Full platform penetration scanner framework)LadonGo一款开源渗透扫描器框架，使用它可轻松批量探测C段、B段存活主机、指纹识别、端口扫描、密码爆破、高危漏洞检测等。1.0版本包含11个模块功能，高危漏洞检测MS17010、SmbGhost，密码爆破SmbScan、SshScan、FtpScan、MysqlScan，存活探测/信息收集/指纹识别PingScan、IcmpScan，BannerScan、WeblogicScan，端口扫描PortScan。

MorePing

A cdn detector with high speed! 基于Python 多线程+多协程实现高并发查询API接口进行多地Ping Host来确认IP的真实归属。

OSSFileTool

A small tool for file transfer using OSS in the Red Team operation

Pentest_Note

渗透测试常规操作记录

portscan-1

A simple TCP and UDP portscanner written in Go

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

smallnest

subfinder

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

tools

bugbounty tools

Violation_Pnetest

渗透红线Checklist

wappalyzer

Identify technology on websites.

webhook1