ling's repositories
CommonPacketCapture
记录常见的应用抓包技术 Recording Common Application Packet Capturing Techniques
Awesome-Redteam
一个攻防知识仓库
Blind-XSS-Manager
Never forget where you inject.
BOFTools
存储练习项目,目前有GetWeChatBOF
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
ExploitPcapCollection
collect some exploit traffic pcap
FindSomething
基于chrome、firefox插件的被动式信息泄漏检测工具
freq
This is go CLI tool for send fast Multiple get HTTP request.
gf
A wrapper around grep, to help you grep for things
Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
hakrevdns
Small, fast tool for performing reverse DNS lookups en masse.
Hello_CTF-Shell
合法反弹shell一站式最廉价解决方案!!!!我VPS呢!卧槽过期了!!我要弹shell!!我一血没了!!!
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
ipwndfu
open-source jailbreaking tool for many iOS devices
jquery-ui
CVE Collection of jQuery UI XSS Payloads
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
NestFuzz
NestFuzz
nvdsearch
A National Vulnerability Database (NVD) API query tool
phone_location
手机号码归属地数据库,运营商,邮编,区号
sec-books-part1
:books: 网安类绝版图书
semgrep-rules
Semgrep rules registry
SQLiDetector
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
Storm-Breaker
Social engineering tool [Access Webcam & Microphone & Location Finder] With Python
uro
declutters url lists for crawling/pentesting
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List