lvir0's repositories
7kbscan-WebPathBrute
7kbscan-WebPathBrute Web路径暴力探测工具
aquatone
A Tool for Domain Flyovers
AwesomeXSS
Awesome XSS stuff
BurpSuite-collections
BurpSuite收集:包括不限于 Burp 文章、破解版、插件、汉化等相关教程,欢迎添砖加瓦
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
collection-document
Collection of quality safety articles
disclose
bug-bounty-list
domain_hunter
A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名(不仅仅是单个主域名)的插件
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
git-all-secrets
A tool to capture all the git secrets by leveraging multiple open source git searching tools
gobuster
(目录、文件、dns发现工具)Directory/File, DNS and VHost busting tool written in Go
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
JDSRC-Small-Classroom
京东SRC小课堂系列文章
Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
LinkFinder
A python script that finds endpoints in JavaScript files
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
navicat-keygen
A keygen for Navicat
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pyrobots
a tool that gets all paths at robots.txt and opens it in the browser.
reCAPTCHA
reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
retire.js
(检测js漏洞库)scanner etecting the use of JavaScript libraries with known vulnerabilities
RobotsDisallowed
A curated list of the most common and most interesting robots.txt disallowed directories.
Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Security_Codes
安全开发代码归档:包括但不限于渗透测试,资产收集,大规模漏洞扫描器,网络安全相关资料文档与工具整理
SwiftnessX
A cross-platform note-taking & target-tracking app for penetration testers.
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
WeblogicScan
Weblogic一键漏洞检测工具,V1.3
wfuzz
Web application fuzzer
WhatWeb
Next generation web scanner
XSS-Payloads
List of XSS Vectors/Payloads