m1tang's repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
chinese-independent-blogs
中文独立博客列表
CS-checklist
PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penestration checklist
daydayEXP
支持自定义Poc文件的图形化漏洞利用工具
fastjson_rce_tool
fastjson_rce工具,不用搭建HTTP服务,不受JDK版本限制
ffuf
Fast web fuzzer written in Go
CobaltstrikeSource
Cobaltstrike4.1 Source
GZCTF
The GZ::CTF project, an open source CTF platform.
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
Introduction-to-Golang
【未来服务器端编程语言】最全空降golang资料补给包(满血战斗),包含文章,书籍,作者论文,理论分析,开源框架,云原生,大佬视频,大厂实战分享ppt
lxhToolHTTPDecrypt
Simple Android/iOS protocol analysis and utilization tool
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始Kubernetes攻防 🧐
Network-Reinstall-System-Modify
It can reinstall CentOS, Debian, Ubuntu, Windows 2003, 7, 2008R2, 2012R2, 2016, 2019 and other systems (continuously added) via the Internet, and can install any system via mounting remote network ISO.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pentest-tools
Custom pentesting tools
pulsar
Network footprint scanner platform. Discover domains and run your custom checks periodically.
risk-management-note
🧯风险控制笔记,适用于互联网企业
security_w1k1
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
Spring-Boot-Actuator-Exploit
Spring Boot Actuator (jolokia) XXE/RCE
weird_proxies
Reverse proxies cheatsheet
XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.