Michael Cade's repositories
api_wordlist
A wordlist of API names for web application assessments
awesome_windows_logical_bugs
collect for learning cases
capital
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
chatgpt-web-midjourney-proxy
chatgpt web, midjourney, gpts,tts, whisper 一套ui全搞定
crAPI
completely ridiculous API (crAPI)
CVE-2022-37706-LPE-exploit
A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)
CVE-2023-32353-PoC
Proof of Concept Code for CVE-2023-32353: Local privilege escalation via iTunes in Windows
CVE-2023-4357-Chrome-XXE
CVE-2023-4357,Chrome XXE 漏洞 POC,实现对访客者本地文件读取。CVE-20123-4357, Chrome XXE vulnerability POC, allowing attackers to obtain local files of visitors.
FindSomething
基于chrome、firefox插件的被动式信息泄漏检测工具
ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
hooker
🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、disable ssl pinning
JS-Forward
前端参数加密渗透测试通用解决方案
KB
Knowledge Base collects, stores, and retrieves known vulnerabilities.
LoggerPlusPlus-API-Filters
A Collection of Logger++ Filters for Hunting API Vulnerabilities
medusa
Binary instrumentation framework based on FRIDA
MoveCertificate
support android7+ Move certificate.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
nuclei-action
Application Security Testing with Nuclei
nuclei-templates
All Nuclei Templates
ParamSpider
Mining parameters from dark corners of Web Archives
SCRIPT
python
subfinder-action
Fast and passive subdomain enumeration.
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)