pekita1

1m-go-websockets

handling 1M websockets connections in Go

API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

aria2cengine

aria2加速下载引擎支持百度盘免登陆加速下载

awesome-python-cn

Python资源大全中文版，包括：Web框架、网络爬虫、模板引擎、数据库、数据可视化、图片处理等，由伯乐在线持续更新。

BlueLotus_XSSReceiver

XSS平台 CTF工具 Web安全工具

bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

celerystalk

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

chunked-coding-converter

Burp suite 分块传输辅助插件

DarthSidious

Building an Active Directory domain and hacking it

DarthSidious-Chinese

DarthSidious 中文版

DfSec

https://pekita1.github.io/DfSec/

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

facebook-bug-bounties

Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)

greyhame-2017

知识星球"灰袍技能" 2017 精华

gwhatweb

CMS识别 python gevent实现

How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

offensiveinterview

翻译国外的@WebBreacher的安全/渗透测试/红队面试题，有部分参考作用

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pentest-notes

Pentest_Interview

个人准备渗透测试和安全面试的经验，和部分厂商的面试题

pentestdb

WEB渗透测试数据库

Regasm_InstallUtil_ApplockerBypass

AppLocker Bypass With Regasm/InstallUtil

Security-Research

Exploits written by the Rhino Security Labs team

vtest

用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。

w10scan

全自动搜索互联网漏洞

w11scan

分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform

w8scan

一款模仿bugscan的扫描器

w9scan

Plug-in type web vulnerability scanner

Zeus-Scanner

Advanced reconnaissance utility