phantom0301

phantom0301's starred repositories

secguide

面向开发人员梳理的代码安全指南

NOASSERTION13207 211 51

HeadlessBrowsers

A list of (almost) all headless web browsers in existence

CC0-1.06178 187 21

kscan

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Language:GoGPL-3.03819 43 144

learnjavabug

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Language:JavaMIT2573 74 6

POC-bomber

利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

Language:PythonGPL-3.02211 38 38

Kunlun-M

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

Language:PythonMIT2181 54 103

joern

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc

Language:ScalaApache-2.01940 40 1079

awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

Apache-2.01709 260

metlo

Metlo is an open-source API security platform.

Language:TypeScriptMIT1597 16 32

kcl

KCL Programming Language (CNCF Sandbox Project). https://kcl-lang.io

Language:RustApache-2.01531 19 508

espoofer

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

Language:PythonMIT1379 25 43

w12scan

🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)

Language:CSSMIT1340 45 82

MYSQL_SQL_BYPASS_WIKI

mysql注入,bypass的一些心得

1298 28 6

tabby

A CAT called tabby ( Code Analysis Tool )

Language:JavaApache-2.01257 22 64

gadgetinspector

A byte code analyzer for finding deserialization gadget chains in Java applications

Language:JavaMIT973 26 6

agentUniverse

agentUniverse is a LLM multi-agent framework that allows developers to easily build multi-agent applications.

Language:PythonApache-2.0668 15 12

MagiCude

分布式端口（漏洞）扫描、资产安全管理、实时威胁监控与通知、高效漏洞闭环、漏洞wiki、邮件报告通知、poc框架

Language:Python560 13 13

NessusToReport

Nessus扫描报告自动化生成工具

Language:PythonApache-2.0516 11 48

PenetrationTestingScripts

Here is some simple and useful scripts for penetration.

Language:Python462 31 1

eyes.sh

Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.

Language:HTML377 13 8

ant-application-security-testing-benchmark

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

Language:JavaApache-2.0299 9 18

Evaluation_tools

测评工具

Language:Shell295 10 5

MyBlog

记录和分享学习的旅程！

Language:Python286 14 109

codecat

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.

Language:PythonBSD-3-Clause284 5 10