podvps

followers

following

stars

r0ck's starred repositories

Shadowrocket-ADBlock-Rules

提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。

Language:PythonNOASSERTION1559900

faraday

Open Source Vulnerability Management Platform

Language:PythonGPL-3.0492100

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Language:JavaScriptNOASSERTION366400

Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

XSStrike

Most advanced XSS scanner.

Language:PythonGPL-3.01319400

exploitdb

The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb

GPL-2.0771400

fastjson60-DoS

fastjson 在1.2.60以下时，处理/xHH出现问题，导致程序OOM，最终导致DoS

Language:Java1000

POC

一些漏洞检测/利用脚本

Language:Python4300

BuTian_Spider

2019 补天厂商爬虫与数据可视化文件打包

Language:Python17100

kunpeng

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

Language:GoApache-2.0166700

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Language:PythonNOASSERTION362000

get_domain

Language:Python40400

JustTrustMe

An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

Language:JavaNOASSERTION480000

Dex2oatHunter

Automatic Unpacking Tool for Android Dex Files

Language:C++Apache-2.014400

Frida-Android-unpack

this unpack script for Android O and Android P

Language:JavaScript29400

DexHunter

General Automatic Unpacking Tool for Android Dex Files

Language:C++Apache-2.0131900

Android-Debug-Database

A library for debugging android databases and shared preferences - Make Debugging Great Again

Language:JavaApache-2.0839800

dumpDex

💯一款Android脱壳工具，需要xposed支持, 易开发已集成该项目。

Language:C++MIT300900

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Language:JavaScriptGPL-3.01715200

drozer

The Leading Security Assessment Framework for Android.

Language:PythonNOASSERTION386200

Inspeckage

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

Language:JavaApache-2.0280400

wpscan

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

Language:RubyNOASSERTION852200

stressTestPlatform

基于Jmeter实现的在线压测和管理Jmx的平台。

Language:JavaScriptApache-2.062300

Geetest3-Crack

🤖 Geetest3 Distributed Cracking Platform 极验3代分布式破解平台

Language:PythonMIT36900

loggrove

Loggrove是对本地、远程日志文件进行分页阅读、实时阅读、关键词匹配、统计、监控、钉钉告警、Highcharts图表展示的 Web 平台服务，并包含用户认证、LDAP认证、操作审计等基础服务。

Language:PythonMIT21400

metasploit-framework

Metasploit Framework

Language:RubyNOASSERTION3383900

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT6027200

bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

hacker101

Source code for Hacker101.com - a free online web and mobile security class.

Language:SCSSNOASSERTION1375400

AssassinGo

An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!

Language:GoMIT55400