$root: Whoami's repositories
browser-security-whitepaper-2017
X41 Browser Security White Paper - Tools and PoCs
anam
Mass scanning the internet (http and https) using a raw tcpstack.
awesome-windows-exploitation
A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
browser_vuln_check
browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vuln_check framework using some known browser vulnerabilities PoC to quick automate aduit WebView or Browser security ,apply to application security before issue and detecting third-part WebView security)..
Burp-Non-HTTP-Extension
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
BurpExtenders
Custom Burpsuite Extensions
Bypassing-Web-Application-Firewalls
A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
DeserLab
Java deserialization exploitation lab.
fresh.sh
A bash script that fetches and maintains thousands of DNS resolvers
HITCON-Training-writeup
Learn binary exploitation from angelboy's hitcon-training
masscan-web-ui
MASSCAN Web UI
MBE
Course materials for Modern Binary Exploitation by RPISEC
mipt-ctf
A small course on CTF (wargames) for beginners [in Russian]
netstack
Custom network stack in Go
Sec-Box
information security Tools Box (信息安全工具以及资源集合)
ssrf-lab
Lab for exploring SSRF vulnerabilities
Tiny-URL-Fuzzer
A tiny and cute URL fuzzer
token-priv
Token Privilege Research
Unix-Privilege-Escalation-Exploits-Pack
Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
url-testing
Test cases and harnesses for URL testing
wafpass
Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
wiki.secmobi.com
SecMobi Wiki is a collection of mobile security resources.
Windows-Privesc
Basics of Windows privilege escalation
writeups-1
CTF writeups