T1ng

followers

following

stars

liming's starred repositories

katana

A next-generation crawling and spidering framework.

Language:GoMIT10558 89 275

gobuster

Directory/File, DNS and VHost busting tool written in Go

Language:GoApache-2.09362 152 278

pwndbg

Exploit Development and Reverse Engineering with GDB Made Easy

Language:PythonMIT7069 138 866

feroxbuster

A fast, simple, recursive content discovery tool written in Rust.

Language:RustMIT5627 52 285

Dobby

a lightweight, multi-platform, multi-architecture hook framework.

Language:C++Apache-2.03928 117 219

unidbg

Allows you to emulate an Android native library, and an experimental iOS emulation

Language:JavaApache-2.03660 103 586

hooker

🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、disable ssl pinning

Language:JavaScriptApache-2.03582 74 58

JSFinder

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

Language:Python2543 23 25

vulnerability-Checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

uber-apk-signer

A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.

Language:JavaApache-2.01909 35 38

frida_hook_libart

Frida hook some jni functions

Language:JavaScriptMIT1400 34 16

JDumpSpider

HeapDump敏感信息提取工具

Language:JavaApache-2.01211 13 8

BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Language:C#MIT1171 39 8

bruteforce-lists

Some files for bruteforcing certain things.

Apache-2.01082 340

Shockwave-OSS

ClassHound

利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码

Language:PythonMIT687 9 1

dirsearch_bypass403

目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别

Language:Python675 5 10

laoyue

自动化监控赏金项目-定期收集资产,漏洞进行推送(现在可以稳定收菜,有问题issues我)-关注-夜安团队SEC-加我微信进群可下载最新自动化版本,git目前不会更新了,群里目前版本1.3.1,项目优化了非常多,功能也加入了非常多,建议进群(没收费项目放心白嫖)

Language:Python522 6 30

TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

Language:HCLApache-2.0514 8 8

mod0BurpUploadScanner

HTTP file upload scanner for Burp Proxy

Language:PerlNOASSERTION483 16 107

findhash

一个IDA脚本，可以检测出哈希算法（无论是否魔改常数）并生成frida hook 代码。

Language:PythonApache-2.0360 11 5

spyhunt

recon for bug hunters

Language:Python346 6 28

frida-java-bridge

Java runtime interop from Frida

Language:JavaScript318 27 197

JavaFileDict

Java应用的一些配置文件字典，来源于公开的字典与平时收集

SpringSpider

Spring Actuator端点的BurpSuite被动扫描插件。

Language:JavaApache-2.0185 2 1

Unidbg_FindKey

KeyFinder 是一个Unidbg插件，通过内存检索的方式查找AES的密钥，增强Unidbg分析和还原算法的能力。

Language:Java150 5 2

IDASignsrch

IDA_Signsrch in Python

Language:PythonMIT92 60

heapdump_shiro_vuln

A heapdump leaks Shiro key causing RCE vulnerability environment.

Language:Java47 3 1

onos-helm-charts

Helm charts for ONOS (µONOS Architecture)

Language:Mustache31 23 14

s3-bucket-scanner

Scanner for public s3 buckets

Language:PythonMIT10 30