tangxiaofeng7

Fofa-collect

Fofa平台采集工具

Security_Q-A

安全面试题

XScan

一款取决于用户策略的资产管理平台

Landray-OA-Treexml-Rce

蓝凌OA远程代码执行漏洞批量检查

CVE-2023-32315-Openfire-Bypass

rce

CVE-2022-22947-Spring-Cloud-Gateway

CVE-2021-42013批量

CVE-2021-44228-Apache-Log4j-Rce

Apache Log4j 远程代码执行

CVE-2022-33980-Apache-Commons-Configuration-RCE

CVE-2022-33980 Apache Commons Configuration 远程命令执行漏洞

CVE-2022-22965-Spring-Core-Rce

批量无损检测CVE-2022-22965

Spring-Cloud-Function-Spel

Spring Cloud Function Spel命令执行漏洞

JavaLearning

Learning JAVA for Security

3pScan

一款终端扫描工具

BurpLog4j2Scan

Burpsuite extension for log4j2rce

zsxq_notice

知识星球提醒

JavaSecInterview

打造最强的Java安全研究与安全开发面试题库，包含问题和详细的答案，帮助师傅们找到满意的工作

zsxq

我的知识星球《白帽子飙车路》

SecuriytAi

AI赋能网络安全做任何事-Security AI (Power by langchain)

SDLC

Software Development Life Cycle

DartScan

用来体验dart编程的学习代码-端口扫描

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

CodeQL-1

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

DongTai

DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

openrasp

🔥Open source RASP solution

cilium

eBPF-based Networking, Security, and Observability

codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise

javaweb-rasp

openwechat

golang网页版微信Api, 突破网页版登陆限制

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose