teq u req's repositories
craft-sherlock
Security scanner and monitor to keep your site and Craft CMS secure.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Arjun
HTTP parameter discovery suite.
BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
besticon
Favicon service written in Go
blog
Blog content of blog.dornea.nu
cero
Scrape domain names from SSL certificates of arbitrary hosts
chromedp
A faster, simpler way to drive browsers supporting the Chrome DevTools Protocol.
CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
dastardly-github-action
Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.
Depix
Recovers passwords from pixelized screenshots
eleventy-base-blog
A starter repository for a blog web site using the Eleventy static site generator.
Fuzzing
《深入理解Fuzzing技术》
Fuzzing-Dicts
Web Security Dictionary
go-http-monitor
A (dead-simple) Golang utility allowing you to monitor HTTP endpoints
iframely
oEmbed proxy. Supports over 1800 domains via custom parsers, oEmbed, Twitter Cards and Open Graph
lifelong-learner
An app with Trie tree and Breve search Implementation CLI and HTTP both 🥳
metasploit-framework
Metasploit Framework
pd-actions
Continuous recon and vulnerability assessment using Github Actions.
ripgen
Rust-based high performance domain permutation generator.
scan4all
Vulnerabilities Scan: 15000+PoCs; 20 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty...
streamlit-example
Example Streamlit app that you can fork to test out share.streamlit.io
twitter-audit-log
Periodically collect data about my Twitter account and check in to github to preserve an audit trail.
vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
web-recon
All About Web Recon & OSINT
yaya
Yet Another Yara Automaton - Automatically curate open source yara rules and run scans