William's repositories
CeWL
CeWL is a Custom Word List Generator
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. This can be used to monitor the java libraries used in an application and report if there are any known vulnerabilities (e.g. CVEs).
dnsrecon
DNS Enumeration Script
ffuf
Fast web fuzzer written in Go
FOCA
Tool to find metadata and hidden information in the documents.
itext7
iText 7 for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText 7 can be a boon to nearly every workflow.
kubernetes-goat
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.
osinttools
A collection of random OSINT scripts
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pdfbox
Mirror of Apache PDFBox
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
secure-mobile-development
A Collection of Secure Mobile Development Best Practices
spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
spring-boot-upload-file-lead-to-rce-tricks
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
spring-core-rce
Spring core rce
testssl.sh
Testing TLS/SSL encryption anywhere on any port
trojan-source
Trojan Source: Invisible Vulnerabilities
vault-guides
Example usage of HashiCorp Vault secrets management
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.
xss2png
PNG IDAT chunks XSS payload generator
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.