xiaobing88

followers

following

stars

chengdu

https://xiaobing88.github.io/

xiaobing88's starred repositories

free-programming-books-zh_CN

:books: 免费的计算机编程类中文书籍，欢迎投稿

GPL-3.0111053 58900

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPMIT56765 1899 262

JavaFamily

【Java面试+Java学习指南】一份涵盖大部分Java程序员所需要掌握的核心知识。

WeChatMsg

提取微信聊天记录，将其导出成HTML、Word、Excel文档永久保存，对聊天记录进行分析生成年度聊天报告，用聊天数据训练专属于个人的AI聊天助手

Language:PythonGPL-3.032848 170 399

awesome-adb

ADB Usage Complete / ADB 用法大全

MIT11267 300 72

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Language:PowerShellNOASSERTION8654 396 59

Detect-It-Easy

Program for determining types of files for Windows, Linux and MacOS.

Language:JavaScriptMIT7254 170 132

WeChatRobot

微信HOOK、微信机器人 wxhook，数据库解密微信公众号采集微信公众号爬虫，企业微信HOOK

Language:C++6427 233 67

Mind-Map

各种安全相关思维导图整理收集

GPL-2.04462 290 5

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

Language:PythonNOASSERTION3611 100 229

blocklist-ipsets

ipsets dynamically updated with firehol's update-ipsets.sh script

Language:Shell3138 143 288

AppInfoScanner

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Language:PythonGPL-3.03114 43 43

AndroRAT

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

Language:JavaMIT2989 145 323

Some-PoC-oR-ExP

各种漏洞poc、Exp的收集或编写

Language:Python2365 1560

chunked-coding-converter

Burp suite 分块传输辅助插件

Language:JavaMIT1907 31 8

reverse-shell

Reverse Shell as a Service

Language:JavaScriptMIT1833 32 17

Books

无它术，唯勤读书而多为之，自工

GPL-2.01580 86 4

SRC-experience

工欲善其事，必先利其器

Language:HTML1492 380

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Language:HTMLGPL-3.01352 760

MYSQL_SQL_BYPASS_WIKI

mysql注入,bypass的一些心得

Mars

Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等

Language:Ruby1225 28 32

password_brute_dictionary

口令爆破字典，有键盘组合字典、拼音字典、字母与数字混合这三种类型

Language:Python1153 15 4

ATTCK-PenTester-Book

ATTCK-PenTester-Book

ShiroScan

Shiro<=1.2.4反序列化，一键检测工具

Language:Python977 8 6

OnlineMooc

Vue前台 + Django3.1 + DjangoRestful Framework + Ant Design Pro V4后台开发的在线教育网站及后台管理

Language:PythonApache-2.0851 40 25

AES-Killer

Burp Plugin to decrypt AES encrypted traffic on the fly

Language:JavaMIT634 25 15

flask-session-cookie-manager

:cookie: Flask Session Cookie Decoder/Encoder

Language:PythonMIT601 8 8

CVE-2020-0796-RCE-POC

CVE-2020-0796 Remote Code Execution POC

Language:Python529 26 9

vulnerable-xss-app

Language:JavaScript36 60

SICNUCTF2019

四川师范大学第八届信息安全大赛

Language:JavaScript300