tollytu Goto Github PK
Type: User
Type: User
windows和linux基线检查,配套自动化检查脚本。纯手打。
An Out-of-Band XXE server for retrieving file contents over FTP.
阿里云accesskey利用工具
Apache Log4j 远程代码执行
Checklist of the most important security countermeasures when designing, testing, and releasing your API
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
一个漏洞POC知识库
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
一个全新的敏感文件发现工具
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
Source Code Security Audit (源代码安全审计)
Static Code Analysis
SolarWinds Orion API 远程代码执行漏洞批量检测脚本
Pocsuite3 For CVE-2021-22205
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
应急响应实战笔记,一个安全工程师的自我修养。
Fastjson姿势技巧集合
fastjson-1.2.61-RCE
Example for using Celery 4 with Flask (App Factory) and Periodic Tasks with Celery Beat
渗透测试路径字典,爆破字典。内容来自互联网和实战积累。
GoScan是采用Golang语言编写的一款分布式综合资产管理系统,适合红队、SRC等使用
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等
🍯 A Most Convenient Honeypot Platform. 🐝🐝🐝 🐝🐝
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.