xiaoaliha Goto Github PK
Name: xiaoali
Type: User
Name: xiaoali
Type: User
CVE-2020-1472复现时使用的py文件整理打包
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
EarthWorm
在科研(摸鱼)过程中,收集到的或者自己写的一些有用的(经过实战检验的)exp/poc,欢迎提交issue和PR
红/蓝队环境自动化部署工具 Red/Blue team environment automation deployment tool
翻墙-科学上网
fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
Web Pentesting Fuzz 字典,一个就够了。
F-vuln(全称:Find-Vulnerability)是为了自己工作方便专门编写的一款自动化工具,主要适用于日常安全服务、渗透测试人员和RedTeam红队人员,它集合的功能包括:存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。
A `.git` folder disclosure exploit
439个goby poc,可能会有重复自行判断,来源于网络收集的Goby&POC,实时更新。
Vulnerabilities of Goby supported with exploitation.
哥斯拉
图形化漏洞利用集成工具
一个由各种图形化渗透工具组成的工具集
the free firefox extions of hackbar v2.1.3 v2.2.9 v2.3.1,hackbar 插件未收费的免费版本。适用于chrome浏览器的HackBar-v2.2.6.zip,HackBar-v2.3.1.zip
一款完全被动监听的谷歌插件,用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
☕️ Java Security,安全编码和代码审计
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
Jsp木马远程控制脚本(大马)
Log4j2 RCE Passive Scanner plugin for BurpSuite
Log4j 多线程批量检测利用工具
Machinae Security Intelligence Collector
Improved SMTP Checker / SMTP Cracker with proxy-support, inbox test and many more features.
猫蛋儿安全团队编写的poc能报就能打。企业微信、海康、Metabase、Openfire、泛微OA......
🌻 The collaborative editing software that runs Wikipedia. Mirror from https://gerrit.wikimedia.org/g/mediawiki/core. See https://mediawiki.org/wiki/Developer_access for contributing.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.