xiaoshuier Goto Github PK

acunetix11-api-documentation

Inofficial Acunetix11 API Documentation

alternativeshellcodeexec

Alternative Shellcode Execution Via Callbacks

amass

In-depth DNS Enumeration and Network Mapping

amsiscanbufferbypass

Circumvent AMSI by patching AmsiScanBuffer

angelsword

Python3编写的CMS漏洞检测框架

anti-anti-spider

越来越多的网站具有反爬虫特性，有的用图片隐藏关键数据，有的使用反人类的验证码，建立反反爬虫的代码仓库，通过与不同特性的网站做斗争（无恶意）提高技术。（欢迎提交难以采集的网站）（因工作原因，项目暂停）

aquatone

A Tool for Domain Flyovers

arjun

HTTP parameter discovery suite.

aviator

Antivirus evasion project

awesome-asset-discovery

List of Awesome Asset Discovery Resources

awesome-burp-extensions

A curated list of amazingly awesome Burp Extensions

awesome-cve-poc

✍️ A curated list of CVE PoCs.

awesome-web-security

🐶 A curated list of Web Security materials and resources.

awvs11-api

behinder

“冰蝎”动态二进制加密网站管理客户端

big-list-of-naughty-strings

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

bopscrk

Tool to generate smart and powerful wordlists

bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

buildroot

Buildroot, making embedded Linux easy. Note that this is not the official repository, but only a mirror. The official Git repository is at http://git.buildroot.net/buildroot/. Do not open issues or file pull requests here.

burplugin-java-rce

******本软件仅限用于学习交流禁止用于任何非法行为****** 本版本支持elasticsearch java语言远程命令执行及文件上传 elasticsearchgroov语言远程命令执行及文件上传 struts2-005、struts2-009、struts2-013、struts2-016、struts2-019、struts2-020、struts2-devmode、 struts2-032、struts2-033、struts2-037、struts2-045、struts2-048、struts2-052 除struts2-053全部RCE漏洞验证并支持批量验证。 Struts2漏洞验证需要python环境并需要相关类库支持.点击python按钮初始化初始化python类库 如果初始化失败请按照如下步骤安装类库， 1、执行 $[python]/Scrips/easy_install pip 2、requests模块 安装方法 pip install requests 3、termcolor模块安装方法： pip install termcolor github: https://github.com/bigsizeme/java-rce-tools burpsuite源码地址：https://github.com/bigsizeme/burplugin-java-rce

bypass-php-gd-process-to-rce

Reference: http://www.secgeek.net/bookfresh-vulnerability/

bypassshell

anti AV

checksql

chomp-scan

A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.

client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

cms-hunter

CMS漏洞测试用例集合

cmspoc

CMS渗透测试框架-A CMS Exploit Framework

collabfiltrator

Exfiltrate blind remote code execution output over DNS via Burp Collaborator.

commodity-injection-signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XXE

crackmapexec

A swiss army knife for pentesting networks