Stars
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
SEKIRO is a multi-language, distributed, network topology-independent service publishing platform. By writing handlers in their respective languages, functionalities can be published to the central…
Fastbot(2.0) is a model-based testing tool for modeling GUI transitions to discover app stability problems
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
macOS上的小而美【Fofa、Shodan、Hunter、Zoomeye、Quake网络空间搜索引擎】闪电搜索器;GUI图形化(Mac/Windows)渗透测试信息搜集工具;资产搜集引擎;hw红队工具hvv
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Goby - Yet another programming language written in Go
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集,用来进行渗透测试,密码学研究,CTF和日常使用。
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
基于chrome、firefox插件的被动式信息泄漏检测工具