Starred repositories
harry1080 / chanzi
Forked from Chanzi-keji/chanzi“铲子”是一款简单易用的JAVA SAST工具,旨在为安全工程师提供一款简单、好用、价格厚道的代码安全扫描产品,支持语言: java(Servlet、spring、dubbo、thirft、mybatis、jsp) ,采用轻量级污点分析,铲子会将java、xml(mybatis、dubbo)等统一构建数据流图,然后进行污点分析,无需编译,也可以反编译扫描jar或class,内置了 sql 注…
1
Updated Oct 9, 2024
TestNet资产管理系统(资产管理|信息收集|暴露面管理|子域名扫描|C段扫描|端口扫描|漏洞扫描|Hunter|Fofa)
Xtools 是一款 Sublime Text 插件,同时是一款简单的资产处理|命令行调用工具。
⚔️Windows11 Penetration Suite Toolkit 🔰 The First Windows Penetration Testing Environment on Mac M Chips
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
UAC bypass for x64 Windows 7 - 11(无弹窗版)
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
调查取证 | 针对微信客户端的信息收集工具, 自动化提取本地PC所有的微信信息, 包括微信号, 手机号等
harry1080 / teler
Forked from teler-sh/telerReal-time HTTP Intrusion Detection
150本信息安全方面的书籍书籍(持续更新)
4
Updated Aug 30, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.
Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
A small PoC for the recent RCE found in the Goahead Webserver prior to version 5.1.5.
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote …