7hang Goto Github PK
Type: User
Bio: wx公众号-安全圈的翻译官
Twitter: XiangHang1
Type: User
Bio: wx公众号-安全圈的翻译官
Twitter: XiangHang1
内网渗透
代码审计知识点整理-Java
代码审计知识点整理-php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
米斯特2019年开源项目清单
阿里云accesskey利用工具
移动安全
一款可以检测WEB蜜罐并阻断请求的Chrome插件
Automated HTTP Request Repeating With Burp Suite
A list of interesting stuffs that I have no time to test/review
整理笔记
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
Ressources for bug bounty hunting
通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
...Webshell
burp验证码识别接口调用插件
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
Prototype Pollution and useful Script Gadgets
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise
crawlergo-to-xray,可以把0Kee-Team crawlergo爬虫爬取的链接推送给长亭xray分析,xray分析后自动调用webhook接口利用server酱实时推送漏洞预警到微信,让你躺着挖漏洞。支持多线程。
...
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)
fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
Fast web fuzzer written in Go
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.