Block or Report
Block or report rootsecurity
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseStars
Language
Sort by: Recently starred
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
Tools to work with android .dex and java .class files
🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹识别,域名反查ip,ip端口扫描,web服务链接爬取并发送给xray,对web服务进行POC漏洞扫描,对主机进行主机漏洞扫描。
FASTJSON 2.0.x has been released, faster and more secure, recommend you upgrade.
飞刃是一套完整的企业级黑盒漏洞扫描系统,集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库,覆盖多种漏洞类型和应用程序框架。
Biny is a tiny, high-performance PHP framework for web applications
FastGPT is a knowledge-based platform built on the LLMs, offers a comprehensive suite of out-of-the-box capabilities such as data processing, RAG retrieval, and visual AI workflow orchestration, le…
linux-kernel-exploits Linux平台提权漏洞集合
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrar…
Path traversal in Ollama with rogue registry server
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components throug…
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
Apollo is a reliable configuration management system suitable for microservice configuration management scenarios.
Apache JMeter open-source load testing tool for analyzing and measuring the performance of a variety of services
BlazeHTTP 是一款简单易用的 WAF 防护效果测试工具。BlazeHTTP stands as a user-friendly WAF protection efficacy evaluation tool.
MeterSphere 是新一代的测试管理和接口测试工具,让软件测试工作更简单、更高效,不再成为持续交付的瓶颈。
自动化漏洞扫描系统,包括IP基础信息探测模块(位置、属性、操作系统、端口、绑定的域名、公司名称、公司位置信息、网站标题、CDN信息、绑定网站指纹、子域名),漏洞扫描模块,(weblogic、struts2、nuclei、xray、rad、目录扫描、js链接扫描、端口扫描、调用威胁情报抓取历史绑定url、网站指纹、信息泄露、vulmap、afrog、fscan、DNS日志、shiro、spri…
CMAK is a tool for managing Apache Kafka clusters
CVE-2023-25157 - GeoServer SQL Injection - PoC
ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点