Stars
自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
Gather and update all available and newest CVEs with their PoC.
dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标
A Security Tool for Bug Bounty, Pentest and Red Teaming.
essential templates for kenzer [DEPRECATED]
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
A curated list of GPT agents for cybersecurity
Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list