- All languages
- ASP
- Assembly
- Batchfile
- BlitzBasic
- C
- C#
- C++
- CSS
- Classic ASP
- Dockerfile
- FreeMarker
- Go
- HTML
- Java
- JavaScript
- Jupyter Notebook
- Kotlin
- Lua
- Makefile
- Markdown
- Mask
- Mermaid
- Objective-C
- PHP
- Pascal
- Perl
- PowerShell
- Python
- Rich Text Format
- Roff
- Ruby
- Rust
- SCSS
- Scala
- Shell
- Smali
- Svelte
- TeX
- TypeScript
- VBA
- Vue
- XSLT
- YARA
Starred repositories
Jar Analyzer - 一个JAR包分析工具,SCA漏洞分析,批量分析JAR包,方法调用关系搜索,字符串搜索,Spring组件分析,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码
superSearchPlus是聚合型信息收集插件,支持综合查询,资产测绘查询,信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。
Advanced SQL Injection Techniques for Bug Bounty Hunters
手动收集各大SRC平台主域名,通过程序自动处理以格式化存入数据库中,便于配合其它信息搜集工具进一步测试。
🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
Open-source vulnerability disclosure and bug bounty program database
⚔️ A compiled list of companies who have active programs for responsible disclosure
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。
🕵️♂️ All-in-one OSINT tool for analysing any website
Accepts urls from a filename and, for each query parameter, replace the value with a specified value.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
An incredibly fast proxy checker & IP rotator with ease.
The official gpt4free repository | various collection of powerful language models
🐛 A list of writeups from the Google VRP Bug Bounty program
🔪 Scan memory for secrets and more. Maybe eventually a full /proc toolkit.
命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)
docker container escape check || Docker 容器逃逸检测