Lists (1)
Sort Name ascending (A-Z)
Stars
Download market data from Yahoo! Finance's API
An open source application scanning tool
🎯 SQL Injection Payload List
用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
金蝶云星空 erp反序列化命令执行漏洞批量扫描POC&EXP,带命令回显
重构了Cobaltstrike Beacon,行为对国内主流杀软免杀,支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.
captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
Impacket is a collection of Python classes for working with network protocols.
🔥 Web-application firewalls (WAFs) from security standpoint.
WTF Solidity 极简入门教程,供小白们使用。Now supports English! 官网: https://wtf.academy
Fileless Command Execution for Lateral Movement in Nim
Get file less command execution for lateral movement.
A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!