Lists (9)
Sort Name ascending (A-Z)
Starred repositories
本文原文由知名 Hacker Eric S. Raymond 所撰寫,教你如何正確的提出技術問題並獲得你滿意的答案。
Top disclosed reports from HackerOne
best tool for finding SQLi,XSS,LFi,OpenRedirect
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Xploitra is a powerful reverse shell payload generator for educational and security testing. It offers customizable payloads with advanced obfuscation and session management, making it ideal for si…
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
社会工程学密码生成器,是一个利用个人信息生成密码的工具
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
Fetch all the URLs that the Wayback Machine knows about for a domain
Accept URLs on stdin, replace all query string values with a user-supplied value
一个用于web框架、CDN和CMS指纹识别的高性能命令行工具。A high-performance command-line tool for web framework, CDN and CMS fingerprinting.
ParamWizard is a powerful Python-based tool designed for extracting and identifying URLs with parameters from a specified website. It provides a comprehensive way to discover hidden parameters with…
Burp Plugin to Bypass WAFs through the insertion of Junk Data
A powerful asynchronous XSS scanner supporting up to 1,500 concurrent requests.
Find domains and subdomains related to a given domain
PushkraJ99 / ParamSpider
Forked from devanshbatham/ParamSpiderMining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Codebase to generate an msdt-follina payload
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…