Stars
本Burp Suite插件专为文件上传漏洞检测设计,提供自动化Fuzz测试,共500+条payload。
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
exploit for ImageMagick's uninitialized memory disclosure in gif coder
A database of PHP security advisories
Burp Plugin to decrypt AES encrypted traffic on the fly
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
BurpSuite using the document and some extensions
Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
simple script to extract all web resources by means of .SVN folder exposed over network.
A tool for automatically testing whether the upload function can upload webshell
iOS/macOS/Linux Remote Administration Tool
SQL Server Management Studio(SSMS) saved password dumper
Hackhttp is an HTTP library, written in Python.