5up3rc Goto Github PK
Name: Cy95
Type: User
Bio: Programmer,Security Go,PHP,Python
Location: Xiamen,China
Blog: https://blog.webvul.me
Name: Cy95
Type: User
Bio: Programmer,Security Go,PHP,Python
Location: Xiamen,China
Blog: https://blog.webvul.me
YSOSERIAL Integration with burp suite
Burp Suite Collaborator HTTP API
Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
A DNS tunnel utilizing the Burp Collaborator
通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。
Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
Butterfly connects Virtual Machines and control their traffic flow
Browser Vulnerability Exploit DB(浏览器漏洞PoC数据库)
BYOB (Build Your Own Botnet)
Reference: http://www.secgeek.net/bookfresh-vulnerability/
一个各种方式突破Disable_functions达到命令执行的shell
waf自动爆破(绕过)工具
A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
Replacement for bytes.Buffer that you can use in a performace-sensitive parts or your Go programs
The Byzantine General Problem
JWT brute force cracker written in C
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
C in four functions
CACTUSTORCH: Payload Generation for Adversary Simulations
Analyzes resource usage and performance characteristics of running containers.
Social Engineering Tool
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Capsule8: open-source cloud-native behavioral security monitoring
event shipper for Carbon Black Defense notifications
cloud access security broker for uploads (e.g. FTP) to basic web hosting
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
Central Application Tracking
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
CeWL is a Custom Word List Generator
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.