BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+289.04%)
Apijson🚀 零代码、热更新、全自动 ORM 库,后端接口和文档零代码,前端(客户端) 定制返回 JSON 的数据和结构。 🚀 A JSON Transmission Protocol and an ORM Library for automatically providing APIs and Docs.
Stars: ✭ 12,559 (+5408.33%)
CVE-2020-36179CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (-66.23%)
BusBus 是一个基础框架、服务套件,它基于Java8编写,参考、借鉴了大量已有框架、组件的设计,可以作为后端服务的开发基础中间件。代码简洁,架构清晰,非常适合学习使用。
Stars: ✭ 253 (+10.96%)
Flag-CaptureSolutions and write-ups from security-based competitions also known as Capture The Flag competition
Stars: ✭ 84 (-63.16%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-88.6%)
Lzhpo Shiro美观、漂亮,我抽离出来的,拿来即用的简单后台管理系统!
Stars: ✭ 170 (-25.44%)
Java Sec CodeJava web common vulnerabilities and security code which is base on springboot and spring security
Stars: ✭ 1,033 (+353.07%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (+26.75%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (-24.56%)
XrcrossXRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Stars: ✭ 175 (-23.25%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (-53.95%)
SpringBootExploit项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Stars: ✭ 1,060 (+364.91%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+1592.11%)
exprologProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (-42.54%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+5271.05%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+2627.19%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-86.4%)
PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-86.84%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-69.74%)
ssrf-agentmake http(s) request to prevent SSRF
Stars: ✭ 16 (-92.98%)
JAWJAW: A Graph-based Security Analysis Framework for JavaScript and Client-side CSRF
Stars: ✭ 26 (-88.6%)
exploitMy exploitDB.
Stars: ✭ 16 (-92.98%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-82.46%)
spring-security-jwt-csrfA demonstration of stateless JWT authentication with Spring Security, Spring Boot and Vue js
Stars: ✭ 62 (-72.81%)
TORhunterDesigned to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion
Stars: ✭ 47 (-79.39%)
seckill parent基于springboot+springcloud的高并发和商品秒杀项目,通过redis,rabbitmq等技术实现秒杀的高并发。
Stars: ✭ 59 (-74.12%)
attack-surface-detector-zapThe Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Stars: ✭ 52 (-77.19%)
CloudSchedule分布式调度系统,基于zookeeper ,netty,调度内核参考Spring schedule 执行表达式和Spring schedule一样,没有使用Quartz,客户端完全基于注解配置,使用同 Spring schedule一致,最少配置,使用简单
Stars: ✭ 14 (-93.86%)
mars-configspringmvc 、springboot、springcloud 动态配置系统。http 轮询方式 更新 动态配置
Stars: ✭ 17 (-92.54%)
BugHunterNo description or website provided.
Stars: ✭ 23 (-89.91%)
security-wrapper对springSecurity进行二次开发,提供OAuth2授权(支持跨域名,多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定,解绑)、加密通信等一系列安全场景的解决方案
Stars: ✭ 21 (-90.79%)
CVE-2022-21907-http.sysProof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
Stars: ✭ 67 (-70.61%)
MarketServer基于Springboot + Mybatis框架实现的一个简易的商场购物系统后端。该有的基础功能它都有!
Stars: ✭ 26 (-88.6%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-91.67%)
active4jActive4j-boot是基于SpingBoot2.0轻量级的java快速开发框架。以Spring Framework为核心容器,Spring MVC为模型视图控制器,Mybatis Plus为数据访问层, Apache Shiro为权限授权层, Redis为分布式缓存,Quartz为分布式集群调度,layui作为前端框架并进行前后端分离的开源框架
Stars: ✭ 32 (-85.96%)
aliyun-sms阿里云 SMS 短信 Java SDK 封装
Stars: ✭ 67 (-70.61%)
mzt-biz-log支持Springboot,基于注解的可使用变量、可以自定义函数的通用操作日志组件
Stars: ✭ 628 (+175.44%)
Online-Testing-Platform在线考试系统 colleges online examination system base on spring-boot and MyBatis
Stars: ✭ 21 (-90.79%)
python-sdkPython SDK to access the vulnerability database
Stars: ✭ 22 (-90.35%)
job-plusJob Plus项目是基于SpringBoot+Vue的轻量级定时任务管理系统
Stars: ✭ 17 (-92.54%)