H2csmugglerHTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Stars: ✭ 292 (-70.05%)
CtftrainingCTF Training 经典赛题复现环境
Stars: ✭ 729 (-25.23%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (-63.38%)
Flag-CaptureSolutions and write-ups from security-based competitions also known as Capture The Flag competition
Stars: ✭ 84 (-91.38%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-98.26%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-70.36%)
winpwnCTF windows pwntools
Stars: ✭ 137 (-85.95%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (-48.1%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (-67.69%)
Ctf WriteupsPerfect Blue's CTF Writeups
Stars: ✭ 286 (-70.67%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-97.23%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (-70.56%)
hitbsecconf-ctf-2021HITB SECCONF EDU CTF 2021. Developed with ❤️ by Hackerdom team and HITB.
Stars: ✭ 17 (-98.26%)
Csp BuilderBuild Content-Security-Policy headers from a JSON file (or build them programmatically)
Stars: ✭ 496 (-49.13%)
ImageStrikeImageStrike是一款用于CTF中图片隐写的综合利用工具
Stars: ✭ 118 (-87.9%)
Welpwn💖CTF pwn framework.
Stars: ✭ 284 (-70.87%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-86.97%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (-27.49%)
PassivehunterSubdomain discovery using the power of 'The Rapid7 Project Sonar datasets'
Stars: ✭ 83 (-91.49%)
Ictf FrameworkThe iCTF Framework, presented by Shellphish!
Stars: ✭ 281 (-71.18%)
toolsetUseful tools for CTF competitions
Stars: ✭ 31 (-96.82%)
Vuejs Serverside Template XssDemo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-71.49%)
CTFSome wrrite-ups
Stars: ✭ 15 (-98.46%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (-15.08%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (-71.69%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-96.1%)
CaptfencoderCaptfEncoder是一款跨平台网络安全工具套件,提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具,并聚合各类在线工具。
Stars: ✭ 473 (-51.49%)
CTFMy CTF writeups
Stars: ✭ 84 (-91.38%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-72.21%)
Xss PayloadsList of advanced XSS payloads
Stars: ✭ 696 (-28.62%)
CTFCTF (Capture The Flag Writeups and Tools)
Stars: ✭ 57 (-94.15%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-72.62%)
libc-dblibc database (file in packages, hash, package files, symbols). Raw binary libc available on https://github.com/BestPig/libc-bin)
Stars: ✭ 21 (-97.85%)
MbeCourse materials for Modern Binary Exploitation by RPISEC
Stars: ✭ 4,674 (+379.38%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+281.03%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-72.51%)
PixloadImage Payload Creating/Injecting tools
Stars: ✭ 586 (-39.9%)
Lamp Cloudlamp-cloud 基于Jdk11 + SpringCloud + SpringBoot的微服务快速开发平台,其中的可配置的SaaS功能尤其闪耀, 具备RBAC功能、网关统一鉴权、Xss防跨站攻击、自动代码生成、多种存储系统、分布式事务、分布式定时任务等多个模块,支持多业务系统并行开发, 支持多服务并行开发,可以作为后端服务的开发脚手架。代码简洁,注释齐全,架构清晰,非常适合学习和企业作为基础框架使用。
Stars: ✭ 4,125 (+323.08%)
aneweranewer appends lines from stdin to a file if they don't already exist in the file. This is a rust version of https://github.com/tomnomnom/anew
Stars: ✭ 46 (-95.28%)
Defcon 2018DEFCON 2018 Qualification writeups
Stars: ✭ 12 (-98.77%)
ocean ctfCTF平台 动态flag docker部署管理 管理端由flask提供API VUE+element构建
Stars: ✭ 129 (-86.77%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-70.56%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-52.41%)
Ctf xinetdA docker repository for deploying pwnable challenges in CTF
Stars: ✭ 257 (-73.64%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+643.18%)
GefGEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
Stars: ✭ 4,197 (+330.46%)
2017-qualsTasks from CTFZone 2017 quals
Stars: ✭ 13 (-98.67%)
FbctfPlatform to host Capture the Flag competitions
Stars: ✭ 6,407 (+557.13%)
ZeratoolAutomatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
Stars: ✭ 584 (-40.1%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (-63.79%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-95.18%)