🐞
Log4Scan
Log4scan
针对header头和fuzz参数的主动批量扫描,用于大批量黑盒检测
先配置ceye信息
self.host = ""
self.token = ""
PassiveLog4Scan
burp suite 被动扫描插件,对每个参数、header头、Cookie做扫描
先配置ceye信息
self.host = ""
self.token = ""
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
cve-2021-22005-exp 0x01 漏洞简介 2021年9月21日,VMware发布安全公告,公开披露了vCenter Server中的19个安全漏洞,这些漏洞的CVSSv3评分范围为4.3-9.8。 其中,最为严重的漏洞为vCenter Server 中的任意文件上传漏洞(CVE-20
BurpSuite Extension: Log4j RCE Scanner
Attack SQL Server through gopher protocol
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.
LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright © 2010-2019 KeyIdentity GmbH Coypright © 2019- arxes-tolina GmbH In
MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl
log4shell_finder Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mer
🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1
gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I
scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏