p0desta Goto Github PK
Name: p0desta
Type: User
Name: p0desta
Type: User
Airbug(空气洞),收集漏洞poc用于安全产品
一键提取安卓应用中可能存在的敏感信息。
Scanning APK file for URIs, endpoints & secrets.
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
高危漏洞利用工具
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
一个自动化bypass 403/auth的Burpsuite插件
冰蝎客户端源码-3.0-BETA11.t00ls
Burp Suite loader version --> ∞
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
CobaltStrike's source code
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Effective Java(第3版)各章节的中英文学习参考(已完成)
这是 electron-api-demos 的中文版本, 更新至 v2.0.2
各种工具指纹收集分享
记录学习Frida Hook时的知识点和小脚本
🐸Unauthorized Detection Framework未授权访问检测框架
Web Pentesting Fuzz 字典,一个就够了。
Tips and Tutorials for Bug Bounty and also Penetration Tests.
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Java RCE 回显测试代码
A malicious LDAP server for JNDI injection attacks
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
分享过的议题
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
图床使用
HTTPlog||DNSlog||DNS rebinding || xss || webshell
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.