r4ph4e1-0x01 Goto Github PK
Name: R4ph4e1
Type: User
Bio: 人若无名,岂不是可以天天摆烂!😀
Name: R4ph4e1
Type: User
Bio: 人若无名,岂不是可以天天摆烂!😀
403/401 Bypass Methods + Bash Automation + Your Support ;)
对安卓APP注入MSF PAYLOAD,并且对手机管家进行BYPASS。
Asynchronous dirsearch
一款适用于(Android、iOS、WEB、H5、静态网站),信息检索的工具,可以帮助渗透测试人员快速获取App或者WEB中的有用资产信息,并对检索的资产信息进行Title、IP、域名、CDN等进行识别
A fastjson payload generator
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Fast search and dump dex on memory.
Automatically convert gfwlist to pac everyday
运行于GitHub Actions 的仓库中自动化、自定义和执行软件开发工作流程,可以自己根据喜好定制功能,InCloud已经为您定制好了八种针对网段和域名的不同场景的信息收集与漏洞扫描流程。
JAVA IAST Example
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
All Submissions you make to Magento Inc. ("Magento") through GitHub are subject to the following terms and conditions: (1) You grant Magento a perpetual, worldwide, non-exclusive, no charge, royalty free, irrevocable license under your applicable copyrights and patents to reproduce, prepare derivative works of, display, publically perform, sublicense and distribute any feedback, ideas, code, or other information (“Submission") you submit through GitHub. (2) Your Submission is an original work of authorship and you are the owner or are legally entitled to grant the license stated above. (3) You agree to the Contributor License Agreement found here: https://github.com/magento/magento2/blob/master/CONTRIBUTOR_LICENSE_AGREEMENT.html
Burp被动扫描流量转发插件
My Blog
Red Team Tips as posted by @vysecurity on Twitter
基于对bit4woo/ReSign项目的改造,感谢bit4woo师傅的项目。 本工具是burpsuite插件,常用于APP或部分网页的抓包改包过程中出现签名校验或时间戳校验的场景,可以自动计算结果,节约测试的时间成本。 比原项目新增加更多好用的功能。如自动计算时间戳,增加更多灵活调整明文的手段。
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
some collection
Spring Boot with FreeMarker - Server Side Template Injection example
ThinkPHP 漏洞 综合利用工具, 图形化界面, 命令执行, 一键getshell, 批量检测, 日志遍历, session包含, 宝塔绕过
Something tools for Shiro exploit
基于ART主动调用的脱壳机
wxml被“编译“后”压缩“一下多好!😀
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.