HenryLeno
Follow
Stars
一款甲方资产巡航扫描系统。系统定位是发现资产,进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Tool for especially scanning nearby devices and execute a given command on its own system while the target device comes in range.
CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights.
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
syzkaller is an unsupervised coverage-guided kernel fuzzer
A fork and successor of the Sulley Fuzzing Framework
Extension adds a new tab in Burp Suite called Extractor
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Fuzzing harness for testing proprietary image codecs supported by Skia on Android
基于frida的安卓hook框架,提供了很多frida自身不支持的功能,将hook安卓变成简单便捷,人人都会的事情
Spring Cloud的基础教程,由浅入深,一步一步学习Spring Cloud,最后学到的不单单是基础!Spring Boot基础教程请看:https://github.com/roncoo/spring-boot-demo
ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
Study Notes For Web Hacking / Web安全学习笔记
Pre-Built Vulnerable Environments Based on Docker-Compose