This is a webshell open source project

Multi-purpose proxy service management system

This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

Collection of CTF Web challenges I made

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Webshell && Backdoor Collection

Pwn stuff.

构建并优化高效的渗透 Fuzz 字典

PHP代码审计分段讲解

一个各种方式突破Disable_functions达到命令执行的shell

AoiAWD-专为比赛设计，便携性好，低权限运行的EDR系统。

Backdrop core code repository.

Extension exposing PHP 7 abstract syntax tree

A collection of common algorithms implemented in PHP. The collection is based on "Cracking the Coding Interview" by Gayle Laakmann McDowell

Various webshells. We accept pull requests for additions to this collection.

Indicators from Unit 42 Public Reports

记录自己写的工具和学习笔记

Experimental fuzzer for PHP libraries

Windows杀软在线对比辅助

还原ZendGuard处理后的php代码

PHP后台管理系统

Office Anywhere网络智能办公系统

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Practice hacking JWT tokens

Hash calculator with MD5, SHA1, Base64, htpasswd, whirlpool and crc32 support!

此项目为公司《Web安全概览》分享的 Docker 靶场

PHP class for the CVSS v3 (Common Vulnerability Scoring System)

wordpress honeypot