SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

利用XSS入侵内网(Use XSS automation Invade intranet)

Cuckoo Sandbox is an automated dynamic malware analysis system

Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb

J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.

A Windows GUI toolkit for the Go Programming Language

WSDL Parser extension for Burp

A Powerful Spider(Web Crawler) System in Python.

模拟一个存在漏洞的JavaScript 运行环境,用来学习浏览器漏洞原理和练习如何编写Shellcode (a JavaScript Execute Envirment which study browser vuln and how to write Shellcode ) ..

R interface to wordcloud for data visualization.

Reference: http://www.secgeek.net/bookfresh-vulnerability/

Hackhttp is an HTTP library, written in Python.

sqlite3 driver for go using database/sql

Events-based HTML parser in Go (SAX-style parsing)

WebShell Dump

The Browser Exploitation Framework Project

📺 P2P chat powered by the web.

BkScanner 分布式、插件化web漏洞扫描器

Backdoor with Golang (Cross-Plateform)

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

LDAP authentication module for nginx

Detect potentially malicious PHP files

FreeRADIUS - A multi-protocol policy server.

结巴中文分词

ip information from public website

A simple, powerful Redis client for Go

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

A Commander for modern Go CLI interactions

Basic LDAP v3 functionality for the GO programming language.