Skip to content
View SQY1998's full-sized avatar
1 follower · 49 following

Block or report SQY1998

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

bp2008 / DahuaLoginBypass

Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.

JavaScript 150 34 Updated Oct 13, 2021

chainreactors / spray

最好用最智能最可控的目录爆破工具 | The most powerful, user-friendly, intelligent, and precise HTTP buster.

Go 610 45 Updated Apr 10, 2025

a1phaboy / FastjsonScan

Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

Go 1,017 98 Updated Oct 7, 2022

Y5neKO / FastjsonScanModify

FastjsonScan自用修改版

Go 3 Updated Apr 7, 2025

B4aron1 / JNDIBypass

对JNDIbypass工具进行二次开发

5 Updated Dec 25, 2024

wyzxxz / jndi_tool

JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具

1,964 321 Updated May 21, 2024

heimao-box / pwnpasi

本工具是一个自动化PWN利用框架,专为CTF比赛和二进制漏洞利用设计,集成了栈溢出、格式化字符串等多种漏洞利用技术,支持32位和64位程序的自动化分析利用。(About ctf一键栈溢出、格式化字符串pwn工具/一键pwn利用工具)

Python 86 9 Updated Apr 20, 2025

T3nk0 / Upload_Auto_Fuzz

本Burp Suite插件专为文件上传漏洞检测设计,提供自动化Fuzz测试,共500+条payload。

Python 338 30 Updated Apr 10, 2025

Niiiiko / FastjsonScan4Burp

FastjsonScan4Burp 一款基于burp被动扫描的fastjson漏洞探测插件,可针对数据包中存在json的参数或请求体进行payload测试。旨在帮助安全人员更加便捷的发现、探测、深入利用fastjson漏洞,目前已实现fastjson探测、版本、依赖探测、出网及不出网利用和简易的bypass waf功能

Java 105 5 Updated Mar 13, 2025

xinyikan / sqlmap-studio

SQLMap Studio 是一个现代化的 Web 界面工具,专为生成和配置 SQLMap 命令而设计,帮助安全研究人员和渗透测试人员高效执行 SQL 注入测试。

JavaScript 37 4 Updated Apr 7, 2025

CuriousLearnerDev / TrafficEye

该工具适用于 HW 蓝队对网络流量的深入分析,帮助安全研究人员、渗透测试人员及网络管理员等专业人士识别潜在的安全威胁,尤其是针对 Web 应用的攻击(如 SQL 注入、XSS、WebShell 等)。其模块化设计使用户能够根据实际需求自由选择并定制各类功能模块。 This tool is designed to help penetration testers and network adm…

Python 82 7 Updated Apr 24, 2025

MInggongK / Hikvision-

Hikvision综合漏洞利用工具

C# 425 39 Updated Sep 5, 2024

synacktiv / HopLa

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

Java 742 81 Updated May 12, 2021

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 64,890 15,272 Updated Apr 9, 2025

yaklang / secmate

万径千机-网络安全AI伙伴员工

85 3 Updated Apr 18, 2025

orcastor / unpack

【WIP】📦 一款脱壳工具,能够识别并尝试脱除常见的PE壳,如UPX、ASPack等,帮助用户进行软件逆向工程和恶意软件分析。This is an unpacking tool that can identify and attempt to remove common PE shells like UPX and ASPack, aiding in software reverse eng…

Go 23 2 Updated Sep 29, 2024

mhtsec / sqlmapcg

sqlmap命令生成器

HTML 19 4 Updated Nov 12, 2024

y9nhjy / Proxifier-Keygen

Proxifier注册机

Python 734 158 Updated Apr 16, 2024

saoshao / DetSql

Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率

Java 474 24 Updated Apr 6, 2025

JDArmy / DSRE

数据安全风险枚举框架(Data Security Risk Enumeration)

Vue 49 14 Updated Jun 24, 2024

bannsec / stegoVeritas

Yet another Stego Tool

Python 378 38 Updated Jul 3, 2023

XmirrorSecurity / OpenSCA-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by t…

Go 1,066 120 Updated Apr 14, 2025

f0ng / poc2jar

Java编写,Python作为辅助依赖的漏洞验证、利用工具,添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块,加快测试效率

Java 724 104 Updated Feb 25, 2024

LiChaser / SpiderX

一款利用爬虫技术实现前端JS加密自动化绕过的爆破登陆渗透测试工具

Python 294 33 Updated Mar 20, 2025

s0k / Deserialize

DeserializeExploit

Python 14 4 Updated Apr 21, 2021

peiqiF4ck / WebFrameworkTools-5.1-main

本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵 禅道RCE 瑞友天翼应用虚拟化系统sql注入导致RCE大华智慧园区上传,金蝶云星空漏洞等等.

C# 260 11 Updated Apr 11, 2025

qiwentaidi / Slack

安全服务集成化工具平台,希望能帮助你少开几个应用测试

Go 730 89 Updated Apr 23, 2025

INotGreen / XiebroC2

渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理

Go 1,206 193 Updated Feb 28, 2025

binganao / Ruoyi-All

若依后台定时任务一键利用

Java 53 104 Updated Apr 14, 2022

Mr-xn / Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

HTML 6,823 1,983 Updated Mar 30, 2025
Next