SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

This is a webshell open source project

🦄独角数卡(自动售货系统)-开源站长自动化售货解决方案、高效、稳定、快速！🚀🚀🎉🎉

PHP package for JWT

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

SQLI labs to test error based, Blind boolean based, Time based.

🚀A multiple proxy protocol manage panel application interface

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!

CMS漏洞测试用例集合

PHP代码审计分段讲解

DoraBox - Basic Web Vulnerability Training

针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具

PHP Runtime Vulnerability Detection

国光的手把手带你用 SSRF 打穿内网靶场源码

为方便WAF入库的项目 | 分享PHP免杀大马 | 菜是原罪 | 多姿势(假的就一个)

实验楼课程

TG自动/自助发卡机器人-后台连接独角数卡