Skip to content

@anfutest anfutest

Change the repository type filter

All

    Repositories list

    155 repositories

    • encrypt-labs

      Public
      前端加密对抗练习靶场,包含非对称加密、对称加密以及加签的测试场景,比如AES、DES、RSA,用于渗透测试练习
      PHP
      2000Updated Nov 14, 2024Nov 14, 2024

    • web-chains

      Public
      Web 版 Java Payload 生成与漏洞利用工具,提供 Java 反序列化、Hessian 1/2 反序列化等 Payload 生成,以及 JNDI Exploit、Fake Mysql Exploit、JRMPListener 等相关利用
      Dockerfile
      39000Updated Nov 13, 2024Nov 13, 2024

    • How-To-Secure-A-Linux-Server

      Public
      An evolving how-to guide for securing a Linux server.
      Creative Commons Attribution Share Alike 4.0 International
      1.1k000Updated Oct 19, 2024Oct 19, 2024

    • riverPass

      Public
      riverPass 是一个用Go编写的瑞数WAF绕过工具。它利用了WebSocket协议,将请求发送的自身浏览器中,从而绕过了瑞数WAF的检测。
      Go
      MIT License
      13000Updated Oct 18, 2024Oct 18, 2024

    • RCE-labs

      Public
      【Hello-CTF labs】一个想帮你收集所有RCE技巧的靶场。
      Hack
      Apache License 2.0
      19000Updated Oct 15, 2024Oct 15, 2024

    • CTF-NetA

      Public
      CTF-NetA是一款专门针对CTF比赛的网络流量分析工具,可以对常见的网络流量进行分析,快速自动获取flag。
      MIT License
      15000Updated Sep 30, 2024Sep 30, 2024

    • cloudgoat

      Public
      CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
      Python
      BSD 3-Clause "New" or "Revised" License
      621000Updated Sep 26, 2024Sep 26, 2024

    • ApkCheckPack

      Public
      apk文件加固特征检查工具,汇总收集已知特征和手动收集大家提交的app加固特征,目前总计约170条特征,支持40个厂商的加固检测,欢迎大家提交无法识别的app
      Go
      63000Updated Sep 21, 2024Sep 21, 2024

    • osv-scanner

      Public
      Vulnerability scanner written in Go which uses the data provided by https://osv.dev
      Go
      Apache License 2.0
      362000Updated Sep 18, 2024Sep 18, 2024

    • ungoogled-chromium

      Public
      Google Chromium, sans integration with Google
      Python
      BSD 3-Clause "New" or "Revised" License
      843000Updated Sep 3, 2024Sep 3, 2024

    • AppScan

      Public
      安全隐私卫士(AppScan)一款免费的企业级自动化App隐私合规检测工具。
      JavaScript
      Apache License 2.0
      99000Updated Sep 2, 2024Sep 2, 2024

    • web-monitoring-diff

      Public
      Tools for diffing and comparing web content. Also includes a web server that makes diffs available as an HTTP service.
      Python
      GNU General Public License v3.0
      4000Updated Sep 1, 2024Sep 1, 2024

    • MyMSIAnalyzer

      Public
      Analyse MSI files for vulnerabilities
      C#
      30000Updated Aug 30, 2024Aug 30, 2024

    • Detect-It-Easy

      Public
      Program for determining types of files for Windows, Linux and MacOS.
      JavaScript
      MIT License
      730000Updated Aug 27, 2024Aug 27, 2024

    • crack_20_captcha

      Public
      常见20种验证码识别思路
      25000Updated Aug 27, 2024Aug 27, 2024

    • SharpScan

      Public
      内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破(SSH、SMB、MsSQL等)、Socks代理,一键自动化+无文件落地扫描
      C#
      18000Updated Aug 10, 2024Aug 10, 2024

    • KillWxapkg

      Public
      自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
      Go
      MIT License
      806000Updated Aug 7, 2024Aug 7, 2024

    • Slack

      Public
      安服集成化工具平台,帮助测试人员减少测试脚本多,使用繁琐问题
      Go
      MIT License
      64000Updated Jul 30, 2024Jul 30, 2024

    • UserNameDictTools

      Public
      用户名密码字典生成工具(将中文汉字姓名转成14种格式的拼音、IP地址处理、网络设备密码生成)
      17000Updated Jul 28, 2024Jul 28, 2024

    • goreplay

      Public
      GoReplay is an open-source tool for capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with real data. It can be used to increase confidence in code deployments, configuration changes and infrastructure changes.
      Go
      Other
      27000Updated Jul 28, 2024Jul 28, 2024

    • nuclei_poc

      Public
      Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
      Python
      Creative Commons Zero v1.0 Universal
      249000Updated Jul 19, 2024Jul 19, 2024

    • ssh-tabby

      Public
      A terminal for a more modern age
      TypeScript
      MIT License
      3.4k000Updated Jul 19, 2024Jul 19, 2024

    • FastJsonParty

      Public
      FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
      Python
      101000Updated Jul 12, 2024Jul 12, 2024

    • BlueTeamTools

      Public
      蓝队分析研判工具箱,自带的反编译工具对红队也有帮助,有建议欢迎给我留言
      81000Updated Jul 12, 2024Jul 12, 2024

    • debugtron

      Public
      Debug in-production Electron based app
      TypeScript
      MIT License
      110000Updated Jul 11, 2024Jul 11, 2024

    • Harden-Windows-Security

      Public
      Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
      PowerShell
      MIT License
      142000Updated Jul 4, 2024Jul 4, 2024

    • obfuscator-io-deobfuscator

      Public
      A deobfuscator for scripts obfuscated by Obfuscator.io
      TypeScript
      Apache License 2.0
      86000Updated Jun 29, 2024Jun 29, 2024

    • presidio

      Public
      Context aware, pluggable and customizable data protection and de-identification SDK for text and images
      Python
      MIT License
      574000Updated Jun 27, 2024Jun 27, 2024

    • API-Explorer

      Public
      API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书等)
      Python
      36000Updated Jun 26, 2024Jun 26, 2024

    • hostCollision

      Public
      一款host碰撞工具,做了较多的误报优化
      Go
      14000Updated Jun 15, 2024Jun 15, 2024