manojsingh-ceh Goto Github PK
Type: User
Type: User
个人域渗透学习笔记
Ivan Ricart Borges - Test for didactic purposes of web pages vulnerables to SQL injection using dbo database user with xp_cmdshell execution permissions. Using patterns from Internet search engines to extract potentially vulnerable web addresses and test them by changing the GET parameters using invalid Transact-SQL conversion function to cause through unhandled errors by IIS web server to show critical information. If certain features are given and using advanced injection techniques a malicious attacker could gain control of the entire system by executing shell commands in the SQL database engine.
Andromeda simplifies local/remote communication for Android modularization
Checklist of the most important security countermeasures when designing, testing, and releasing your API
A curated list of resources for learning about application security
A curated list of amazingly awesome Burp Extensions
Awesome IoT. A collaborative list of great resources about IoT Framework, Library, OS, Platform
A collection of awesome penetration testing resources, tools and other shiny things
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Blockchain and fog computing for secure IoT data visibilty.
The new bridge between Burp Suite and Frida!
Ivan Ricart Borges - Program to detect the existence of remote/local stack-based buffer-overflow vulnerabilities using the standard communication protocol for each service.
Burp Suite GWT wrapper
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
CapFuzz - capture, fuzz & intercept web traffic.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution.
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
A Fast, Browser Compatible DOM-XSS filter using ES6 features
Empire client application
Clone this repo to build Frida
PEN TEST TOOLS
Kali Linux based LiveCD for Hacking-Lab
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Source code of IronWASP
Java wrapper for SSLyze
Encryption with symmetric-key algorithm Kirmah
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.