#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
#Awesome#有关网络安全的资源链接列表
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
翻译 - 🎯跨站点脚本(XSS)漏洞有效负载列表
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
翻译 - Bug Bounty Hunting和Web App安全性的提示和教程。
CyberSecurityRSS: A collection of cybersecurity rss to make you better!
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML...
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
🎯 XML External Entity (XXE) Injection Payload List
Useful Google Dorks for WebSecurity and Bug Bounty
An HTTP/HTTPS intercept proxy written in Go.
翻译 - 用Go编写的HTTP / HTTPS拦截代理。
Twitter vulnerable snippets
🎯 PHP / ASP - Shell Backdoor List 🎯
翻译 - 🎯PHP / ASP-Shell后门列表🎯
#面试#Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be as...
#安全#一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Think...
Scrape domain names from SSL certificates of arbitrary hosts
🎯 Server Side Template Injection Payloads