HXSecurity / DongTai
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
☆1,235Updated 3 months ago
Related projects: ⓘ
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,507Updated 8 months ago
- 一款甲方资产巡航扫描系统。系统定位是发现资产,进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示☆1,715Updated 2 years ago
- Attack surface mapping☆1,389Updated 6 months ago
- 边界打点后的自动化渗透工具☆1,838Updated 3 years ago
- ☆1,991Updated this week
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,205Updated 11 months ago
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆2,798Updated 3 months ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆680Updated 8 months ago
- 傻瓜式漏洞PoC测试框架☆1,430Updated 10 months ago
- Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql…☆1,588Updated 9 months ago
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,430Updated last year
- Passive Security Scanner (被动式安全扫描器)☆1,893Updated last year
- 🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。☆3,169Updated 6 months ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,206Updated last month
- 一个漏洞扫描器粘合剂,添加目标后30款工具自动调用;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。☆1,739Updated 2 months ago
- 开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)☆1,438Updated 11 months ago
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,059Updated last month
- bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统☆1,444Updated last year
- 红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool☆1,741Updated 2 weeks ago
- Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。☆1,642Updated 2 weeks ago
- ☆1,418Updated last year
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,542Updated 3 months ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆1,930Updated last year
- EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具☆3,073Updated 5 months ago
- Scan for sensitive information easily and effectively.☆877Updated 3 weeks ago
- Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能☆3,366Updated last year
- Web Fuzzing Box - Web 模糊测试字典与一些Payloads☆2,114Updated 3 months ago
- 无状态子域名爆破工具☆2,213Updated 2 years ago
- 飞刃是一套完整的企业级黑盒漏洞扫描系统,集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库,覆盖多种漏洞类型和应用程序框架。☆1,118Updated last year
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,237Updated last year