grayddq / PypiScan
这个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。
☆31Updated last year
Alternatives and similar repositories for PypiScan:
Users that are interested in PypiScan are comparing it to the libraries listed below
- 基于JVM-Sandbox实现RASP安全监控防护☆52Updated last year
- 总结了免杀webshell的方法论☆48Updated 4 years ago
- ☆22Updated 5 years ago
- 企业级安全智能化实践☆68Updated 2 years ago
- 漏洞测试环境 - 方便写扫描器利用复现☆27Updated 5 years ago
- Make XSS Great Again☆31Updated 5 years ago
- 奇安信报开源软件漏洞cve所用目录。每个人报漏洞请建立自己的目录。☆45Updated 5 years ago
- Java 反序列化学习的实验代码 Java_deserialize_vuln_lab☆87Updated 6 years ago
- 记录流量的http(s)代理+分布式被动漏洞扫描☆23Updated 5 years ago
- Security-Scenes-Feature-Engineering-Toolkit, Continuous Integration.一款安全数据特征化工具☆59Updated last year
- ☆20Updated 5 years ago
- Knowledge Base 慢雾安全团队知识库☆30Updated 5 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆24Updated 5 years ago
- slides and papers from (or partly from) Bonan☆22Updated last year
- HTTP/HTTPS proxy server by golang [high performance version]☆53Updated 4 years ago
- 《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.☆49Updated 2 years ago
- 一个基于docker的安全培训系统☆60Updated 3 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆96Updated 5 years ago
- ☆28Updated 4 years ago
- ☆28Updated 5 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆57Updated 5 years ago
- Xray 被动扫描管理☆57Updated 4 years ago
- python security audit tool,用于python源码的代码审计,支持命令注入,sql注入☆60Updated 9 years ago
- notes☆27Updated 2 years ago
- 用于演示Java Web项目中,漏洞的成因及修复方案,可用于黑盒测试和白盒测��试,部分修复方案可用于生产环境。☆43Updated 6 years ago
- DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。☆45Updated 4 years ago
- weblog/dnslog平台 Docker容器化部署☆37Updated 3 years ago
- some java code i met or i used☆29Updated 5 years ago
- Analysis Financial Attacker Groups, 金融行业攻击者团伙研究☆23Updated 3 years ago
- vulhub-compose是一款屏蔽docker-compose的命令行工具,目的是降低火线平台社区用户使用vulhub靶场的难度,减少学习docker-compose的时间成本;同时,支持直接安装洞态IAST(原灵芝IAST)到vulhub靶场,用于漏洞复现、漏洞挖掘。☆45Updated 3 years ago