SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Simple forum software for building great communities.

A pure PHP library for reading and writing spreadsheet files

A PHP Blogging Platform. Simple and Powerful.

This is a webshell open source project

Damn Vulnerable Web Application (DVWA)

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

A web based file manager,web IDE / browser based code editor

A curated list of resources for learning about application security

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

SQLI labs to test error based, Blind boolean based, Time based.

This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops

dzzoffice

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

Collection of CTF Web challenges I made

WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。

【Hello CTF】题目配套，免费开源的CTF入门教程，针对0基础新手编写，同时兼顾信息差的填补，对各阶段的CTFer都友好的开源教程，致力于CTF和网络安全的开源生态！

Webshell && Backdoor Collection

CMS漏洞测试用例集合

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

《Web安全之机器学习入门》

Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up t…

国内各大CTF赛题及writeup整理

针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具

a project aim to collect CTF web practices .

GPT-3 found hundreds of security vulnerabilities in this repo

Multi-language web CGI interfaces exploits.

[BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack

hctf2015 all problems and writeups from authors