This is your work, valued

China

泉哥

Elite
@riusksk

《漏洞战争》作者,公众号:漏洞战争

secbook. 信息安全从业者书单推荐

3.2k

vul_war. 《漏洞战争:软件漏洞分析精要》配套资料

646

SecConArchive. Security Conference Archive

431

riufuzz-pub. riufuzz —— honggfuzz modifited version by riusksk, better support for windows (cdb symbols) and macOS, and more colorful UI

131

BDOpener. 开启APK调试与备份选项的Xposed模块

87

FlashScanner. Flash XSS Scanner

54

StrutScan. Struts2 Vuls Scanner base perl script

23

vul_war_error. 《漏洞战争:软件漏洞分析精要》勘误表

18

riusksk.github.io. riusksk's blog:

16

rp. rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested on several OS: Debian / Windows 8.1 / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible and supports Intel syntax. Standalone executables can also be directly downloaded.

11

shellsploit-library. Exploit development library for python users

11

AndroidKernelExploitationPlayground. C

7

backdoor-apk. backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.

4

frida-qbdi-fuzzer. This experimetal fuzzer is meant to be used for API in-memory fuzzing on Android.

4

EdgeDbg. A simple command line exe to start and debug the Microsoft Edge browser.

4

Fox-scan. Fox-scan is a initiative and passive SQL Injection vulnerable Test tools.

3

1000php. 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

3

FlashHacker. Flash Instrumentation Tool

3

Android_Kernel_CVE_POCs. A list of my CVE's with POCs

3

fbctf. Platform to host Capture the Flag competitions

3

Tide. 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~

3

android_unpacker. A (hopefully) generic unpacker for packed Android apps.

3

WechatEnhancement. 微信Xposed插件,支持抢红包,消息防撤回,朋友圈防删除,朋友圈去广告

3

Awesome-Advanced-Windows-Exploitation-References. List of Awesome Advanced Windows Exploitation References

2

OLLVM_Deobfuscation. OLLVM_Deobfuscation is a Python-based ollvm deobfuscation tool, which now has a perfect performance on ollvm confused C / C + + code compiled on x86 architecture based Linux platform.

2

project-based-learning. Curated list of project-based tutorials

2

SecLists. SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

2

FuzzingPaper. Recent Fuzzing Paper

2

Code-Audit-Challenges. Code-Audit-Challenges

2

iOSAppHook. 专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook

2

AFL. american fuzzy lop - a security-oriented fuzzer

1

Mars. Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等

1

algorithm-visualizer. :fireworks:Interactive Online Platform that Visualizes Algorithms from Code

1

OSXFuzz. macOS Kernel Fuzzer

1

clusterfuzz. All your bug are belong to us.

1

JS-Sorting-Algorithm. 一本关于排序算法的 GitBook 在线书籍 《十大经典排序算法》,使用 JavaScript & Python & Go & Java 实现。

1

nautilus-fuzz. A grammar based feedback Fuzzer

1

awesome-spider. 爬虫集合

1

retoolkit. Reverse Engineer's Toolkit

1

awesome-iot-hacks. A Collection of Hacks in IoT Space so that we can address them (hopefully).

1

SockFuzzer. C

1

ViridianFuzzer. Kernel driver to fuzz Hyper-V hypercalls

1

manul. Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS

1

secure-ios-app-dev. Collection of the most common vulnerabilities found in iOS applications

1

pwn2own2018. A Pwn2Own exploit chain

1

objection. 📱 objection - runtime mobile exploration

1

BlueLotus_XSSReceiver. XSS平台 CTF工具 Web安全工具

1

ManuFuzzer. Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

1

HexRaysDeob. Hex-Rays microcode API plugin for breaking an obfuscating compiler

1

AUTO-EARN. 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具

1

iOSRE. iOS Reverse Engineering

1

exploit_generator. Automated Exploit generation with WinDBG

1

OpenXMolar. An MS OpenXML Format Fuzzing Framework

1

js-vuln-db. A collection of JavaScript engine CVEs with PoCs

1

kernel-fuzzing. Fuzzers for the Linux kernel

1

pwntools-write-ups. A colleciton of CTF write-ups all using pwntools

1

idaplugins-list. A list of IDA Plugins

1