02husky

02husky's Stars

• threeworld/Rogue-jndi-1.2

  增加自定义gadget触发客户端代码执行 绕过高版本JDK远程加载限制

  Language:Java123

• threedr3am/JSP-WebShells

  Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

  Language:Java1.4k325

• binganao/vulns-2022

  本项目用于搜集 2022 年的漏洞，注意：本项目并不刻意搜集 POC 或 EXP，主要以CVE-2021、CVE-2022 为关键词，包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用

  38053

• BloodHoundAD/SharpHound3

  C# Data Collector for the BloodHound Project, Version 3

  Language:C#522156

• quentinhardy/msdat

  MSDAT: Microsoft SQL Database Attacking Tool

  Language:Python857137

• NyDubh3/CuiRi

  一款红队专用免杀木马生成器，基于shellcode生成绕过所有杀软的木马。

  Language:Go909166

• j2ekim/Pentest_Project

  整理渗透测试、内网渗透、应急响应、密码字典、漏洞库、代码审计、渗透测试面试题相关项目

  37143

• quentinhardy/odat

  ODAT: Oracle Database Attacking Tool

  Language:Python1.6k344

• API-Security/APIKit

  APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

  Language:Java2k175

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python62.6k14.9k

• ffffffff0x/name-fuzz

  针对目标已知信息的字典生成工具

  Language:Python21029

• ffffffff0x/1earn

  ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

  Language:C++5.4k1.2k

• Ryze-T/Sylas

  数据库综合利用工具

  53756

• tr0uble-mAker/POC-bomber

  利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

  Language:Python2.3k378

• r00tSe7en/Flash-Pop

  Flash钓鱼弹窗优化版

  Language:HTML632178

• wudicainiao/proxyshell-for-exchange_workload

  Language:Python132

• rtcatc/Packer-Fuzzer

  Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

  Language:Python2.9k298

• ffffffff0x/Pentest101

  一些关于渗透测试的Tips

  59286

• safe6Sec/PentestNote

  一些渗透姿势记录

  493131

• projectdiscovery/nuclei

  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

  Language:Go21.9k2.6k

• LoRexxar/Kunlun-M

  KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

  Language:Python2.3k312

• lintstar/About-Attack

  一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集，降低红队技术门槛的手册【持续更新】

  625138

• rubyhan1314/Golang-100-Days

  Golang - 100天从新手到大师

  Language:Smarty5.9k1.8k

• Ascotbe/Kernelhub

  :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

  Language:C3k668

• ihebski/DefaultCreds-cheat-sheet

  One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

  Language:Python5.8k708

• r0ysue/r0capture

  安卓应用层抓包通杀脚本

  Language:Python6.8k1.4k

• Al1ex/Red-Team

  Red-Team Attack Guid

  26066

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.8k1.3k

• constverum/ProxyBroker

  Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS :performing_arts:

  Language:Python3.9k1.1k

• shmilylty/OneForAll

  OneForAll是一款功能强大的子域收集工具

  Language:Python8.6k1.3k