Pinned Repositories
-
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Awesome-CobaltStrike
List of Awesome CobaltStrike Resources
Awesome-POC
一个漏洞POC知识库
Awesome-Redteam
一个攻防知识仓库
Behinder
“冰蝎”动态二进制加密网站管理客户端
BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
BlueLotus_XSSReceiver
XSS平台 CTF工具 Web安全工具
caidao-official-version
中国菜刀官方版本,拒绝黑吃黑,来路清晰
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
2768210355's Repositories
2768210355/ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
2768210355/Awesome-Redteam
一个攻防知识仓库
2768210355/BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
2768210355/CVE-2024-21413
CVE-2024-21413 PoC for THM Lab
2768210355/clash-verge-rev
Continuation of Clash Verge - A Clash Meta GUI based on Tauri (Windows, MacOS, Linux)
2768210355/cve
2768210355/CVE-2024-25600
Unauthenticated Remote Code Execution – Bricks <= 1.9.6
2768210355/CVE_2024_30078_POC_WIFI
basic concept for the latest windows wifi driver CVE
2768210355/docker_image_pusher
使用Github Action将国外的Docker镜像转存到阿里云私有仓库,供国内服务器使用,免费易用
2768210355/ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
2768210355/f8x
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
2768210355/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
2768210355/Finalshell_4.0_Plus_Professional_Active
FinalShell 4.0+ 专业版 & 离线激活 & 激活码 https://FinalShell.callmy.cn
2768210355/gogo
面向红队的, 高度可控可拓展的自动化引擎
2768210355/jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析搜索,方法调用关系搜索,字符串搜索,Spring分析,CFG分析,JVM Stack Frame分析,远程分析Tomcat,进阶表达式搜索,自定义SQL查询,字节码查看,命令行分析,反编译JAR包一键导出,使用简易RASP保护
2768210355/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
2768210355/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
2768210355/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
2768210355/nemo_go
Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
2768210355/ollama
Get up and running with Llama 3, Mistral, Gemma, and other large language models.
2768210355/ProxyCat
一款部署于云端或本地的代理池中间件,可将静态代理IP灵活运用成隧道IP,提供固定请求地址,一次部署终身使用
2768210355/RevokeMsgPatcher
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
2768210355/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
2768210355/sliver
Adversary Emulation Framework
2768210355/TscanPlus_Win_Amd64_v2.2
TscanPlus_Win_Amd64_v2.2超雄版
2768210355/v2rayN
A GUI client for Windows, support Xray core and v2fly core and others
2768210355/Viper
Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台
2768210355/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
2768210355/webshell
This is a webshell open source project
2768210355/YesPlayMusic
高颜值的第三方网易云播放器,支持 Windows / macOS / Linux :electron: