Pinned Repositories
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
AI-Face-Sound-OCR-Image
使用原生PHP写的,具有人脸检测,人脸识别,人脸对比,文本识别,动物识别,植物识别,车辆识别,Logo识别,语音合成等功能,使用框架构建的高效版并未开源
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
ATT-CK-and-Atomic-Red-Team
ATTACK-Tools
Utilities for MITRE™ ATT&CK
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / A collection of cobaltstrike resources to make you better!
awesome-incident-response
A curated list of tools for incident response
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
awesome-web-security
🐶 A curated list of Web Security materials and resources.
27story's Repositories
27story/404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
27story/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
27story/awesome-incident-response
A curated list of tools for incident response
27story/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
27story/Ehoney
安全、快捷、高交互、企业级的蜜罐管理系统,支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.
27story/FindAll
一款自动化分析网络安全应急响应工具
27story/FireKylin
🔥火麒麟-网络安全应急响应工具(系统痕迹采集)Cybersecurity emergency response tool.
27story/Frog-Auth
🐸Unauthorized Detection Framework未授权访问检测框架
27story/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
27story/Fuzzing-Dicts
Web Security Dictionary
27story/Goby
Attack surface mapping
27story/Golin
弱口令检测、 漏洞扫描、端口扫描(协议识别,组件识别)、web目录扫描、等保模拟定级、自动化运维、等保工具(网络安全等级保护现场测评工具)内置3级等保核查命令、基线核查工具
27story/GUI_Tools
一个由各种图形化渗透工具组成的工具集
27story/HVVault
梳理【护网高利用率POC】并集成Nuclei模板仓库,针对解决网上同一资产漏洞一键检测工具参次不齐问题。
27story/identYwaf
Blind WAF identification tool
27story/kjyw
快捷运维,代号kjyw,项目基于shell、python,运维脚本工具库,收集各类运维常用工具脚本,实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
27story/LinuxCheck
Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查
27story/MagiCude
分布式端口(漏洞)扫描、资产安全管理、实时威胁监控与通知、高效漏洞闭环、漏洞wiki、邮件报告通知、poc框架
27story/Mind_Map
渗透测试/应急响应思维导图
27story/nginx_log_check
Nginx日志安全分析脚本
27story/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
27story/Pentest_Note
渗透测试常规操作记录
27story/PentesterSpecialDict
渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
27story/pocassist
傻瓜式漏洞PoC测试框架
27story/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
27story/scan4all
Vulnerabilities Scan;15000+PoC漏洞扫描;20种应用密码爆破;7000+Web指纹;146种协议90000+规则Port扫描;Fuzz、HW打点、BugBounty神器...
27story/vulbase
各大漏洞文库合集
27story/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
27story/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
27story/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.