594hsq

594hsq's Stars

• LandGrey/pydictor

  A powerful and useful hacker dictionary builder for a brute-force attack

  Language:Python3.3k639

• Threekiii/Awesome-Redteam

  一个攻防知识仓库 Red Teaming and Offensive Security

  Language:Python3.6k628

• 2dust/v2rayN

  A GUI client for Windows, support Xray core and v2fly core and others

  Language:C#68.7k11.4k

• last-byte/PersistenceSniper

  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

  Language:PowerShell1.9k183

• 1y0n/AV_Evasion_Tool

  掩日 - 免杀执行器生成工具

  Language:C#2.6k407

• 20142995/Goby

  Language:Python569136

• shmilylty/dedecmscan

  织梦全版本漏洞扫描

  92

• WhiteHSBG/JNDIExploit

  对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改

  Language:Java1.4k289

• almandin/fuxploider

  File upload vulnerability scanner and exploitation tool.

  Language:Python3k495

• a1phaboy/FastjsonScan

  Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency

  Language:Go98395

• AabyssZG/SpringBoot-Scan

  针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

  Language:Python1.6k144

• tr0uble-mAker/POC-bomber

  利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

  Language:Python2.3k378

• webraybtl/CodeQLpy

  CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。

  Language:CodeQL74684

• github/codeql

  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  Language:CodeQL7.6k1.5k

• github/codeql-cli-binaries

  Binaries for the CodeQL CLI

  746111

• optiv/Freeze.rs

  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

  Language:Rust70882

• 3xp10it/xwaf

  Automatic bypass (brute force) waf

  Language:Python970292

• FunnyWolf/Viper

  Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台

  3.7k528

• mrknow001/aliyun-accesskey-Tools

  阿里云accesskey利用工具

  Language:Python1.1k174

• wyzxxz/heapdump_tool

  heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等

  1.3k139

• Aabyss-Team/WebShell

  各种无后门大马的整理，有用就点个Star吧~

  Language:Classic ASP45256

• nomi-sec/PoC-in-GitHub

  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

  6.5k1.2k

• rtcatc/Packer-Fuzzer

  Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

  Language:Python2.8k293

• insightglacier/Dictionary-Of-Pentesting

  Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

  Language:Shell1.9k354

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python61k14.6k

• the-xentropy/samlists

  Free, libre, effective, and data-driven wordlists for all!

  54475

• mstxq17/SeCDictionary

  少而精的常用字典，积累各种场景实现字典进化，只追求更简单更有效，不建议star，但建议pr。

  Language:PHP12230

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP58.1k23.9k

• zxcvbn001/password_brute_dictionary

  口令爆破字典，有键盘组合字典、拼音字典、字母与数字混合这三种类型

  Language:Python1.2k320

• gh0stkey/Web-Fuzzing-Box

  Web Fuzzing Box - Web 模糊测试字典与一些Payloads

  Language:HTML2.1k373