Pinned Repositories
arima_lstm
使用arima_lstm完成容量分析预测(cpu、内存、磁盘)
ATT-CK-CN
ATT&CK实操
Awesome-Asset-Discovery
List of Awesome Asset Discovery Resources
cmsprint
CMS和中间件指纹库
dirmap
一个高级web目录扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑
GithubMonitor
根据关键字与 hosts 生成的关键词,利用 github 提供的 api,监控 git 泄漏。
javaweb-expression
Java SpEL、Ognl、MVEL2表达式Hook并记录小项目
JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
jsspider
A js infomation dig tool.
JustTrustMe
JustTrustMe的二次开发版本,用于禁用SSL证书校验,扩展了原来程序的功能。
5up3rc's Repositories
5up3rc/7days-golang
7 days golang apps from scratch (web framework Gee, distributed cache GeeCache, object relational mapping ORM framework GeeORM etc) 7天用Go动手写/从零实现系列
5up3rc/ApkAnalyser
一键提取安卓应用中可能存在的敏感信息。
5up3rc/Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
5up3rc/Medusa-1
:cat2:美杜莎扫描器https://www.ascotbe.com/Medusa
5up3rc/SharpNetCheck
在内网渗透过程中,对可以出网的机器是十分渴望的。在收集大量弱口令的情况下,一个一个去测试能不能出网太麻烦了。所以就有了这个工具,可配合如wmiexec、psexec等横向工具进行批量检测,该工具可以在dnslog中回显内网ip地址和计算机名,可实现内网中的快速定位可出网机器。
5up3rc/Stowaway
Multi-hop Proxy Tool for pentesters
5up3rc/assetfinder
Find domains and subdomains related to a given domain
5up3rc/ATTCK-PenTester-Book
ATTCK-PenTester-Book
5up3rc/EVTX-ATTACK-SAMPLES
Windows Events Samples
5up3rc/GECC
Cobalt Strike - Go External C2 Client
5up3rc/go-prompt
Building powerful interactive prompts in Go, inspired by python-prompt-toolkit.
5up3rc/gotop
A terminal based graphical activity monitor inspired by gtop and vtop
5up3rc/grapl
Graph platform for Detection and Response
5up3rc/HackChrome
Get the User:Password from Chrome(include version < 80 and version > 80)
5up3rc/hacker101
Hacker101
5up3rc/hackerone-reports
Top disclosed reports from HackerOne
5up3rc/JSONP-Hunter
JSONP Hunter in burpsuite.
5up3rc/MacCheck
一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项
5up3rc/MotooScanner
一款就地取材实现的,廉价资产搜集工具
5up3rc/PeaceMaker
PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
5up3rc/poc-1
Proof of Concepts
5up3rc/PythonPersistence
python3 写的一些权限维持脚本
5up3rc/pytm
A Pythonic framework for threat modeling
5up3rc/Real-timeDetectionAD_jornal
5up3rc/SecurityBaselineCheck
5up3rc/STS2G
Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang
5up3rc/SymTCP
Automatic Discrepancy Discovery for DPI Elusion
5up3rc/SysWhispers
AV/EDR evasion via direct system calls.
5up3rc/takeover
Sub-Domain TakeOver Vulnerability Scanner
5up3rc/WindowsDefenderATP-Hunting-Queries
Sample queries for Advanced hunting in Microsoft Defender ATP