Apareciym's Stars
theSecHunter/Hades-Windows
Hades HIDS/HIPS for Windows
TheBlindM/CK-567
免杀工具,强大的Anti-Virus对抗工具
baiyies/DamnPythonEvasion
That guy uses python to bypass anti-virus, goddamn!基于python pyd的shellcode免杀绕过
4ra1n/mysql-fake-server
MySQL Fake Server (纯Java实现,支持GUI版和命令行版,提供Dockerfile,支持多种常见JDBC利用)
GualaoXiaoLaji/infiltrate-guide
此工具集成资产探测半自动化,WEB渗透,burp及浏览器插件,社工钓鱼,APP小程序渗透,批量漏洞扫描,漏洞利用,内网渗透,隧道代理,免杀,Windows及linux应急响应,训练靶场环境部署,CVE漏洞1000+POC等工具指引
XIU2/UACWhitelistTool
📃 UAC 白名单小工具!
tongcheng-security-team/NextScan
飞刃是一套完整的企业级黑盒漏洞扫描系统,集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库,覆盖多种漏洞类型和应用程序框架。
alphaSeclab/awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Dm2333/ATTCK-PenTester-Book
ATTCK-PenTester-Book
CVEProject/cvelist
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
imthaghost/goclone
Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.
ttstormxx/jjjjjjjjjjjjjs
爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应
chainreactors/gogo
面向红队的, 高度可控可拓展的自动化引擎
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
ba0gu0/520apkhook
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.
snail007/goproxy
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
Hel10-Web/Databasetools
一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
WyAtu/Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
sorabug/ChangeTimestamp
一键修改exe、dll的编译时间、创建时间、修改时间和访问时间
huaigu4ng/SysWhispers3WinHttp
Syscall免杀
xiao-zhu-zhu/noterce
一种另辟蹊径的免杀执行系统命令的木马
guyoung/CaptfEncoder
Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
sairson/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)
chaitin/SafeLine
serve as a reverse proxy to protect your web services from attacks and exploits.
TryGOTry/CobaltStrike_Cat_4.5
猫猫Cs:基于Cobalt Strike[4.5]二开 (原dogcs二开移植)
LinWin-Cloud/linwin-sploit
LinwinSploit is a Penetration testing toolkit for Linux and android Termux. LinwinSploit是一款用于Linux和安卓Termux的渗透测试工具。 It can attack and run trojan virus on target host. 它能够攻击并在目标主机上运行木马。 Use these toolkits carefully. If you don't allow this, you may have a lot of terrible. 用这些工具使的时候小心点,如果你不遵守这条,你可能会有一些麻烦
YulinSec/ChatGPTScan-SAST
一个基于 ChatGPT 的开源代码审计平台。
almandin/fuxploider
File upload vulnerability scanner and exploitation tool.
pant0m/GoVnc
对目标进行屏幕监控,实时监控上传到阿里云oss。更新根据键盘鼠标状态来监控,节省资源。
qi4L/Unhooker-go
EDR绕过demo