Pinned Repositories
Arjun
HTTP parameter discovery suite.
Atlas
Quick SQLMap Tamper Suggester
Awesome-PPT
收集一些有价值的大会演讲PPT
Bird
Bird是一款用于HTTP探测的工具,支持多线程,特征搜索,可用于SRC资产梳理。
Bolt
CSRF Scanner
cloud-native-security-book
《云原生安全:攻防实践与体系构建》资料仓库
phpshell
php原生反弹shell,适合windows和linux
Python-100-Days
Python - 100天从新手到大师
TFofa
一个使用Fofa API查询的小工具
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Ethancck's Repositories
Ethancck/vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Ethancck/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
Ethancck/bbscope
Scope gathering tool for HackerOne, Bugcrowd, and Intigriti!
Ethancck/teler
Real-time HTTP Intrusion Detection
Ethancck/AV_Evasion_Tool
掩日 - 免杀执行器生成工具
Ethancck/PentestNote
一些渗透姿势记录
Ethancck/FrpProPlugin
frp0.33修改版,过流量检测,免杀,支持加载远程配置文件可用于cs直接使用的插件
Ethancck/chisel
A fast TCP/UDP tunnel over HTTP
Ethancck/SecretScanner
Find secrets and passwords in container images and file systems
Ethancck/top25-parameter
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Ethancck/HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
Ethancck/FourEye
AV Evasion Tool For Red Team Ops
Ethancck/XSSTRON
Electron JS Browser To Find XSS Vulnerabilities Automatically
Ethancck/AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
Ethancck/zaproxy
The OWASP ZAP core project
Ethancck/reconftw
Simple script for full recon
Ethancck/KubiScan
A tool to scan Kubernetes cluster for risky permissions
Ethancck/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
Ethancck/ssrf-king
SSRF plugin for burp Automates SSRF Detection in all of the Request
Ethancck/Payloads_xss_sql_bypass
Ethancck/Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
Ethancck/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
Ethancck/apkleaks
Scanning APK file for URIs, endpoints & secrets.
Ethancck/shellerator
Simple CLI tool for the generation of bind and reverse shells in multiple languages
Ethancck/Venom
Venom - A Multi-hop Proxy for Penetration Testers
Ethancck/galer
A fast tool to fetch URLs from HTML attributes by crawl-in.
Ethancck/My-CTF-Web-Challenges
Collection of CTF Web challenges I made
Ethancck/shellcodeloader
shellcodeloader
Ethancck/bypass-403
A simple script just made for self use for bypassing 403
Ethancck/ShiroScan
Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)