Pinned Repositories
Arjun
HTTP parameter discovery suite.
Atlas
Quick SQLMap Tamper Suggester
Awesome-PPT
收集一些有价值的大会演讲PPT
Bird
Bird是一款用于HTTP探测的工具,支持多线程,特征搜索,可用于SRC资产梳理。
Bolt
CSRF Scanner
cloud-native-security-book
《云原生安全:攻防实践与体系构建》资料仓库
phpshell
php原生反弹shell,适合windows和linux
Python-100-Days
Python - 100天从新手到大师
TFofa
一个使用Fofa API查询的小工具
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Ethancck's Repositories
Ethancck/LiveTargetsFinder
Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts and gather service information
Ethancck/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Ethancck/nuclei
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
Ethancck/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Ethancck/ApkAnalyser
一键提取安卓应用中可能存在的敏感信息。
Ethancck/shiro_rce
shiro rce 反序列 命令执行 一键工具 回显
Ethancck/PoC-in-GitHub
📡 PoC auto collect from GitHub. Be careful malware.
Ethancck/bounty-monitor
Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
Ethancck/Spring-Boot-Vulnerability
Ethancck/Java-Rce-Echo
Java RCE 回显测试代码
Ethancck/Atlas
Quick SQLMap Tamper Suggester
Ethancck/xray-crack
xray社区高级版证书生成,仅供学习研究,正常使用请支持正版
Ethancck/h1domains
HackerOne "in scope" domains
Ethancck/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Ethancck/copagent
java memory web shell extracting tool
Ethancck/KingOfBugBountyTips
Ethancck/ReconNotes
Just some public notes that can be useful and i want let the world knows.
Ethancck/theHarvester
E-mails, subdomains and names Harvester - OSINT
Ethancck/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Ethancck/docem
Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
Ethancck/ligolo
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
Ethancck/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Ethancck/goby
Goby - Yet another programming language written in Go
Ethancck/Enum_For_All
Ethancck/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
Ethancck/Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
Ethancck/w13scan
Passive Security Scanner (被动式安全扫描器)
Ethancck/meetup
cloudnative meetup slides
Ethancck/SuperWordlist
基于实战沉淀下的各种弱口令字典
Ethancck/Shodanfy.py
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate-limit!)