F1M4p1es's Stars
xiaoZ-hc/redtool
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
klionsec/RedTeamer
红方人员作战执行手册
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
mbechler/marshalsec
AntSwordProject/AwesomeEncoder
AntSword 自定义编(解)码器分享
rabbitmask/WeblogicScan
Weblogic一键漏洞检测工具,V1.5,更新时间:20200730
go-gost/gost
GO Simple Tunnel - a simple tunnel written in golang
ehang-io/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
PKM-er/awesome-obsidian-zh
Obsidian 优秀中文插件、主题与资源
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
GoSecure/pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
QAX-A-Team/BrowserGhost
这是一个抓取浏览器密码的工具,后续会添加更多功能
grayddq/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
EnableSecurity/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
AntSwordProject/AntSword-Loader
AntSword 加载器
hwanz/SSR-V2ray-Trojan-vpn
免费机场公益机场收集/免费vpn-定时更新
OWASP/Top10
Official OWASP Top 10 Document Repository
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
josStorer/chatGPTBox
Integrating ChatGPT into your browser deeply, everything you need is here
BluePointLilac/ContextMenuManager
🖱️ 纯粹的Windows右键菜单管理程序
Vancir/365-days-get-xuanwulab-job
Get a job from Xuanwu Lab in 365 days
Kiprey/Skr_Learning
天问之路 - 学习笔记&学习周报。内容包括但不限于C++ STL、编译原理、LLVM IR Pass代码优化、CSAPP Lab、uCore操作系统等等。
mcmilk/7-Zip-zstd
7-Zip with support for Brotli, Fast-LZMA2, Lizard, LZ4, LZ5 and Zstandard
zfoo-project/godot-start
godot start is godot engine utils and sample
tonybaloney/vscode-pets
Adds playful pets 🦀🐱🐶 in your VS Code window