Fire-f0x's Stars
JoelGMSec/AutoRDPwn
The Shadow Attack Framework
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
firmianay/CTF-All-In-One
CTF竞赛权威指南
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
xairy/linux-kernel-exploitation
A collection of links related to Linux kernel security and exploitation
SecWiki/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
NullArray/AutoSploit
Automated Mass Exploiter
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
Gallopsled/pwntools
CTF framework and exploit development library
gobysec/Goby
Attack surface mapping
Arvanaghi/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
trickest/cve
Gather and update all available and newest CVEs with their PoC.
LasCC/HackTools
The all-in-one browser extension for offensive security professionals 🛠
quasar/Quasar
Remote Administration Tool for Windows
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
digininja/DVWA
Damn Vulnerable Web Application (DVWA)
mytechnotalent/Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.
jakejarvis/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
yeahhub/Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download)
OlivierLaflamme/Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
urbanadventurer/WhatWeb
Next generation web scanner
onlurking/awesome-infosec
A curated list of awesome infosec courses and training resources.
infoslack/awesome-web-hacking
A list of web application security
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
1N3/Sn1per
Attack Surface Management Platform
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform