GMe4wRD's Stars
microsoft/vscode
Visual Studio Code
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
rapid7/metasploit-framework
Metasploit Framework
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Ignitetechnologies/Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
0xInfection/Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
EnableSecurity/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
fullhunt/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
sysdream/ligolo
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
projectdiscovery/shuffledns
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
nathanlesage/academics-on-mastodon
A list of various lists consisting of academics on Mastodon
ycdxsb/PocOrExp_in_Github
Automatically Collect POC or EXP from GitHub by CVE ID. If you are unable to find the POC/EXP on GitHub, you can also check here: https://pocorexps.nsa.im/
pimps/JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
r3nt0n/bopscrk
Generate smart and powerful wordlists
BishopFox/GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Raikia/CredNinja
A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
cube0x0/MiniDump
C# Lsass parser
gmatuz/inthewilddb
Hourly updated database of exploit and exploitation reports
pimps/ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
adminlove520/Poc-Monitor_v1.0.1
威胁情报-漏洞存储库
tp7309/TTPassGen
密码生成 flexible and scriptable password dictionary generator which can support brute-force、combination、complex rule mode etc...