Pinned Repositories
Bridge
无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
evilpdf
Embedding executable files in PDF Documents
fastjson_rce_tool
fastjson_rce工具,不用搭建HTTP服务,不受JDK版本限制
MSSQL_SQL_BYPASS_WIKI
MSSQL注入提权,bypass的一些总结
PHP-Audit-Labs
一个关于PHP的代码审计项目
Scanners-Box
A powerful hacker toolkit which collects more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
shiro_rce
shiro rce 反序列 命令执行 一键工具
SuperWordlist
基于实战沉淀下的各种弱口令字典
vulnerability-assessment-tool
Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://sap.github.io/vulnerability-assessment-tool/
WindowsExploits
Windows Exploit List
Hacker-One's Repositories
Hacker-One/MSSQL_SQL_BYPASS_WIKI
MSSQL注入提权,bypass的一些总结
Hacker-One/Scanners-Box
A powerful hacker toolkit which collects more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Hacker-One/vulnerability-assessment-tool
Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://sap.github.io/vulnerability-assessment-tool/
Hacker-One/evilpdf
Embedding executable files in PDF Documents
Hacker-One/firmwalker
Script for searching the extracted firmware file system for goodies!
Hacker-One/shadowsuid
shadowsuid;shadow suid
Hacker-One/7kbscan-WebPathBrute
7kbscan-WebPathBrute Web路径暴力探测工具
Hacker-One/ant
实时上线的 XSS 盲打平台
Hacker-One/Awesome-WAF
🔥 A curated list of awesome web-app firewall (WAF) stuff.
Hacker-One/commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
Hacker-One/cowrie
Cowrie SSH/Telnet Honeypot
Hacker-One/dirsearch
Web path scanner
Hacker-One/easyXssPayload
XssPayload List . Usage:
Hacker-One/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
Hacker-One/FileMonitor
文件变化实时监控工具(代码审计辅助工具)
Hacker-One/hacker-one.github.io
Hacker-One/lottery
年会抽奖程序
Hacker-One/lxhToolHTTPDecrypt
HTTPDecrypt for Android Penetration Test
Hacker-One/Micro8
Gitbook
Hacker-One/njRAT-0.7
远控工具Njrat
Hacker-One/office-exploits
office-exploits Office漏洞集合 https://www.sec-wiki.com
Hacker-One/php-malware-finder
Detect potentially malicious PHP files
Hacker-One/phurious
Phishing any website to delivery Windows Reverse Shell payload through DATA URI
Hacker-One/PicLocation
快速获取图片的GPS和其拍摄地理位置
Hacker-One/Reptile
LKM Linux rootkit
Hacker-One/sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Hacker-One/struts-scan
Python2编写的struts2漏洞全版本检测和利用工具
Hacker-One/switcher
一个多功能的端口转发/端口复用工具,支持转发本地或远程地址的端口,支持正则表达式转发(实现端口复用)。
Hacker-One/volatility
An advanced memory forensics framework
Hacker-One/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合