Pinned Repositories
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
2022-HW-POC
2022 护网行动 POC 整理
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
Awesome-Redteam
一个红队知识仓库
HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
Hekeatsll.github.io
MyBlog
javaweb-sec
Learning-TryHackMe-CN
基于TryHackMe网络安全在线学习平台的中文知识库(13条学习路径&60+学习模块,长期更新中......)。
Network-security-study-notes
主要记录网络安全学习笔记,包含WEB基础、提权、APP渗透、内网横向移动、工具学习等
WTF-Solidity
我最近在重新学solidity,巩固一下细节,也写一个“WTF Solidity极简入门”,供小白们使用,每周更新1-3讲。官网: https://wtf.academy
Hekeatsll's Repositories
Hekeatsll/awesome
😎 Awesome lists about all kinds of interesting topics
Hekeatsll/awesome-malware-persistence
A curated list of awesome malware persistence tools and resources.
Hekeatsll/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
Hekeatsll/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
Hekeatsll/CeWL
CeWL is a Custom Word List Generator
Hekeatsll/ChatGPTScan-SAST
一个基于 ChatGPT 的开源代码审计平台。
Hekeatsll/cnvd_general_assets
配合爱企查和fofa实现注册资本大于5000w公司的公网通用资产查询搜索,方便证书挖掘
Hekeatsll/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Hekeatsll/f8x
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
Hekeatsll/fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
Hekeatsll/Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
Hekeatsll/hackingtool
ALL IN ONE Hacking Tool For Hackers
Hekeatsll/iodine
Official git repo for iodine dns tunnel
Hekeatsll/JNDI
JNDI 注入利用工具
Hekeatsll/log4j2Scan
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
Hekeatsll/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Hekeatsll/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Hekeatsll/Neutron
Powerful and smart Traffic Anonymizer using tor as a transparent proxy
Hekeatsll/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Hekeatsll/onlinetools
在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
Hekeatsll/POC_Collect
(持续更新)本项目为存储团队Bot小K每日监测到的最新POC,EXP,以及自己平时总结的POC,为了方便渗透测试过程中,漏洞查询,脱网环境的渗透测试。
Hekeatsll/portforward
A minimalist port forward tool By Java 🚀
Hekeatsll/RedTeam-Tools-1
Tools and Techniques for Red Team / Penetration Testing
Hekeatsll/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
Hekeatsll/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Hekeatsll/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Hekeatsll/Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
Hekeatsll/thc-hydra
hydra
Hekeatsll/Vulnerability-Wiki
一个基于docsify的综合漏洞知识库,目前漏洞数量800+
Hekeatsll/ysoserial
ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。