I-was-a-fish's Stars
SafeBreach-Labs/WindowsDowndate
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
pingc0y/URLFinder
一款快速、全面、易用的页面信息提取工具,可快速发现和提取页面中的JS、URL和敏感信息。
rtcatc/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Pennyw0rth/NetExec
The Network Execution Tool
pry0cc/axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
zema1/suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
vi3t1/vmprotect-3.5.1
blacklanternsecurity/dp_cryptomg
Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.
nettitude/SharpWSUS
RedTeamPentesting/pretender
Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
kleiton0x00/Proxy-DLL-Loads
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
houseofxyz/injectAllTheThings
Seven different DLL injection techniques in one single project.
gentilkiwi/mimikatz
A little tool to play with Windows security
schellingb/DLLFromMemory-net
C# library to load a native DLL from memory without the need to allow unsafe code
matusf/openapi-fuzzer
Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
0xHossam/Killer
Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.
jeremylong/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
jiji262/wooyun_articles
drops.wooyun.org 乌云Drops文章备份
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
blacklanternsecurity/badsecrets
A library for detecting known secrets across many web frameworks
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
KimJun1010/WeblogicTool
WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)
microsoft/win32-app-isolation
Tools and documentation for Win32 app isolation
Accenture/Spartacus
Spartacus DLL/COM Hijacking Toolkit
3andne/restls
Restls Protocol: A Perfect Impersonation of TLS; Restls协议: 对TLS的完美伪装
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
microsoft/onefuzz
A self-hosted Fuzzing-As-A-Service platform
urbanadventurer/WhatWeb
Next generation web scanner