Pinned Repositories
Active-Directory-Pentest-Notes
个人域渗透学习笔记
Adamantium-Thief
:key: Decrypt chromium based browsers passwords, cookies, credit cards, history, bookmarks. Version > 80 is supported.
antSword
AntSword is a cross-platform website management toolkit.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
AutoRDPwn
The Shadow Attack Framework
avet
AntiVirus Evasion Tool
awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 500+ posts and videos.
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / A collection of cobaltstrike resources to make you better!
awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect!
xray
xray 安全评估工具
JonathanZhou348's Repositories
JonathanZhou348/awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 500+ posts and videos.
JonathanZhou348/awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect!
JonathanZhou348/Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
JonathanZhou348/ddoor
DDoor - cross platform backdoor using dns txt records
JonathanZhou348/dnsgen
Generates combination of domain names from the provided input.
JonathanZhou348/Empire
Empire is a PowerShell and Python post-exploitation agent.
JonathanZhou348/FudgeC2
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
JonathanZhou348/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
JonathanZhou348/gospider
Gospider - Fast web spider written in Go
JonathanZhou348/Intranet-Penetration
内网渗透必备工具。
JonathanZhou348/Knowledge-Base
Knowledge Base 慢雾安全团队知识库
JonathanZhou348/LangSrcCurise
SRC子域名资产监控
JonathanZhou348/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
JonathanZhou348/nps
一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
JonathanZhou348/nray
nray distributed port scanner
JonathanZhou348/ntlmrecon
A fast NTLM reconnaissance and information gathering tool without external dependencies.
JonathanZhou348/Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
JonathanZhou348/PoisonHandler
lateral movement techniques that can be used during red team exercises
JonathanZhou348/proxy_pool
Python爬虫代理IP池(proxy pool)
JonathanZhou348/pyKerbrute
Use python to perform Kerberos pre-auth bruteforcing
JonathanZhou348/pypykatz
Mimikatz implementation in pure Python
JonathanZhou348/python-spider
:rainbow:Python3网络爬虫实战
JonathanZhou348/Red_Team
Some scripts useful for red team activities
JonathanZhou348/RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
JonathanZhou348/Salsa-tools
Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
JonathanZhou348/SharpNetCheck
在内网渗透过程中,对可以出网的机器是十分渴望的。在收集大量弱口令的情况下,一个一个去测试能不能出网太麻烦了。所以就有了这个工具,可配合如wmiexec、psexec等横向工具进行批量检测,该工具可以在dnslog中回显内网ip地址和计算机名,可实现内网中的快速定位可出网机器。
JonathanZhou348/Sourcetrail
Sourcetrail - free and open-source interactive source explorer
JonathanZhou348/UAC_Bypass_In_The_Wild
Windows 10 UAC bypass for all executable files which are autoelevate true .
JonathanZhou348/weblogicScanner
weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890
JonathanZhou348/zmanda_exploit
Weak default credentials in combination with missing input validation allow a remote attacker to execute arbitrary code on a server using the Zmanda Management Console 3.3.9.