Pinned Repositories
404StarLink2.0-Galaxy
404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目
7kbscan-RDP-Sniper
一款有图形界面的RDP(3389)口令检测工具
afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
burpFakeIP
一个用于伪造ip地址进行爆破的Burp Suite插件
ExchangeOWA
一款OutLook信息收集工具
gDomain
域名信息收集
ip2domain_modify
修改原脚本module模块,便于批量域名查询
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
XX-Net
A proxy tool to bypass GFW.
KrystianLi's Repositories
KrystianLi/Behinder
“冰蝎”动态二进制加密网站管理客户端
KrystianLi/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
KrystianLi/M3U8-Downloader
M3U8-Downloader 支持多线程、断点续传、加密视频下载缓存。
KrystianLi/shiro_attack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
KrystianLi/domain_hunter
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
KrystianLi/crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
KrystianLi/ShiroScanner
KrystianLi/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
KrystianLi/Amass
In-depth Attack Surface Mapping and Asset Discovery
KrystianLi/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
KrystianLi/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
KrystianLi/JSINFO-SCAN
递归式寻找域名和api。
KrystianLi/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
KrystianLi/rad
KrystianLi/subDomainsBrute
A fast sub domain brute tool for pentesters
KrystianLi/XX-Net
A proxy tool to bypass GFW.
KrystianLi/TongDaOA-Fake-User
通达OA 任意用户登录漏洞
KrystianLi/WxJava
WxJava (微信开发 Java SDK),支持包括微信支付、开放平台、小程序、企业微信/企业号和公众号等的后端开发
KrystianLi/ThinkphpRCE
Thinkphp rce扫描脚本,附带日志扫描
KrystianLi/SB-Actuator
Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测
KrystianLi/Pentest_Dic
自己收集整理自用的字典
KrystianLi/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
KrystianLi/chunked-coding-converter
Burp suite 分块传输辅助插件
KrystianLi/AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
KrystianLi/7kbscan-RDP-Sniper
一款有图形界面的RDP(3389)口令检测工具
KrystianLi/bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
KrystianLi/Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
KrystianLi/Blasting_dictionary
爆破字典
KrystianLi/F-NAScan
Scanning a network asset information script