Pinned Repositories
aksk_tool
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI执行命令,OSS/COS/S3管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
aliyun-accesskey-Tools
阿里云accesskey利用工具
antiHoneypot
一个拦截 XSSI & 识别Web蜜罐的Chrome扩展
AppMessenger
一款适用于以APP病毒分析、APP漏洞挖掘、APP开发、HW行动/红队/渗透测试团队为场景的移动端(Android、iOS)辅助分析工具
aquatone
A Tool for Domain Flyovers
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
atlantafx
Modern JavaFX CSS theme collection with additional controls.
cobaltstrike4.5_cdf
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等
DynamicProxyServer
动态IP代理服务器
XssBar
根据Easy-XSS-V2插件二次开发,支持谷歌浏览器
LztCode's Repositories
LztCode/ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
LztCode/BerylEnigma
一个为渗透测试与CTF而制作的工具集,主要实现一些加解密的功能。
LztCode/cvelist
Pilot program for CVE submission through GitHub
LztCode/dingtalk-RCE
LztCode/ESD
Enumeration sub domains(枚举子域名)
LztCode/expbox
Vulnerability Exploitation Code Collection Repository
LztCode/fofax
fofaX is a command line query tool based on the API of https://fofa.so/, simple is the best!
LztCode/FridaHookAppTool
LztCode/go-shadowsocks2
Modern Shadowsocks in Go
LztCode/ip2domain
批量查询ip对应域名及百度权重、备案信息;ip反查域名;ip查备案信息;资产归属查询;百度权重查询
LztCode/jaeles
The Swiss Army knife for automated Web Application Testing
LztCode/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
LztCode/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
LztCode/Kernelhub
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)
LztCode/Kunyu
Kunyu, more efficient corporate asset collection
LztCode/LaZagne
Credentials recovery project
LztCode/LiqunKit_
LztCode/log4j2_vul_local_scanner
Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check weather it's affected by log4j2 remote code execution(CVE-2021-45046)
LztCode/myscan
构建信息搜集/漏洞扫描
LztCode/NEW_xp_CAPTCHA
xp_CAPTCHA(瞎跑 白嫖版) burp 验证码 识别 burp插件
LztCode/ProxyScan
自动化扫描SQL注入
LztCode/PwdBUD
一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典
LztCode/QingScan
一个漏洞扫描器粘合剂;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。
LztCode/reverse-interview-zh
技术面试最后反问面试官的话
LztCode/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
LztCode/sp
Search Startpage.com from the terminal 🔎
LztCode/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
LztCode/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
LztCode/vulnerability-paper
收集的文章
LztCode/zscan
Zscan a scan blasting tool set