MetaH4ck's Stars
ffffffff0x/AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
MetaH4ck/dict-hub
红队字典:默认凭证、弱用户名、弱口令、弱Web路径
JKme/cube
内网渗透测试工具,弱密码爆破、信息收集和漏洞扫描
Coalfire-Research/Red-Baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
rapid7/metasploit-framework
Metasploit Framework
ybdt/post-hub
后渗透
ybdt/fish-hub
社工钓鱼
jobbole/awesome-javascript-cn
JavaScript 资源大全中文版,内容包括:包管理器、加载器、测试框架、运行器、QA、MVC框架和库、模板引擎等。由「开源前哨」和「前端大全」微信公号团队维护更新。
sorrycc/awesome-javascript
🐢 A collection of awesome browser-side JavaScript libraries, resources and shiny things.
jobbole/awesome-php-cn
PHP资源大全中文版,库、框架、模板、安全、代码分析、日志、第三方库、配置工具、Web 工具等
NyDubh3/CuiRi
一款红队专用免杀木马生成器,基于shellcode生成绕过所有杀软的木马。
lintstar/About-Attack
一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集,降低红队技术门槛的手册【持续更新】
threst/Red-Team
收集各种红队技巧
0x783kb/Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
satan1a/RedBook
基于Threathunting-book基础上完善的狩猎视角红队handbook
samratashok/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
lengjibo/RedTeamTools
记录自己编写、修改的部分工具
ProcessusT/PayloadDropper
Un dropper de payload indétectable qui désactive l'antivirus Windows Defender puis paramètre un fichier batch à l'ouverture de session de l'utilisateur courant pour télécharger netcat et initier une connexion de type reverse shell vers un serveur C2.
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
mzfr/liffy
Local file inclusion exploitation tool
1N3/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
s0md3v/Arjun
HTTP parameter discovery suite.
MetaH4ck/GoLinkFinder
A fast and minimal JS endpoint extractor
0xsha/GoLinkFinder
A fast and minimal JS endpoint extractor
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
teamghsoftware/aquatone
AQUATONE es un conjunto de herramientas escritas en Ruby para realizar reconocimientos de nombres de dominio
rapid7/metasploit-payloads
Unified repository for different Metasploit Framework payloads
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.