NullGam3's Stars
phith0n/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
urbanadventurer/WhatWeb
Next generation web scanner
bit4woo/domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
wpscanteam/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
offensive-security/exploitdb
The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
zer0h/httpscan
一个爬虫式的网段Web主机发现小工具 # A HTTP Service detector with a crawler from IP/CIDR
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
gwen001/pentest-tools
A collection of custom security tools for quick needs.
wwl012345/CDNCheck
该脚本可以进行CDN检测。主要原理是通过爬取站长之家的全球ping来识别CDN,一共选取了35个国内外节点,并且对全国各个省份的节点都进行了选择。同时支持单个域名和多个域名检测。
sensepost/gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
darklotuskdb/sd-goo
Enumerate Subdomains Through Google Dorks
ffffffff0x/Pentest101
一些关于渗透测试的Tips
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
k8gege/Ladon
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange
xuanhun/PythonHackingBook1
Python黑客编程之极速入门
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
zadam/trilium
Build your personal knowledge base with Trilium Notes
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
xfiftyone/seeyon-exploit
致远OA漏洞检测
satan1a/awesome-ios-security-cn
iOS安全资料整理(中文)
cckuailong/reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
smgorelik/Windows-RCE-exploits
The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.
Ridter/redis-rce
Redis 4.x/5.x RCE
dbgee/log4j2_rce
log4j2 rce、poc
dbgee/fastjson-rce
fastjson rce env based on springboot
helloexp/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
rapid7/metasploit-framework
Metasploit Framework
lovechoudoufu/cobaltstrike4.4_cdf
cobaltstrike4.x版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子认证