Pinned Repositories
Behinder
“冰蝎”动态二进制加密网站管理客户端
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
gobyexample
Go by Example
jenkinslibrary
Jenkins共享库
linux-exploit-suggester
Linux privilege escalation auditing tool
Miscellaneous
百宝箱
passive-scan-client
Burp被动扫描流量转发插件
pikachu
一个好玩的Web安全-漏洞测试平台
SELKS
A Suricata based IDS/IPS distro
sqli-labs
SQLI labs to test error based, Blind boolean based, Time based.
SEC-nux's Repositories
SEC-nux/linux-exploit-suggester
Linux privilege escalation auditing tool
SEC-nux/ApkAnalyser
一键提取安卓应用中可能存在的敏感信息。
SEC-nux/arthas
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
SEC-nux/awesome-reverse
awesome-逆向基础入门,包括JS、安卓APP/Native
SEC-nux/BloodHound
Six Degrees of Domain Admin
SEC-nux/burpFakeIP
服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件
SEC-nux/cnn_captcha
use cnn recognize captcha by tensorflow. 本项目针对字符型图片验证码,使用tensorflow实现卷积神经网络,进行验证码识别。
SEC-nux/CORScanner
Fast CORS misconfiguration vulnerabilities scanner🍻
SEC-nux/crawlergo
A powerful browser crawler for web vulnerability scanners
SEC-nux/CSAgent
CobaltStrike 4.x通用白嫖及汉化加载器
SEC-nux/dnscat2
SEC-nux/domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
SEC-nux/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
SEC-nux/gophish
Open-Source Phishing Toolkit
SEC-nux/gospider
Gospider - Fast web spider written in Go
SEC-nux/GSIL
GitHub Sensitive Information Leakage(GitHub敏感信息泄露监控)
SEC-nux/hashcat-NTLM-
World's fastest and most advanced password recovery utility
SEC-nux/impacket
Impacket is a collection of Python classes for working with network protocols.
SEC-nux/JNDIExploit-2
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
SEC-nux/Kernelhub
:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
SEC-nux/LSTAR
LSTAR - CobaltStrike 综合后渗透插件
SEC-nux/mimikatz
A little tool to play with Windows security
SEC-nux/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
SEC-nux/PortBrute
一款跨平台小巧的端口爆破工具,支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD
SEC-nux/Sa-Token
这可能是史上功能最全的Java权限认证框架!目前已集成——登录认证、权限认证、分布式Session会话、微服务网关鉴权、单点登录、OAuth2.0、踢人下线、Redis集成、前后台分离、记住我模式、模拟他人账号、临时身份切换、账号封禁、多账号认证体系、注解式鉴权、路由拦截式鉴权、花式token生成、自动续签、同端互斥登录、会话治理、密码加密、jwt集成、Spring集成、WebFlux集成...
SEC-nux/sec-chart
安全思维导图集合
SEC-nux/secguide
面向开发人员梳理的代码安全指南
SEC-nux/Shellcode-Encryptor
A simple shell code encryptor/decryptor/executor to bypass anti virus.
SEC-nux/wappalyzer
Identify technology on websites.
SEC-nux/zaproxy
The OWASP ZAP core project