Pinned Repositories
2022-HW-POC
2022 你懂的
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
Alphalog
DNSLOG、httplog、rmilog、ldaplog、jndi 等都支持,完全匿名 产品(fuzz.red),Alphalog与传统DNSLog不同,更快、更安全。
aria2
aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
awesome-chatgpt-prompts
This repo includes ChatGPT promt curation to use ChatGPT better.
awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
SN-Yang's Repositories
SN-Yang/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
SN-Yang/aria2
aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
SN-Yang/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
SN-Yang/awesome-chatgpt-prompts
This repo includes ChatGPT promt curation to use ChatGPT better.
SN-Yang/BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
SN-Yang/burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
SN-Yang/clash
A rule-based tunnel in Go.
SN-Yang/ClashForAndroid
A rule-based tunnel for Android.
SN-Yang/CVE-2022-37042
Zimbra CVE-2022-37042 Nuclei weaponized template
SN-Yang/CVE-2024-1698-PoC
Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection
SN-Yang/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
SN-Yang/FastjsonScan
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
SN-Yang/goby-poc
451个goby poc,是否后门及重复自行判断,来源于网络收集的Goby&POC,不定时更新。
SN-Yang/godrun666.github.io
SN-Yang/Hacking-Write-ups
A collection of awesome write-ups from topics ranging from CVE, vulnHub, CTFs, Hack the box walkthroughs, real-life encounters and everything which can help other enthusiasts learn.
SN-Yang/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
SN-Yang/Malware
《深入理解恶意代码与病毒样本》
SN-Yang/MYExploit
OAExploit一款基于产品的一键扫描工具。
SN-Yang/Notes
SN-Yang/OneForAll
OneForAll是一款功能强大的子域收集工具
SN-Yang/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SN-Yang/pinduoduo_backdoor
pdd is diaomao
SN-Yang/PyWxDump
获取微信账号信息(昵称/账号/手机/邮箱/数据库密钥/wxid);PC微信数据库读取、解密脚本;聊天记录查看工具;聊天记录导出为html(包含语音图片)。支持多账户信息获取,支持所有微信版本。
SN-Yang/R-dict
一些自己常用的渗透字典
SN-Yang/Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
SN-Yang/VcenterKit
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
SN-Yang/whohk
whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
SN-Yang/XSS-Payloads
List of XSS Vectors/Payloads
SN-Yang/xxxx
SN-Yang/xxxxx
A clash client for Windows, support clash core and Clash.Meta core