Pinned Repositories
0day-security-software-vulnerability-analysis-technology
0day安全_软件漏洞分析技术
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
7kbscan-WebPathBrute
7kbscan-WebPathBrute Web路径暴力探测工具
ADPenLab
advisories
A collection of my public security advisories.
android-security
Android Security Resources.
Anti-Anti-Spider
越来越多的网站具有反爬虫特性,有的用图片隐藏关键数据,有的使用反人类的验证码,建立反反爬虫的代码仓库,通过与不同特性的网站做斗争(无恶意)提高技术。(欢迎提交难以采集的网站)(因工作原因,项目暂停)
anti-av
Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts
SatanSword
红队综合渗透框架
windows-security
Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.
Smitnald's Repositories
Smitnald/SatanSword
红队综合渗透框架
Smitnald/anti-av
Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts
Smitnald/attack-scripts
Scripts and a (future) library to improve users' interactions with the ATT&CK content
Smitnald/AUTO-EARN
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
Smitnald/AutomatedLab
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
Smitnald/BlueShell
红蓝对抗跨平台远控工具
Smitnald/brim
Desktop application to efficiently search large packet captures and Zeek logs.
Smitnald/CloudPentestCheatsheets
云渗透清单This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Smitnald/defvul
DSO-Lab 漏洞研究成果总结分享
Smitnald/DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
Smitnald/evil-winrm
The ultimate WinRM shell for hacking/pentesting
Smitnald/injection-stuff
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
Smitnald/JSP-Webshells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
Smitnald/KITT-Lite
Python-Based Pentesting CLI Tool
Smitnald/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Smitnald/LuWu
红队基础设施自动化部署工具
Smitnald/metasploit-omnibus
Packaging metasploit-framework with omnibus
Smitnald/Pentest_Note
渗透测试常规操作记录
Smitnald/persistence
Resources About Persistence, Multiple Platforms. Including ~80 Tools and 300+ Posts.
Smitnald/PPLKiller
Tool to bypass LSA Protection (aka Protected Process Light)
Smitnald/python_code_audit
python 代码审计项目
Smitnald/rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities使用wordlist和爆破策略,枚举Java RMI函数,并利用RMI参数反序列化漏洞
Smitnald/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Smitnald/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Smitnald/sgn
Shikata ga nai (仕方がない) encoder ported into go with several improvements
Smitnald/ssti-payloads
🎯 Server Side Template Injection Payloads
Smitnald/sysmon-modular
A repository of sysmon configuration modules
Smitnald/Violation_Pnetest
渗透红线Checklist
Smitnald/WeblogicScan
Weblogic一键漏洞检测工具,V1.5,更新时间:20200730
Smitnald/weevely3
Weaponized web shell