Pinned Repositories
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
awesome-cloud-security
awesome cloud security || 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
collection-document
Collection of quality safety articles. Awesome articles.
T1ng's Repositories
T1ng/Active-Directory-Pentest-Notes
个人域渗透学习笔记
T1ng/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
T1ng/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
T1ng/awesome-cloud-security
awesome cloud security || 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
T1ng/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
T1ng/BokuLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities. By: @0xBoku & @s4ntiago_p
T1ng/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
T1ng/collection-document
Collection of quality safety articles. Awesome articles.
T1ng/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
T1ng/facebook-bug-bounty-writeups
Facebook Bug Bounties
T1ng/Fastjson
Fastjson姿势技巧集合
T1ng/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
T1ng/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
T1ng/Library-POC
漏洞poc&exp存档
T1ng/Mind-Maps
Mind-Maps of Several Things
T1ng/mysql-magic
dump mysql client password from memory
T1ng/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
T1ng/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
T1ng/Pentest_Note
渗透测试常规操作记录
T1ng/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
T1ng/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
T1ng/RedTeamTools
记录自己编写、修改的部分工具
T1ng/reGeorgX
reGeorgX is a project that seeks to aggressively refactor reGeorg - reGeorg重构计划
T1ng/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
T1ng/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
T1ng/spyhunt
recon for bug hunters
T1ng/vulbase
各大漏洞文库合集
T1ng/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
T1ng/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
T1ng/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)