VegyChick's Stars
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
genuinetools/amicontained
Container introspection tool. Find out what container runtime is being used as well as features available.
magnologan/awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
cyberark/kubernetes-rbac-audit
Tool for auditing RBACs in Kubernetes
cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
pandasec888/taowu-cobalt_strike
wallarm/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
uknowsec/TailorScan
自用缝合怪内网扫描器,支持端口扫描,识别服务,获取title,扫描多网卡,ms17010扫描,icmp存活探测。
HXSecurity/DongTai-agent-java
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
coreruleset/ftw
Framework for Testing WAFs (FTW!)
fastly/ftw
Framework for Testing WAFs (FTW!)
pmiaowu/BurpFastJsonScan
一款基于BurpSuite的被动式FastJson检测插件
rmb122/rogue_mysql_server
A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.
FelisCatus/SwitchyOmega
Manage and switch between multiple proxies quickly & easily.
jondonas/linux-exploit-suggester-2
Next-Generation Linux Kernel Exploit Suggester
aquasecurity/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
moonD4rk/HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
madhuakula/hacker-container
The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.
Metarget/k0otkit
k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
EnableSecurity/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
r35tart/GetIPinfo
用于寻找多网卡主机方便内网跨网段渗透避免瞎打找不到核心网
Mr-xn/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
CTF-MissFeng/Watchdog
Watchdog是bayonet修改版,重新优化了数据库及web及扫描程序,加入多节点
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340