YueXiaZouLiShang

YueXiaZouLiShang's Stars

• zaproxy/zaproxy

  The ZAP core project

  Language:Java12.2k2.2k

• redeye-framework/Redeye

  Redeye is a tool intended to help you manage your data during a pentest operation

  Language:JavaScript45748

• Bo0oM/fuzz.txt

  Potentially dangerous files

  2.8k476

• yzddmr6/as_webshell_venom

  免杀webshell无限生成工具蚁剑版

  Language:JavaScript541142

• pureqh/webshell

  免杀webshell生成工具

  Language:Python703139

• GhostTroops/scan4all

  Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

  Language:Go5.4k642

• awake1t/Awesome-hacking-tools

  收集网上好用、实用的红蓝对抗武器。从资产扫描、泄漏扫描、信息收集、漏洞扫描、SRC批量挖掘、内网渗透、应急响应等等工具。 大部分我都用过、部分会写上自己的感想与建议，希望对你有帮助

  Language:Python39753

• s7ckTeam/Glass

  Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹，也可针对IP/IP段或资产列表进行快速的指纹识别。

  Language:Python953115

• kelvinBen/AppInfoScanner

  一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

  Language:Python3k370

• redtoolskobe/scaninfo

  fast scan for redtools

  Language:Go802114

• kracer127/SiteScan

  专注一站化解决渗透测试的信息收集任务，功能包括域名ip历史解析、nmap常见端口爆破、子域名信息收集、旁站信息收集、whois信息收集、网站架构分析、cms解析、备案信息收集、CDN信息解析、是否存在waf检测、后台寻找以及生成检测结果html报告表。

  Language:Python38967

• ngalongc/bug-bounty-reference

  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

  3.6k980

• djadmin/awesome-bug-bounty

  A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

  4.4k901

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python58.1k14.2k

• vavkamil/awesome-bugbounty-tools

  A curated list of various bug bounty tools

  3.8k612

• reddelexc/hackerone-reports

  Top disclosed reports from HackerOne

  Language:Python3.3k637

• aleenzz/MYSQL_SQL_BYPASS_WIKI

  mysql注入,bypass的一些心得

  1.3k307

• TideSec/BypassAntiVirus

  远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

  Language:XSLT4.4k1.2k

• EdOverflow/bugbounty-cheatsheet

  A list of interesting payloads, tips and tricks for bug bounty hunters.

  5.6k1.5k

• k8gege/Ladon

  Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

  Language:PowerShell4.7k858

• k8gege/K8CScan

  K8Ladon大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

  Language:Python1.2k343

• taielab/Taie-RedTeam-OS

  泰阿安全实验室-基于XUbuntu私人订制的红蓝对抗渗透操作系统

  23736

• Tengshe2021/TENGSHE-OS

  腾蛇系列渗透系统

  482

• alphaSeclab/injection-stuff

  PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts

  492138

• sud01oo/ProcessInjection

  Some ways to inject a DLL into a alive process

  Language:C348119

• rootm0s/Injectors

  💉 DLL/Shellcode injection techniques

  Language:C++662207

• OpenSecurityResearch/dllinjector

  dll injection tool that implements various methods

  Language:C++477113

• stephenfewer/ReflectiveDLLInjection

  Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

  Language:C2.6k768

• jtgrassie/monero-pool

  A Monero mining pool server written in C

  Language:C341121

• xmrig/xmrig

  RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark

  Language:C8.5k3.4k