achuna33's Stars
safe6Sec/PentestDB
各种数据库的利用姿势
0range-x/dragon-lab
f1ashine/PentestLog
notes some projects in github
achuna33/EHole-forME
yggo/SmartBIAttackTool
SmartBI 登录代码逻辑漏洞导致的远程代码执行利用工具
EASY233/Finger
一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具
ibaiw/2023Hvv
2023 HVV情报速递~
fengchenzxc/SecureCRTdecrypt
SecureCRT批量解密脚本
kezibei/Urldns
zema1/suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
qtc-de/beanshooter
JMX enumeration and attacking tool.
fnmsd/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
shigure-martin/PsychoServer
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
sim0n/Caesium
A Java bytecode obfuscator
Vu1nT0tal/yarb
方便获取每日安全资讯的爬虫和推送程序
Schira4396/VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
su18/JSP-Webshells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
BeichenDream/ISC2022Code
cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
teamssix/awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
burrowers/garble
Obfuscate Go builds
piiperxyz/AniYa
免杀框架
TideSec/GoBypassAV
整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。
wjlab/Darksteel
域内自动化信息搜集利用工具
safe6Sec/Fastjson
Fastjson姿势技巧集合
safe6Sec/command
红队常用命令速查
su18/hack-fastjson-1.2.80
LandGrey/xxe-ftp-server
xxe oob receive file via web and ftp server
PKRoma/ProcessHacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware—mirror of https://github.com/processhacker2/processhacker.git