alone-hacker

alone-hacker's Stars

• 0xPugal/One-Liners

  A collection of one-liners for bug bounty hunting.

  1.3k201

• testnet0/testnet

  TestNet资产管理系统（资产管理|信息收集|暴露面管理|子域名扫描|C段扫描|端口扫描|漏洞扫描|Hunter|Fofa）

  Language:Shell46247

• sml2h3/ddddocr

  带带弟弟 通用验证码识别OCR pypi版

  Language:Python10.8k1.9k

• Tsojan/TsojanScan

  An integrated BurpSuite vulnerability detection plug-in.

  1.2k65

• kkbo8005/mitan

  密探渗透测试工具包含资产信息收集，子域名爆破，搜索语法，资产测绘（FOFA，Hunter，quake, ZoomEye），指纹识别，敏感信息采集，文件扫描、端口扫描、批量信息权重查询、密码字典等功能

  1.2k81

• sule01u/AutorizePro

  🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

  Language:Python58739

• moonD4rk/HackBrowserData

  Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

  Language:Go11.6k1.6k

• wh1t3zer/SpringBootVul-GUI

  一个半自动化springboot打点工具，内置目前springboot所有漏洞

  Language:Java58141

• alone-hacker/InfiltrateX

  一个好用的越权扫描工具。越权漏洞自动化检测难、易发生且危害严重，但我们仍可以尽力自动化检测一部分越权漏洞。

  1

• cseroad/Exp-Tools

  一款集成高危漏洞exp的实用性工具

  1.2k80

• selinuxG/Golin

  弱口令检测、 漏洞扫描、端口扫描（协议识别，组件识别）、web目录扫描、等保模拟定级、自动化运维、等保工具（网络安全等级保护现场测评工具）内置3级等保核查命令、基线核查工具、键盘记录器

  Language:Go1.3k208

• wy876/POC

  收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1400多个poc/exp，长期更新。

  4.6k970

• chaitanyakrishna/subdomain-enum

  Subdomain Enumeration using Securitytrails API

  Language:Python265

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go12.3k1.9k

• deskflow/deskflow

  Deskflow lets you share one mouse and keyboard between multiple computers on Windows, macOS and Linux. It's like a software KVM (but without video).

  Language:C++14.9k3.9k

• Sh1Yo/x8

  Hidden parameters discovery suite

  Language:Rust1.7k157

• cramppet/regulator

  Automated learning of regexes for DNS discovery

  Language:Python36242

• 0xTeles/jsleak

  a Go code to detect leaks in JS files via regex patterns

  Language:Go13926

• shmilylty/OneForAll

  OneForAll是一款功能强大的子域收集工具

  Language:Python8.5k1.3k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP59.8k24k

• lc/gau

  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

  Language:Go4.1k462

• Rvn0xsy/BadCode

  恶意代码逃逸源代码 http://payloads.online

  Language:C++744124

• lgandx/Responder

  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

  Language:Python5.6k787

• Drun1baby/JavaSecurityLearning

  记录一下 Java 安全学习历程，也算是半条学习路线了

  Language:Java1k99

• mantvydasb/RedTeaming-Tactics-and-Techniques

  Red Teaming Tactics and Techniques

  Language:PowerShell4.1k1.1k

• HavocFramework/Havoc

  The Havoc Framework

  Language:Go7k982

• mhaskar/Octopus

  Open source pre-operation C2 server based on python and powershell

  Language:Python740155

• Pizz33/GobypassAV-shellcode

  shellcode免杀加载器，使用go实现，免杀bypass火绒、360、核晶、def等主流杀软

  Language:Go82595

• thelang-io/the

  The Programming Language

  Language:C++44

• ollama/ollama

  Get up and running with Llama 3.3, Mistral, Gemma 2, and other large language models.

  Language:Go106k8.5k