asfduibkjewr's Stars
jpillora/chisel
A fast TCP/UDP tunnel over HTTP
malwaredllc/byob
An open-source post-exploitation framework for students, researchers and developers.
xmendez/wfuzz
Web application fuzzer
LandGrey/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
BeichenDream/Godzilla
哥斯拉
ropnop/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
bigb0sss/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
0xn0ne/weblogicScanner
weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883
LandGrey/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
S3cur3Th1sSh1t/PowerSharpPack
harleyQu1nn/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
DeEpinGh0st/Erebus
CobaltStrike后渗透测试插件
rootclay/WMIHACKER
A Bypass Anti-virus Software Lateral Movement Command Execution Tool
Lucifer1993/SatanSword
红队综合渗透框架
Kevin-Robertson/InveighZero
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
SkewwG/domainTools
内网域渗透小工具
bit4woo/domain_hunter
A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件
mattifestation/CimSweep
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
suvllian/process-inject
在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
smallcham/sec-admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Y4er/WebLogic-Shiro-shell
WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell
strontic/xcyclopedia
Encyclopedia for Executables
zricethezav/h1domains
HackerOne "in scope" domains
Ramos-dev/OSSTunnel
基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具
Kudaes/LOLBITS
** DISCONTINUED ** C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.
BishopFox/pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
yzddmr6/JspForAntSword
中国蚁剑JSP一句话Payload
l1nk3rlin/CVE-2019-2890
w4fz5uck5/wp-file-manager-0day
wp-file-manager 6.7 (Aug 2020) Wordpress Plugin 0day - Remote Code Execution
1135/solr_exploit
Apache Solr远程代码执行漏洞(CVE-2019-0193) Exploit