cafan

cafan's Stars

• dockur/windows

  Windows inside a Docker container.

  Language:Shell31.7k1626162.2k

• zeromicro/go-zero

  A cloud-native Go microservices framework with cli tool for productivity.

  Language:Go29.6k3161.7k4k

• shadow1ng/fscan

  一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

  Language:Go11.3k1163391.7k

• TheKingOfDuck/fuzzDicts

  You Know, For WEB Fuzzing ! 日站用的字典。

  Language:Python7.7k157102.4k

• k8gege/K8tools

  K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

  Language:PowerShell5.9k209272.1k

• Ridter/Intranet_Penetration_Tips

  2018年初整理的一些内网渗透TIPS，后面更新的慢，所以整理出来希望跟小伙伴们一起更新维护~

  4.5k16031.1k

• reddelexc/hackerone-reports

  Top disclosed reports from HackerOne

  Language:Python4.1k15210751

• kelvinBen/AppInfoScanner

  一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

  Language:Python3.3k4343385

• hookmaster/frida-all-in-one

  《FRIDA操作手册》by @hluwa @r0ysue

  Language:HTML3k15610609

• Mr-xn/RedTeam_BlueTeam_HW

  红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

  Language:Java2.3k517550

• biggerduck/RedTeamNotes

  红队笔记

  2k477352

• bit4woo/domain_hunter_pro

  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

  Language:Java2k2541200

• Hacking-the-Cloud/hackingthe.cloud

  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

  Language:Dockerfile1.8k4589221

• TheKingOfDuck/burpFakeIP

  服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件

  Language:Java1.5k1510233

• Evian-Zhang/llvm-ir-tutorial

  LLVM IR入门指南

  Language:LLVM1.4k3212149

• tanjiti/sec_profile

  爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)

  Language:HTML1.2k623215

• chriskaliX/AD-Pentest-Notes

  用于记录内网渗透(域渗透)学习 :-)

  1.1k181110

• apachecn/sec-books-part1

  :books: 网安类绝版图书

  1k180396

• bsauce/kernel-security-learning

  Anything about kernel security. CTF kernel pwn, kernel exploit, kernel fuzz and kernel defense paper, kernel debugging technique, kernel CVE debug.

  Language:C65432082

• wgpsec/lc

  LC（List Cloud）是一个多云攻击面资产梳理工具

  Language:Go5567147

• Esonhugh/Attack_Code

  文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

  Language:Shell5405040

• nagwww/s3-leaks

  List of S3 Hacks

  38738246

• ac0d3r/xssfinder

  XSS discovery tool

  Language:Go2019418

• scopion/dic

  渗透字典，框架信息泄露，备份文件泄露，配置文件泄露。字典

  Language:Python1802044

• Ernket/ARL-Finger-ADD-Go

  ARL(灯塔)批量添加指纹，支持新版(&&)和旧版(仅支持|| 或逻辑)

  Language:Go1732422

• goddemondemongod/Sec-Interview

  网络安全面试总结

  1311014

• scopion/security_test_guide

  安全测试导论

  893017

• XDU-SysSec/ExcessivePermissionAttack

  Take Over the Whole Cluster: Attacking Kubernetes via Excessive Permissions of Third-party Applications

  Language:Go14225

• tarihub/offlinepost

  读过的安全文章离线归档 | begin in 2023.11.23

  Language:C13201

• hhland/ngflow

  次世代流程引擎

  Language:C#62