cangqingzhe's Stars
ZororoZ/fscanOutput
一个用于处理fsacn输出结果的小脚本(尤其面对大量资产的fscan扫描结果做输出优化,让你打点快人一步!!!)
knownsec/404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
Wker666/wJa
java decompile audit tools
Er1cccc/ACAF
Auto Code Audit Framework for Java
Firebasky/Java
关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
RelonZhu/Java-resource
java相关的一些资源以及知识点整理
MrWQ/vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
Ramos-dev/R9000
xhycccc/Struts2-Vuln-Demo
Struts2漏洞实例源码
alphaSeclab/anti-av
Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts
alphaSeclab/cobalt-strike
Resources About Cobalt Strike. 100+ Tools And 200+ Posts.
MichaelKCortez/CrackMapExecWin
CrackMapExec v5.1.0 compiled for Windows
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
AntSwordProject/AwesomeEncoder
AntSword 自定义编(解)码器分享
EvilAnne/Violation_Pnetest
渗透红线Checklist
xiaoy-sec/Pentest_Note
渗透测试常规操作记录
LandGrey/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
LandGrey/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
wk0ng/port
御剑高速TCP端口扫描工具结果分类
maaaaz/webscreenshot
A simple script to screenshot a list of websites
wyzxxz/shiro_rce_tool
shiro 反序列 命令执行辅助检测工具
p1g3/Fastjson-Scanner
a burp extension to find where use fastjson
broken5/WebAliveScan
对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描
lufeirider/Project
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
urbanadventurer/WhatWeb
Next generation web scanner
0x783kb/Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
DeEpinGh0st/Erebus
CobaltStrike后渗透测试插件