cangqingzhe

cangqingzhe's Stars

• ZororoZ/fscanOutput

  一个用于处理fsacn输出结果的小脚本（尤其面对大量资产的fscan扫描结果做输出优化，让你打点快人一步！！！）

  Language:Python39737

• knownsec/404StarLink

  404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

  8.3k801

• Wker666/wJa

  java decompile audit tools

  21835

• Er1cccc/ACAF

  Auto Code Audit Framework for Java

  Language:Java9712

• Firebasky/Java

  关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

  Language:Java755145

• RelonZhu/Java-resource

  java相关的一些资源以及知识点整理

  Language:HTML1611

• MrWQ/vulnerability-paper

  收集的文章 https://mrwq.github.io/tools/paper/

  Language:Python1.7k397

• Ramos-dev/R9000

  Language:Java589

• xhycccc/Struts2-Vuln-Demo

  Struts2漏洞实例源码

  Language:Java20240

• alphaSeclab/anti-av

  Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts

  42791

• alphaSeclab/cobalt-strike

  Resources About Cobalt Strike. 100+ Tools And 200+ Posts.

  24383

• MichaelKCortez/CrackMapExecWin

  CrackMapExec v5.1.0 compiled for Windows

  217

• yogeshojha/rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  Language:HTML7.4k1.1k

• Mr-xn/Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  Language:HTML6.5k2k

• AntSwordProject/AwesomeEncoder

  AntSword 自定义编(解)码器分享

  Language:JavaScript23962

• EvilAnne/Violation_Pnetest

  渗透红线Checklist

  43859

• xiaoy-sec/Pentest_Note

  渗透测试常规操作记录

  3.7k919

• LandGrey/SpringBootVulExploit

  SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

  Language:Java5.7k1.3k

• LandGrey/webshell-detect-bypass

  绕过专业工具检测的Webshell研究文章和免杀的Webshell

  Language:Classic ASP1.7k405

• wk0ng/port

  御剑高速TCP端口扫描工具结果分类

  Language:Python195

• maaaaz/webscreenshot

  A simple script to screenshot a list of websites

  Language:Python655162

• wyzxxz/shiro_rce_tool

  shiro 反序列 命令执行辅助检测工具

  1.3k180

• p1g3/Fastjson-Scanner

  a burp extension to find where use fastjson

  Language:Python16321

• broken5/WebAliveScan

  对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描

  Language:Python906114

• lufeirider/Project

  Language:Java12251

• k8gege/Ladon

  Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

  Language:PowerShell4.8k860

• urbanadventurer/WhatWeb

  Next generation web scanner

  Language:Ruby5.5k899

• 0x783kb/Security-Operation-Book

  常见的攻击行为监测特征及方法，涵盖端点和流量，未包含PowerShell和Sysmon。预祝运营生活愉快！

  603136

• shmilylty/OneForAll

  OneForAll是一款功能强大的子域收集工具

  Language:Python8.2k1.3k

• DeEpinGh0st/Erebus

  CobaltStrike后渗透测试插件

  Language:PowerShell1.5k213