chengjianshia's Stars
zema1/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
H4cking2theGate/ysogate
Java反序列化/JNDI注入/恶意类生成工具,支持多种高版本bypass,支持回显/内存马等多种扩展利用。
bit4woo/domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
jimmy201602/webterminal
ssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django
JohnHammond/recaptcha-phish
Phishing with a fake reCAPTCHA
M0nster3/Beacon
重构Beacon
ricardojoserf/SharpCovertTube
Youtube as C2 channel - Control Windows systems uploading videos to Youtube
ricardojoserf/NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)
1ucky7/MySQL_Fake_Server_for_woodpecker_yso
MySQL_Fake_Server-啄木鸟yso适配版
x64dbg/x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
kuteteen/IGG
免越狱iOS内存修改器比IGG快,支持远程更新,远程菜单
SecuraBV/CVE-2020-1472
Test tool for CVE-2020-1472
Ridter/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
adysec/ARL
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
nicepkg/aide
Conquer Any Code in VSCode: One-Click Comments, Conversions, UI-to-Code, and AI Batch Processing of Files! 在 VSCode 中征服任何代码:一键注释、转换、UI 图生成代码、AI 批量处理文件!💪
Neo-Maoku/SearchAvailableExe
寻找可利用的白文件
yj94/BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
berryalen02/PECracker
针对PE文件的分离的攻防对抗工具,红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.
AabyssZG/Docker-TCP-Scan
旨在以攻促防,针对Docker TCP socket的开源利用工具
DigitalPlatDev/US.KG
US.KG Free Domain For Everyone
A-D-Team/SharpMemshell
Memshell
huiyadanli/RevokeMsgPatcher
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
HackerCalico/Magic_C2
红队 C2 框架,使用 No X Loader 技术。Red Team C2 Framework, using No X Loader technology.
gh0stkey/HaE
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
metaStor/SpringScan
SpringScan 漏洞检测 Burp插件
BeichenDream/Godzilla
哥斯拉
XaFF-XaFF/CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
0xn0ne/weblogicScanner
weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883
microsoft/Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.