Pinned Repositories
0xsp-Mongoose
Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
3102
A domain/ip fuzzing tool for vulnerability mining
404StarLink2.0-Galaxy
404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目
abuse-ssl-bypass-waf
Bypassing WAF by abusing SSL/TLS Ciphers
acme.sh
A pure Unix shell script implementing ACME client protocol
Decryption-Tools
Decryption-Tools
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
upload_fuzz
上传payload太多,使用脚本批量跑
code4security's Repositories
code4security/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
code4security/404StarLink2.0-Galaxy
404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目
code4security/Autoscanner
自动化爆破子域名,并遍历所有端口寻找http服务,并使用crawlergo、dirsearch、xray等工具扫描并集成报告;支持动态添加扫描到的域名至任务;
code4security/burpFakeIP
一个用于伪造ip地址进行爆破的Burp Suite插件
code4security/bypass-av-note
免杀技术大杂烩---乱拳也打不死老师傅
code4security/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
code4security/cDomain
利用天眼查查询企业备案
code4security/commix
Automated All-in-One OS Command Injection Exploitation Tool
code4security/cplusplus17
code4security/crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
code4security/f8x
红/蓝队环境自动化部署工具
code4security/frida-skeleton
基于frida的安卓hook框架,提供了很多frida自身不支持的功能,将hook安卓变成简单便捷,人人都会的事情
code4security/gobuster
Directory/File, DNS and VHost busting tool written in Go
code4security/jsproxy
一个基于浏览器端 JS 实现的在线代理
code4security/kb-proxy
kb-proxy 是一个可本地部署的、提供代理功能、接口测试管理、支持在线Mock、Host环境管理的在线工具平台。
code4security/Limelighter
A tool for generating fake code signing certificates or signing real ones
code4security/linbing
本系统是对目标进行漏洞扫描的一个系统,前端采用vue技术,后端采用flask.核心原理是扫描主机的开放端口情况,然后根据端口情况逐个去进行poc检测,poc有110多个,包含绝大部分的中间件漏洞,本系统的poc皆来源于网络或在此基础上进行修改
code4security/myrep
code4security/myscan
myscan 被动扫描
code4security/nali-cli
:anchor: Parse geoinfo of IP Address without leaving your terminal
code4security/Pentest-tools
Intranet penetration tools
code4security/pydictor
A powerful and useful hacker dictionary builder for a brute-force attack
code4security/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
code4security/RevokeMsgPatcher
:trollface: A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
code4security/sec-admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
code4security/upload-fuzz-dic-builder
上传漏洞fuzz字典生成脚本
code4security/Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
code4security/WindowsElevation
Windows Elevation(持续更新)
code4security/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
code4security/XSS-LOADER
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder