Pinned Repositories
-
白帽子讲Web安全
ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
ARL-plus-docker
基于斗象灯塔ARL修改后的版本。相比原版,增加了OneForAll、**数据库,修改了altDns
arl_files
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
Awesome-WAF
🔥 A curated list of awesome web-app firewall (WAF) stuff.
Blasting_dictionary
爆破字典
bug-bounty
list of bug bounty writeups
bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
darknight-666's Repositories
darknight-666/Awesome-WAF
🔥 A curated list of awesome web-app firewall (WAF) stuff.
darknight-666/Blasting_dictionary
爆破字典
darknight-666/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
darknight-666/CVE-2018-3191
CVE-2018-3191-PoC
darknight-666/CVE-2019-3396_EXP
CVE-2019-3396 confluence SSTI RCE
darknight-666/fuzzdb
Web Fuzzing Discovery and Attack Pattern Database
darknight-666/genpAss
**特色的弱口令生成器
darknight-666/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
darknight-666/Mind-Map
各种安全相关思维导图整理收集
darknight-666/MYSQL_SQL_BYPASS_WIKI
mysql注入,bypass的一些心得
darknight-666/nowater_web
"zhikanlz.com" for baidu, douban, tianya (web part, by web.py)
darknight-666/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
darknight-666/Pentest_Interview
个人准备渗透测试和安全面试的经验,和部分厂商的面试题
darknight-666/RW_Password
此项目用来提取收集以往泄露的密码中符合条件的强弱密码
darknight-666/scaner
扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
darknight-666/scripts
Utils
darknight-666/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
darknight-666/SecurityTechnique
Security technique research and some funny work on it !
darknight-666/src
日常src平台域名收集
darknight-666/tbtnewoto
darknight-666/tool
darknight-666/UnionPay
1.1
darknight-666/VulBoxSpider
漏洞盒子入驻企业列表爬虫
darknight-666/web-log-parser
web日志分析工具
darknight-666/web-sec-interview
信息安全(Web安全/渗透测试方向)面试题/解题思路
darknight-666/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
darknight-666/xl7dev.github.io
it's my blog
darknight-666/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
darknight-666/xxe-lab
一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo