Pinned Repositories
111
2021CDN
ActuatorExploit
SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
apkshell
实用的针对安卓应用加壳类型判断的小工具,涵盖各大商业、企业壳, 长期保持更新
AppSecEzine
AppSec Ezine Public Repository.
APT-Guide
APT学习指南(Advanced persistent threat learning Guide)
Arbitrium-RAT
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Deltafox79
findcool's Repositories
findcool/2021CDN
findcool/AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
findcool/apkshell
实用的针对安卓应用加壳类型判断的小工具,涵盖各大商业、企业壳, 长期保持更新
findcool/AppSecEzine
AppSec Ezine Public Repository.
findcool/Arbitrium-RAT
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
findcool/blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
findcool/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
findcool/cve-2021-1647
findcool/daily-info
findcool/DarkEye
渗透测试情报收集工具
findcool/Emperortino.github.io
findcool/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
findcool/github_pojiezhiyuanjun_freev2
findcool/go-stare
A fast & light web screenshot without headless browser but Chrome DevTools Protocol!
findcool/gravity
findcool/LangSrcCurise
SRC子域名资产监控
findcool/LSpider
LSpider 一个为被动扫描器定制的前端爬虫
findcool/pdd_3years
我在拼多多的三年,以及网站崩溃时候的日志文件
findcool/PoC-in-GitHub
📡 PoC auto collect from GitHub. Be careful malware.
findcool/POC-T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
findcool/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
findcool/r0tracer
安卓Java层多功能追踪脚本
findcool/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
findcool/tool-iFofa
findcool/uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
findcool/VisualDoor
SonicWall SSL-VPN Exploit
findcool/vulmap
Vulmap - Web vulnerability scanning and verification tools,支持扫描 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, nexus, weblogic, jboss, thinkphp,并且具备漏洞利用功能。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530, CVE-2020-17518, CVE-2020-17519
findcool/VulWiki
VulWiki
findcool/WePush
专注批量推送的小而美的工具,目前支持:模板消息-公众号、模板消息-小程序、微信客服消息、微信企业号/企业微信消息、阿里云短信、阿里大于模板短信 、腾讯云短信、云片网短信、E-Mail、HTTP请求、钉钉、华为云短信、百度云短信、又拍云短信、七牛云短信
findcool/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档