Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
awesome-burp-suite
Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
hackerone-reports
Top disclosed reports from HackerOne
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
PhishingLogin
钓鱼页账号密码接收脚本
Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
VpsEnvInstall
一键部署渗透VPS
fuzz-security's Repositories
fuzz-security/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
fuzz-security/Pentest_Note
渗透测试常规操作记录
fuzz-security/xray-crack
xray社区高级版证书生成,仅供学习研究,正常使用请支持正版
fuzz-security/r0capture
安卓应用层抓包通杀脚本
fuzz-security/cobalt_strike_extension_kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
fuzz-security/pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
fuzz-security/c-jwt-cracker
JWT brute force cracker written in C
fuzz-security/Creds
Some usefull Scripts and Executables for Pentest & Forensics
fuzz-security/CrossC2
来自 gloxec 的 CrossC2 frameworkfork 备份 2.0版本
fuzz-security/javaserializetools
Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。
fuzz-security/PortBrute
一款跨平台小巧的端口爆破工具,支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD
fuzz-security/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
fuzz-security/yjdirscan
御剑目录扫描专业版v1.0,一款简单实用的命令行网站目录扫描工具,支持UA自定义、假404自动过滤、扫描限速、fuzz和自定义字典、字典变量等功能。
fuzz-security/awesome-indie
Resources for independent developers to make money
fuzz-security/bylibrary
白阁文库内测版
fuzz-security/CheeseTools
Self-developed tools for Lateral Movement/Code Execution
fuzz-security/chisel
A fast TCP tunnel over HTTP
fuzz-security/EVA2
Another version of EVA using anti-debugging techs && using Syscalls
fuzz-security/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
fuzz-security/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
fuzz-security/Ghostpack-CompiledBinaries
Compiled Binaries for Ghostpack (.NET v4.0)
fuzz-security/HiveNightmare
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11
fuzz-security/inceptor
Template-Driven AV/EDR Evasion Framework
fuzz-security/mellow
Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux. Also a Proxifier alternative.
fuzz-security/Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
fuzz-security/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
fuzz-security/pystinger
Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具
fuzz-security/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
fuzz-security/spp
简单强大的多协议双向代理工具 A simple and powerful proxy
fuzz-security/vulmap
Vulmap是一款漏洞扫描工具,可对Web容器、Web服务器、Web中间件以及CMS等Web程序进行漏洞扫描,并且具备漏洞利用功能。 相关测试人员可以使用vulmap检测目标是否存在特定漏洞,并且可以使用漏洞利用功能验证漏洞是否真实存在。