Pinned Repositories
BurpBountyPlus
BurpBounty 魔改版本
crawler2xray
spider web site request traffic to xray scanner.
HashDiff
应急响应辅助工具,根据样本hash 全盘检索
Havoc_windows
havoc windows
PocStart
轻量级漏洞验证和利用框架
PointSearch
备份文件快速扫描工具
PortGo
fofa gui query tool
SomeTools
自己使用的一些脚本和工具
SQLEXP
SQL 注入利用工具,存在waf的情况下自定义编写tamper脚本 dump数据
WebScreen
网站快照工具
ggg4566's Repositories
ggg4566/BurpBountyPlus
BurpBounty 魔改版本
ggg4566/PocStart
轻量级漏洞验证和利用框架
ggg4566/WebScreen
网站快照工具
ggg4566/HashDiff
应急响应辅助工具,根据样本hash 全盘检索
ggg4566/PortGo
fofa gui query tool
ggg4566/CobaltStrikeReflectiveLoader
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
ggg4566/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
ggg4566/gosint
Gosint is a distributed asset information collection and vulnerability scanning platform
ggg4566/AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
ggg4566/cobalt_strike_extension_kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
ggg4566/cornershot
Amplify network visibility from multiple POV of other hosts
ggg4566/Developer-Books
编程开发相关书籍整理分享,持续更新...
ggg4566/Doge-MemX
Golang implementation of Reflective load PE from memory
ggg4566/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
ggg4566/JNDI-Inject-Exploit
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
ggg4566/JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
ggg4566/JSPHorse
结合反射调用、动态编译、BCEL、defineClass0,ScriptEngine、Expression等技术的一款免杀JSP Webshell生成工具
ggg4566/Kernelhub
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)
ggg4566/Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
ggg4566/MultiPotato
ggg4566/nanodump
Dump LSASS like you mean it
ggg4566/PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
ggg4566/RedTeamNotes
红队笔记
ggg4566/revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
ggg4566/secguide
面向开发人员梳理的代码安全指南
ggg4566/SharpAllowedToAct-Modify
resource-based constrained delegation RBCD
ggg4566/SharpBeacon
CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
ggg4566/trojan-go
Go实现的Trojan代理,支持多路复用/路由功能/CDN中转/Shadowsocks混淆插件,多平台,无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW. https://p4gefau1t.github.io/trojan-go/
ggg4566/v2ray-agent
(VLESS+TCP+TLS/VLESS+TCP+XTLS/VLESS+gRPC+TLS/VLESS+WS+TLS/VMess+TCP+TLS/VMess+WS+TLS/Trojan+TCP+TLS/Trojan+gRPC+TLS/Trojan+TCP+XTLS)+伪装站点、八合一共存脚本,支持多内核安装
ggg4566/Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.