Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2021_Hvv
2021 hw
Amass
In-depth Attack Surface Mapping and Asset Discovery(子域名爆破)
AndroidTools
AndroidTools
AppScan
安全隐私卫士(AppScan)一款免费的企业级自动化App隐私合规检测工具。
BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
BurpSuite
BurpSuite using the document and some extensions
Glass
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa Api快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
Todo
定个计划好好学习
vulbase
各大漏洞文库合集
godlike008's Repositories
godlike008/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
godlike008/Amass
In-depth Attack Surface Mapping and Asset Discovery(子域名爆破)
godlike008/AppScan
安全隐私卫士(AppScan)一款免费的企业级自动化App隐私合规检测工具。
godlike008/BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
godlike008/BurpAppletPentester
SessionKey解密插件
godlike008/BurpAPIFinder
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
godlike008/dbeaver
Free universal database tool and SQL client
godlike008/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
godlike008/FireEyeGoldCrystal
一个GitHub监控和信息收集工具,支持监控和收集CVE、免杀、漏洞利用等内置关键字和自定义关键字。
godlike008/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
godlike008/go_proxy_pool
无环境依赖开箱即用的代理IP池
godlike008/InfoSearchAll
为了方便安全从业人员在使用网络测绘平台进行信息搜集时的效率,本程序集合了多个网络测绘平台,可以快速在多个网络测绘平台搜索信息并且合并展示及导出。
godlike008/ip-rotate
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
godlike008/JNDI-Inject-Exploit
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
godlike008/Joker
一款基于Http.sys的利用工具 ZhuriLab/Joker 备份
godlike008/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
godlike008/knock
Knock Subdomain Scan(子域名爆破)
godlike008/leakinfo_finder
批量爬取JS文件中接口信息,添加spring boot actuator目录扫描以及手机号、身份证号码等敏感信息匹配
godlike008/MDUT
MDUT - Multiple Database Utilization Tools(数据库)
godlike008/MonkeyDev
CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
godlike008/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
godlike008/Pyke-Shiro
复杂请求下的Shiro反序列化利用工具
godlike008/QtScrcpy
Android real-time display control software
godlike008/RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
godlike008/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
godlike008/Sublist3r
Fast subdomains enumeration tool for penetration testers(子域名爆破)
godlike008/Subrake
A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.(子域名爆破)
godlike008/superSearchPlus
聚合版空间资产测绘
godlike008/SXF_aTrust_sandbox_bypass
深信服零信任沙箱逃逸( 正常功能,所以我也不打算再提交CNVD, 给使用这款产品的用户介绍下功能效果)
godlike008/uber-apk-signer
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.