godspeedcurry's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
charmbracelet/bubbletea
A powerful little TUI framework 🏗
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
star7th/showdoc
ShowDoc is a tool greatly applicable for an IT team to share documents online一个非常适合IT团队的在线API文档、技术文档工具
BishopFox/sliver
Adversary Emulation Framework
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
ekzhang/sshx
Fast, collaborative live terminal sharing over the web
Hackplayers/evil-winrm
The ultimate WinRM shell for hacking/pentesting
wy876/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1100多个poc/exp,长期更新。
sebaxakerhtc/rdpwrap.ini
RDPWrap.ini for RDP Wrapper Library by Stas'M
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
qi4L/JYso
It can be either a JNDIExploit or a ysoserial.
keystone-engine/keypatch
Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.
tdragon6/Supershell
Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell
Ne0nd0g/go-shellcode
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
niudaii/zpscan
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
dlclark/regexp2
A full-featured regex engine in pure Go based on the .NET engine
NHAS/reverse_ssh
SSH based reverse shell
Naturehi666/searchall
强大的敏感信息搜索工具
bee-san/Ares
Automated decoding of encrypted text without knowing the key or ciphers used
EdgeSecurityTeam/Eeyes
Eeyes(棱眼)-快速筛选真实IP并整理为C段
utoni/ptunnel-ng
Tunnel TCP connections through ICMP.
censys/censys-python
An easy-to-use and lightweight API wrapper for Censys APIs.
X1r0z/JNDIMap
JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK
ybdt/pentest-hub
Web打点、WAF绕过、代码审计
tarihub/blackjump
JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021
godspeedcurry/godscan
lousix/Log4j2-RCE-Scanner
log4j2 rce漏洞扫描器
godspeedcurry/ExploitTools
渗透工具搜集
godspeedcurry/cloud-ip-query
check if IP is a cloud provider IP / 查询IP是否为云厂商IP