Pinned Repositories
2019-Read-article
2019年网上阅读过的文章记录
Active-Directory-Security-101
Active-Directory-Security-101
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
AggressorScripts-1
Aggressor scripts for use with Cobalt Strike 3.0+
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
AntSword-Loader
AntSword 加载器
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
APT_REPORT
Interesting apt report collection and some special ioc express
Micro8
Gitbook
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
h3xhash's Repositories
h3xhash/Active-Directory-Security-101
Active-Directory-Security-101
h3xhash/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
h3xhash/AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
h3xhash/aquatone
A Tool for Domain Flyovers
h3xhash/awesome-magento2
Curated list of awesome Magento 2 Extensions, Resources and other Highlights
h3xhash/Bug-Bounty-Toolz
BBT - Bug Bounty Tools
h3xhash/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
h3xhash/CobaltStrike
CobaltStrike's source code
h3xhash/DomLink
A tool to link a domain with registered organisation names and emails, to other domains.
h3xhash/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
h3xhash/exploitdb-bin-sploits
Exploit Database binary exploits located in the /sploits directory
h3xhash/exploitdb-papers
exploit-database-papers
h3xhash/FavFreak
Making Favicon.ico based Recon Great again !
h3xhash/github-search
Tools to perform basic search on GitHub.
h3xhash/github-subdomains
Find subdomains on GitHub
h3xhash/gospider
Gospider - Fast web spider written in Go
h3xhash/hacks
A collection of hacks and one-off scripts
h3xhash/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
h3xhash/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
h3xhash/nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
h3xhash/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
h3xhash/OneForAll
OneForAll是一款功能强大的子域收集工具
h3xhash/pentest-tools
Custom pentesting tools
h3xhash/retoolkit
Reverse Engineer's Toolkit
h3xhash/shellcodeloader
shellcodeloader
h3xhash/ShiroScan
Shiro<=1.2.4反序列化,一键检测工具
h3xhash/shuffledns
MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
h3xhash/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
h3xhash/tbhm
The Bug Hunters Methodology
h3xhash/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档