Pinned Repositories
2019-Read-article
2019年网上阅读过的文章记录
Active-Directory-Security-101
Active-Directory-Security-101
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
AggressorScripts-1
Aggressor scripts for use with Cobalt Strike 3.0+
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
AntSword-Loader
AntSword 加载器
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
APT_REPORT
Interesting apt report collection and some special ioc express
Micro8
Gitbook
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
h3xhash's Repositories
h3xhash/SubOver
A Powerful Subdomain Takeover Tool
h3xhash/javaScript
前端特效存档
h3xhash/httpx-1
A next generation HTTP client for Python. 🦋
h3xhash/ffuf
Fast web fuzzer written in Go
h3xhash/httpx
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
h3xhash/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
h3xhash/V2Ray_ws-tls_bash_onekey
V2Ray Nginx+vmess+ws+tls/ http2 over tls 一键安装脚本
h3xhash/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
h3xhash/Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / A collection of cobaltstrike resources to make you better!
h3xhash/Bug-Bounty-Roadmaps
Bug Bounty Roadmaps
h3xhash/APT_REPORT
Interesting apt report collection and some special ioc express
h3xhash/mimikatz
A little tool to play with Windows security
h3xhash/vue
vue源码逐行注释分析+40多m的vue源码程序流程图思维导图 (diff部分待后续更新)
h3xhash/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
h3xhash/subscraper
Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomains to enumerate a list of subdomains for a given URL.
h3xhash/bugcrowd_university
Open source education content for the researcher community
h3xhash/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
h3xhash/LaZagne
Credentials recovery project
h3xhash/over-golang
Golang相关:[进度80%]Go语法、Go并发**、Go与web开发、Go微服务设施等
h3xhash/Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
h3xhash/Arjun
HTTP parameter discovery suite.
h3xhash/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
h3xhash/Sn1per
Automated pentest framework for offensive security experts
h3xhash/PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
h3xhash/knock
Knock Subdomain Scan
h3xhash/hashcat
World's fastest and most advanced password recovery utility
h3xhash/BurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
h3xhash/ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
h3xhash/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
h3xhash/gobuster
Directory/File, DNS and VHost busting tool written in Go