h978133440

h978133440's Stars

• trufflesecurity/trufflehog

  Find, verify, and analyze leaked credentials

  Language:Go17.7k1.7k

• WangYihang/GitHacker

  🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

  Language:Python1.5k230

• zhzyker/exphub

  Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

  Language:Python4.1k1.1k

• firerpa/lamda

  🤖 史上最强云手机远程桌面逆向抓包HOOK自动化取证能力集一体的安卓 RPA 框架，下一代移动数据自动化机器人。

  Language:Python6.3k879

• fullhunt/log4j-scan

  A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

  Language:Python3.4k740

• 0x727/ShuiZe_0x727

  信息收集自动化工具

  Language:Python3.8k575

• safe6Sec/ShiroExp

  shiro综合利用工具

  Language:Java61986

• lijiejie/EasyPen

  EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation

  Language:JavaScript61179

• ehang-io/nps

  一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.

  Language:Go31.1k5.6k

• 0xInfection/Awesome-WAF

  🔥 Web-application firewalls (WAFs) from security standpoint.

  Language:Python6.4k1.1k

• zhzyker/dismap

  Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

  Language:Go2.1k268

• biggerduck/RedTeamNotes

  红队笔记

  2k352

• tr0uble-mAker/POC-bomber

  利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点

  Language:Python2.3k379

• H4ckForJob/dirmap

  An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

  Language:Python3.2k548

• urbanadventurer/WhatWeb

  Next generation web scanner

  Language:Ruby5.6k913

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go12.2k1.9k

• Bypass007/Emergency-Response-Notes

  应急响应实战笔记，一个安全工程师的自我修养。

  5.3k1.3k

• CompassSecurity/BloodHoundQueries

  Language:Python63274

• darkr4y/geacon

  Practice Go programming and implement CobaltStrike's Beacon in Go

  Language:Go1.2k206

• pentestfactory/Invoke-DCSync

  PowerShell script to DCSync NT-Hashes from an Active Directory Domain Controller (DC)

  Language:PowerShell135

• tevora-threat/PowerView3-Aggressor

  Cobalt Strike Aggressor script menu for Powerview/SharpView

  12840

• Kevin-Robertson/Inveigh

  .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

  Language:C#2.6k449

• ropnop/kerbrute

  A tool to perform Kerberos pre-auth bruteforcing

  Language:Go2.7k422

• r35tart/RW_Password

  此项目用来提取收集以往泄露的密码中符合条件的强弱密码

  Language:Python1.1k311

• hasherezade/pe_to_shellcode

  Converts PE into a shellcode

  Language:C++2.4k439

• defaul0t/sql_scan

  sql注入扫描小工具

  Language:Python412

• ph4ntonn/Stowaway

  👻Stowaway -- Multi-hop Proxy Tool for pentesters

  Language:Go2.9k411

• Ekultek/BlueKeep

  Proof of concept for CVE-2019-0708

  Language:Python1.2k346

• TideSec/BypassAntiVirus

  远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

  Language:XSLT4.6k1.2k

• Kevin-Robertson/Powermad

  PowerShell MachineAccountQuota and DNS exploit tools

  Language:PowerShell1.3k177