Pinned Repositories
AV_Evasion_Tool
掩日 - 免杀执行器生成工具
CIS
linux 基线检查
command
红队常用命令速查
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
HackTheBox
Collection of scripts and documentations of retired machines in the hackthebox.eu platform
javasec
自己学习java安全的一些总结,主要是安全审计相关
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Kernelhub
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)
Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
hack-umbrella's Repositories
hack-umbrella/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-5902、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
hack-umbrella/AV_Evasion_Tool
掩日 - 免杀执行器生成工具
hack-umbrella/javasec
自己学习java安全的一些总结,主要是安全审计相关
hack-umbrella/Kernelhub
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (Windows提权漏洞合集)
hack-umbrella/3vilMacro
hack-umbrella/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
hack-umbrella/AI-for-Security-Learning
安全场景、基于AI的安全算法和安全数据分析学习资料整理
hack-umbrella/Arjun
HTTP parameter discovery suite.
hack-umbrella/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
hack-umbrella/Behinder
“冰蝎”动态二进制加密网站管理客户端
hack-umbrella/chisel
A fast TCP tunnel over HTTP
hack-umbrella/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
hack-umbrella/FscanX
A Large killer focused on intranet scanning
hack-umbrella/gobuster
Directory/File, DNS and VHost busting tool written in Go
hack-umbrella/HackTheBox-Writeups
hack-umbrella/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
hack-umbrella/JavaSecurity
Java web and command line applications demonstrating various security topics
hack-umbrella/javaweb-sec
攻击Java Web应用-[Java Web安全]
hack-umbrella/kscan
Kscan是一款轻量级的资产发现工具,可针对IP/IP段或资产列表进行端口扫描以及TCP指纹识别和Banner抓取,在不发送更多的数据包的情况下尽可能的获取端口更多信息。
hack-umbrella/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
hack-umbrella/linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
hack-umbrella/memshell
Tomcat 冰蝎内存马。
hack-umbrella/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
hack-umbrella/Penetration-Testing-Tools
A collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
hack-umbrella/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
hack-umbrella/ProcDump-for-Linux
A Linux version of the ProcDump Sysinternals tool
hack-umbrella/reMemshell
rebeyond大神的memshell复现研究
hack-umbrella/skyscorpion
天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端,支持跨平台运行,目前基于JDK1.8开发,运行必须安装JDK或JRE 1.8,注意不能是open jdk,只能是oracle的jdk。 天蝎权限管理工具基于冰蝎加密流量进行WebShell通信管理的原理,目前实现了jsp、aspx、php、asp端的常用操作功能,在原基础上,优化了大文件上传下载、Socket代理的问题,修改了部分API接口代码。
hack-umbrella/XXEinjector
Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
hack-umbrella/ysoserial.net
Deserialization payload generator for a variety of .NET formatters