hack-umbrella

hack-umbrella's Stars

• vulhub/vulhub

  Pre-Built Vulnerable Environments Based on Docker-Compose

  Language:Dockerfile17.6k5751834.4k

• chaitin/SafeLine

  serve as a reverse proxy to protect your web services from attacks and exploits.

  Language:Go12.1k68862753

• meolu/walle-web

  walle - 瓦力 Devops开源项目代码部署平台

  Language:Python11.8k5229642.8k

• ambionics/phpggc

  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

  Language:PHP3.2k6560494

• Ascotbe/Kernelhub

  :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)

  Language:C2.9k805668

• JoyChou93/java-sec-code

  Java web common vulnerabilities and security code which is base on springboot and spring security

  Language:Java2.4k4529637

• wgpsec/fofa_viewer

  A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

  Language:Java1.6k20145157

• Adminisme/ServerScan

  ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

  Language:Go1.5k338216

• FeeiCN/SecurityInterviewGuide

  网络信息安全从业者面试指南

  1.4k272143

• Moddable-OpenSource/moddable

  Tools for developers to create truly open IoT products using standard JavaScript on low cost microcontrollers.

  Language:C1.3k62884236

• Schira4396/VcenterKiller

  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

  Language:Go1.3k1514163

• whwlsfb/JDumpSpider

  HeapDump敏感信息提取工具

  Language:Java1.3k138132

• 1n7erface/Template

  Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描

  1.1k1833120

• jar-analyzer/jar-analyzer

  Jar Analyzer - 一个JAR包分析工具，SCA漏洞分析，批量分析JAR包，方法调用关系搜索，字符串搜索，Spring组件分析，CFG程序分析，JVM栈帧分析，进阶表达式搜索，字节码指令级的动态调试分析，反编译JAR包一键导出，一键提取序列化数据恶意代码，一键分析BCEL字节码

  Language:Java1k76994

• Mob2003/rakshasa

  基于go编写的跨平台、稳定、隐秘的多级代理内网穿透工具

  Language:Go1k1213142

• ben-sb/javascript-deobfuscator

  General purpose JavaScript deobfuscator

  Language:TypeScript7471449106

• LandGrey/ClassHound

  利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码

  Language:Python6939195

• yhy0/ExpDemo-JavaFX

  图形化漏洞利用Demo-JavaFX版

  Language:Java660187140

• phith0n/zkar

  ZKar is a Java serialization protocol analysis tool implement in Go.

  Language:Go59613452

• smallcham/sec-admin

  分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

  Language:Python593521118

• eciavatta/caronte

  A tool to analyze the network flow during attack/defence Capture the Flag competitions

  Language:JavaScript58683380

• rudyxu1102/cross-origin

  A collection of simple demos of CORS

  Language:JavaScript579194183

• Accenture/jenkins-attack-framework

  Language:Python55417062

• zema1/yarx

  An awesome reverse engine for xray poc. | 一个自动化根据 xray poc 生成对应靶站的工具

  Language:Go4048550

• veracode-research/spring-view-manipulation

  When MVC magic turns black

  Language:Java2807028

• Richard-Tang/x1DecoderPlus

  AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell

  1613320

• YDHCUI/csload.net

  一个cobaltstrike shellcode加载器，过国内主流杀软

  Language:C#1213114

• PDWR/3vilMacro

  This is a easy tool for gen VBA code, and bypass most antivirus

  597416

• DeEpinGh0st/JetbrainsServerFinder

  一个利用Shodan搜索引擎查询Jetbrains系列产品激活服务器的网页端工具

  Language:Python554315

• Q1IQ/CTF

  Store the exps and attachments for my blog and articles.

  Language:Python4001