hakuQAQ's Stars
1n7erface/Template
Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描
biggerduck/RedTeamNotes
红队笔记
nccgroup/demiguise
HTA encryption tool for RedTeams
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
diego-treitos/linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
ResidualLaugh/FindSomething
基于chrome、firefox插件的被动式信息泄漏检测工具
mvdan/xurls
Extract urls from text
TideSec/WDScanner
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
7hang/--Java
代码审计知识点整理-Java
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Xre0uS/MultiDump
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
Getshell/Mshell
Memshell-攻防内存马研究
SagerNet/sing-box
The universal proxy platform
mvdan/gofumpt
A stricter gofmt
MalwareTech/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
c0ny1/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
chainreactors/gogo
面向红队的, 高度可控可拓展的自动化引擎
FindAllTeam/FindAll
Automated analysis of network security emergency response tools.(自动化分析网络安全应急响应工具)
zema1/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
Mochazz/ThinkPHP-Vuln
关于ThinkPHP框架的历史漏洞分析集合
gh0stkey/HaE
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
wh0amitz/SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
lemonlove7/EHole_magic
EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破
Schira4396/VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
icyguider/UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
INotGreen/XiebroC2
渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理
SagerNet/v2ray-core
A platform for building proxies to bypass network restrictions (for SagerNet :)
niudaii/zpscan
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
pen4uin/java-memshell-generator
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.