hjk201960

--Java

代码审计知识点整理-Java

0v3rr1d3.github.io

1000php

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

360SafeBrowsergetpass

这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本，用于节省红队人员工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。

3os.org

Collocation of technical documentation and guides for devops, developers, pentesters, systems administrators and other IT professionals website

AMP-Research

Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks

Android-Exploits

A collection of android Exploits and Hacks

Cobalt_Strike_wiki

Cobalt Strike系列

struts-scan

Python2编写的struts2漏洞全版本检测和利用工具

hjk201960/0v3rr1d3.github.io

hjk201960/1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

hjk201960/3os.org

Collocation of technical documentation and guides for devops, developers, pentesters, systems administrators and other IT professionals website

hjk201960/AMP-Research

Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks

hjk201960/Awesome-POC

一个漏洞POC知识库 目前数量 1000+

hjk201960/awesome-web-security

🐶 A curated list of Web Security materials and resources.

hjk201960/bayonet

bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统

hjk201960/bug-hunting-101

hjk201960/BypassAntiVirus

远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

hjk201960/crawlergo

A powerful browser crawler for web vulnerability scanners

hjk201960/ddos-dos-tools

some sort of ddos-tools

hjk201960/evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

hjk201960/files

hjk201960/Fvuln

F-vuln（全称：Find-Vulnerability）是为了自己工作方便专门编写的一款自动化工具，主要适用于日常安全服务、渗透测试人员和RedTeam红队人员，它集合的功能包括：存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。

hjk201960/Gadgets

Java反序列化漏洞利用链补全计划，仅用于个人归纳总结。

hjk201960/Goby-POC

来源于网络收集的Goby&POC，实时更新。

hjk201960/KitHack

Hacking tools pack & backdoors generator.

hjk201960/Kunlun-M

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

hjk201960/Ladon

大型内网渗透扫描器&Cobalt Strike，Ladon9.1.4内置150个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

hjk201960/Mythic

A collaborative, multi-platform, red teaming framework

hjk201960/nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

hjk201960/POC123

备份的漏洞库，3月开始我们来维护

hjk201960/PocOrExp_in_Github

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

hjk201960/QingTing

蜻蜓安全一个安全工具编排平台,可以自由编排你的工具流,集成108款工具,包括xray、nmap、awvs等;你可以将喜欢的工具编排成一个场景，快速打造适合自己的安全工作台~

hjk201960/sast-scan

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.

hjk201960/slowhttptest

Application Layer DoS attack simulator

hjk201960/Vulnerability-Wiki

一个综合漏洞知识库，集成了Vulhub、Peiqi、Edge、0sec、Wooyun等开源漏洞库

hjk201960/web-client

Reconmap's web client written in React. Manage all your pentest projects from a single place.

hjk201960/WindTerm

A professional cross-platform SSH/Sftp/Shell/Telnet/Serial terminal.

hjk201960/working-time-download

公司工作作息表