ir1SKry

ir1SKry's Stars

• fit2cloud/riskscanner

  RiskScanner 是开源的多云安全合规扫描平台，基于 Cloud Custodian 和 Nuclei 引擎，实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。

  Language:Java1.1k185

• al0ne/LinuxCheck

  Linux应急处置/信息搜集/漏洞检测工具，支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查

  Language:Shell1.8k392

• al0ne/suricata-rules

  Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

  1.1k291

• cisagov/Malcolm

  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

  Language:Python1.9k325

• nomi-sec/PoC-in-GitHub

  📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

  6.5k1.2k

• Ares-X/shiro-exploit

  Shiro反序列化利用工具，支持新版本(AES-GCM)Shiro的key爆破，配合ysoserial，生成回显Payload

  Language:Python887123

• awake1t/linglong

  一款甲方资产巡航扫描系统。系统定位是发现资产，进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示

  Language:Go1.7k306

• Metarget/metarget

  Metarget is a framework providing automatic constructions of vulnerable infrastructures.

  Language:Python1.1k169

• knownsec/404StarLink

  404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

  8.5k821

• madneal/gshark

  Scan for sensitive information easily and effectively.

  Language:Go906142

• hacklcx/HFish

  安全、可靠、简单、免费的企业级蜜罐

  4.1k655

• r4j0x00/exploits

  Language:C2.5k692

• r35tart/RedisWriteFile

  通过 Redis 主从写出无损文件

  Language:Python698109

• ffffffff0x/f8x

  红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

  Language:Shell1.8k276

• tide-emergency/yingji

  应急相关内容积累

  Language:PowerShell1.2k287

• blasty/CVE-2021-3156

  Language:C954238

• jvinet/knock

  A port-knocking daemon

  Language:C558115

• TideSec/BypassAntiVirus

  远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

  Language:XSLT4.6k1.2k

• rebeyond/Behinder

  “冰蝎”动态二进制加密网站管理客户端

  5.8k965

• uknowsec/Active-Directory-Pentest-Notes

  个人域渗透学习笔记

  1.7k359

• mitre/caldera

  Automated Adversary Emulation Platform

  Language:Python5.6k1.1k

• SwiftOnSecurity/sysmon-config

  Sysmon configuration file template with default high-quality event tracing

  4.8k1.7k

• fupinglee/JavaTools

  一些Java编写的小工具。

  30674

• bats3c/Ghost-In-The-Logs

  Evade sysmon and windows event logging

  Language:C611115

• projectdiscovery/nuclei

  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

  Language:Go20.5k2.5k

• rmb122/xss-receiver

  简单易用的 xss 接收平台 + payload 管理平台

  Language:Python9026

• bumzy/book

  7121.8k

• bluscreenofjeff/Red-Team-Infrastructure-Wiki

  Wiki to collect Red Team infrastructure hardening resources

  4.1k900

• LangziFun/LangSrcCurise

  SRC子域名资产监控

  Language:Python1.3k238

• admintony/shiro_rememberMe_Rce

  利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。

  Language:Python12316