ir1SKry's Stars
404notf0und/AI-for-Security-Learning
安全场景、基于AI的安全算法和安全数据分析业界实践
knownsec/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
bsauce/kernel-exploit-factory
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
safe6Sec/Fastjson
Fastjson姿势技巧集合
veo/nginx_shell
nginx WebShell/内存马,更优雅的nignx backdoor
ProfSynapse/Synapse_CoR
zer0yu/Awesome-CobaltStrike
List of Awesome CobaltStrike Resources
Mr-xn/RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
wyzxxz/jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
JoyChou93/webshell
入侵分析时发现的Webshell后门
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
CVEProject/cvelist
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
sairson/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)
editso/fuso
一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption)
chaitin/veinmind-tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
threedr3am/JSP-WebShells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
Sysinternals/SysmonForLinux
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
knownsec/shellcodeloader
shellcodeloader
0x783kb/Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
skelsec/pypykatz
Mimikatz implementation in pure Python
kleiton0x00/ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
elastic/detection-rules
w-digital-scanner/w9scan
Plug-in type web vulnerability scanner
go-gorm/gen
Gen: Friendly & Safer GORM powered by Code Generation
lijiejie/swagger-exp
A Swagger API Exploit
ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
jmpews/pwn2exploit
all mine papers, pwn & exploit
JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
theLSA/emergency-response-checklist
应急响应指南 / emergency response checklist