Pinned Repositories
0day-exp
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2022-HW-POC
2022 护网行动 POC 整理
2023Hvv
2023 HVV情报速递~
403bypasser
7days-golang
7 days golang programs from scratch (web framework Gee, distributed cache GeeCache, object relational mapping ORM framework GeeORM, rpc framework GeeRPC etc) 7天用Go动手写/从零实现系列
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
sec-books-part1
网络安全书籍汇总PDF;:books: 网安类绝版图书
supplier
主流供应商的一些攻击性漏洞汇总
jack1024z's Repositories
jack1024z/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
jack1024z/Awesome-Redteam
一个攻防知识仓库
jack1024z/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
jack1024z/CVE-2023-46747-RCE
exploit for f5-big-ip RCE cve-2023-46747
jack1024z/daily-info
jack1024z/dictionaries
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
jack1024z/ExploitHunter
常用漏洞脚本
jack1024z/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
jack1024z/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
jack1024z/impacket
Impacket is a collection of Python classes for working with network protocols.
jack1024z/javaweb-sec
jack1024z/ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache
jack1024z/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
jack1024z/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
jack1024z/Nuclei-Templates-Collection
Nuclei Templates Collection
jack1024z/nuclei-templates-vulnexpro
jack1024z/NucleiTP
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
jack1024z/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
jack1024z/POC
2023HW漏洞整理,收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了100多个poc/exp
jack1024z/PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
jack1024z/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
jack1024z/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
jack1024z/secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
jack1024z/sigma
Main Sigma Rule Repository
jack1024z/SpringBoot-Scan
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
jack1024z/VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
jack1024z/Vulhub-Reproduce
一个Vulhub漏洞复现知识库
jack1024z/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
jack1024z/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
jack1024z/wordlists
Real-world infosec wordlists, updated regularly