kirra-max

kirra-max's Stars

• Soufaker/laoyue

  自动化监控赏金项目-定期收集资产,漏洞进行推送(现在可以稳定收菜,有问题issues我)-关注-夜安团队SEC-加我微信进群可下载最新自动化版本,git目前不会更新了,群里目前版本1.3.1,项目优化了非常多,功能也加入了非常多,建议进群(没收费项目放心白嫖)

  Language:Python53452

• Anyyy111/killEscaper

  Shellcode 免杀生成器 绕过火绒、360（Windows版本）

  Language:Roff12616

• Ghr07h/Heimdallr

  一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗

  Language:JavaScript1.5k106

• knownsec/404StarLink

  404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

  8.7k831

• sp4zcmd/WeblogicExploit-GUI

  Weblogic漏洞利用图形化工具 支持注入内存马、一键上传webshell、命令执行

  71782

• cisagov/log4j-scanner

  log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

  Language:Java1.3k215

• Cl0udG0d/QQFishing

  QQ钓鱼，社会工程

  Language:HTML10925

• 4ndr34z/shells

  Script for generating revshells

  Language:Shell45788

• SafeGroceryStore/MDUT

  MDUT - Multiple Database Utilization Tools

  Language:Java2k229

• wyzxxz/heapdump_tool

  heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等

  1.3k139

• AntSwordProject/antSword

  **蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.

  Language:JavaScript3.8k599

• rebeyond/Behinder

  “冰蝎”动态二进制加密网站管理客户端

  5.9k973

• InitRoot/BurpJSLinkFinder

  Burp Extension for a passive scanning JS files for endpoint links.

  Language:Python755102

• d3vilbug/HackBar

  HackBar plugin for Burpsuite

  Language:Java1.6k261

• SiJiDo/IEyes

  icp备案查询

  Language:Go38935

• wgpsec/fofa_viewer

  A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

  Language:Java1.6k164

• feihong-cs/ShiroExploit-Deprecated

  Shiro550/Shiro721 一键化利用工具，支持多种回显方式

  Language:Java1.9k297

• WhiteHSBG/JNDIExploit

  对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改

  Language:Java1.4k290

• zzwlpx/JNDIExploit

  A malicious LDAP server for JNDI injection attacks

  304383

• wyzxxz/jndi_tool

  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具

  1.9k318

• SummerSec/ShiroAttack2

  shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack

  Language:Java2.1k271

• whwlsfb/Log4j2Scan

  Log4j2 RCE Passive Scanner plugin for BurpSuite

  Language:Java77994

• pmiaowu/BurpShiroPassiveScan

  一款基于BurpSuite的被动式shiro检测插件

  Language:Java1.7k154

• f0ng/log4j2burpscanner

  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

  Language:Java807111

• projectdiscovery/nuclei

  Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

  Language:Go21.2k2.5k

• no-one-sec/idea-project-fish-exploit

  JetBrains系列产品.idea钓鱼反制红队

  Language:Go30241

• wgpsec/ENScan

  基于各大API的一款企业信息查询工具，为了更快速的获取企业的信息，省去收集的麻烦过程，web端于plat平台上线

  Language:Python941130

• veo/vscan

  开源、轻量、快速、跨平台 的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

  Language:Go1.5k246

• safe6Sec/command

  红队常用命令速查

  985233

• 0xbug/biu-brower-ext

  Language:Vue115