kkin77

kkin77's Stars

• yogeshojha/rengine

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

  Language:HTML7.5k1418691.1k

• KathanP19/HowToHunt

  Collection of methodology and test case for various web vulnerabilities.

  6.1k276181.7k

• KingOfBugbounty/KingOfBugBountyTips

  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

  Language:Go4.2k23511815

• abcz316/SKRoot-linuxKernelRoot

  新一代SKRoot，挑战全网root检测手段，跟面具完全不同思路，摆脱面具被检测的弱点，完美隐藏root功能，全程不需要暂停SELinux，实现真正的SELinux 0%触碰，通用性强，通杀所有内核，不需要内核源码，直接patch内核，兼容安卓APP直接JNI调用，稳定、流畅、不闪退。

  Language:C++2.8k6298717

• Ghr07h/Heimdallr

  一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗

  Language:JavaScript1.5k1313106

• zema1/watchvuln

  一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

  Language:Go1.4k1567157

• ViRb3/TrustMeAlready

  🔓 Disable SSL verification and pinning on Android, system-wide

  Language:Java1.3k248162

• SleepingBag945/dddd

  dddd是一款使用简单的批量信息收集,供应链漏洞探测工具，旨在优化红队工作流，减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标

  Language:Go1.1k2291108

• chriskaliX/AD-Pentest-Notes

  用于记录内网渗透(域渗透)学习 :-)

  1.1k181109

• Le0nsec/SecCrawler

  一个方便安全研究人员获取每日安全日报的爬虫和推送程序，目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区以及绿盟、腾讯玄武、天融信、360等实验室博客，持续更新中。

  Language:Go8931324143

• YDHCUI/manjusaka

  牛屎花 一款基于WEB界面的远程主机管理工具

  Language:Rust7932628147

• bit4woo/burp-api-drops

  burp插件开发指南

  Language:Java6073399

• AnyeDuke/Enterprise-Security-Skill

  用于记录企业安全规划，建设，运营，攻防的相关资源

  586311197

• smxiazi/xia_Yue

  burp 插件 xia_Yue（瞎越） 主要用于测试越权、未授权

  49561814

• taielab/Taie-Bugbounty-killer

  挖掘国内外漏洞平台必备的自动化捡钱赏金技巧，看了并去做了捡钱如喝水。

  40912233

• fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp

  警惕 一种针对红队的新型溯源手段!

  3942083

• Push3AX/GrabAccess

  Bookit / Windows Login Password and Bitlocker Bypass Tool

  Language:C37710567

• lyshark/LyScript

  x64dbgpy automated testing plugin

  30581755

• honoki/bbrf-server

  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

  Language:Shell295111146

• i11us0ry/winlog

  一款基于go的windows信息收集工具，主要收集目标机器rdp端口、mstsc远程连接记录、mstsc密码和安全事件中4624、4625登录事件记录

  Language:Go2897228

• Neelakandan-A/BugBounty_CheatSheet

  BugBounty_CheatSheet

  2486154

• mstxq17/MoreFind

  一款用于快速导出URL、Domain和IP的小工具

  Language:Go2195714

• ExpLangcn/HoneypotDic

  蜜罐抓到的Top密码，根据使用频率排序，持续更新中...

  1664030

• cyal1/host_scan

  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go

  Language:Go1142214

• ad-calcium/CVE-2023-22515

  Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具

  Language:Go1083010

• R0X4R/bhedak

  A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

  Language:Python1023217

• gwen001/bugbountytips

  Webapp to search tips on Twitter through #bugbountytips

  Language:CSS696219

• mark-zh/BugBountyTips

  记录一些国外漏洞赏金猎人的挖洞技巧和一些有意思的东西

  Language:JavaScript34307

• Ovi3/burp-menu-level

  一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.

  Language:Java26112

• niteshmmgupta/cloudapp.azure.com-subdomain-takeover

  Language:Python1101