kylingit's Stars
longofo/rmi-jndi-ldap-jrmp-jmx-jms
rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
andresriancho/jwt-fuzzer
JWT fuzzer
GoSecure/dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Green-m/dark-shell
Shell say no to NIDS
Qianlitp/WatchAD
AD Security Intrusion Detection System
mm0r1/exploits
Pwn stuff.
WithSecureLabs/C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
c0ny1/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
veracode-research/solr-injection
Apache Solr Injection Research
taviso/ctftool
Interactive CTF Exploration Tool
dr0op/WeblogicScan
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持
Ekultek/Graffiti
A tool to generate obfuscated one liners to aid in penetration testing
ArchiveBox/ArchiveBox
🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
AlessandroZ/LaZagne
Credentials recovery project
elliothux/Luoo.qy
❤️ 落在低处, 独立音乐社区落网的第三方客户端 🎵
Medicean/SuperTerm
利用 webshell 创建交互式终端(Create an interactive terminal with webshell.)
yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
Bo0oM/PHP_imap_open_exploit
Bypassing disabled exec functions in PHP (c) CRLF
l3m0n/Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
fate0/prvd
PHP Runtime Vulnerability Detection
malwaredllc/byob
An open-source post-exploitation framework for students, researchers and developers.
orangetw/My-CTF-Web-Challenges
Collection of CTF Web challenges I made
imWildCat/scylla
Intelligent proxy pool for Humans™ to extract content from the internet and build your own Large Language Models in this new AI era