lalajun

lalajun's Stars

• GreyDGL/PentestGPT

  A GPT-empowered penetration testing tool

  Language:Python7.4k906

• mrknow001/aliyun-accesskey-Tools

  阿里云accesskey利用工具

  Language:Python1.2k175

• taielab/awesome-hacking-lists

  平常看到好的渗透hacking工具和多领域效率工具的集合

  1k222

• xivanalysis/xivanalysis

  Automated performance analysis and suggestion platform for Final Fantasy XIV

  Language:TypeScript366211

• tarunkant/Gopherus

  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

  Language:Python2.9k376

• Tas9er/ByPassBehinder4J

  冰蝎Java WebShell自动化免杀生成

  76998

• fofapro/Hosts_scan

  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。

  Language:Python1.1k157

• cckuailong/hostscan

  自动化Host碰撞工具，帮助红队快速扩展网络边界，获取更多目标点

  Language:Go56565

• r0eXpeR/redteam_vul

  红队作战中比较常遇到的一些重点系统漏洞整理。

  2.5k470

• 0x727/ShuiZe_0x727

  信息收集自动化工具

  Language:Python3.8k575

• shengcaishizhan/kkndme_tianya

  天涯 kkndme 神贴聊房价

  18.9k3.8k

• google/log4jscanner

  A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

  Language:Go1.6k118

• shmilylty/netspy

  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

  Language:Go2k213

• API-Security/APIKit

  APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

  Language:Java2k173

• 0x727/SpringBootExploit

  项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

  Language:Java1.8k312

• sqlmapproject/sqlmap

  Automatic SQL injection and database takeover tool

  Language:Python32.9k5.8k

• Sympath/debug-plugin-vue

  实时观测组件数据的插件

  Language:JavaScript30

• mthbernardes/GTRS

  GTRS - Google Translator Reverse Shell

  Language:Go616100

• crisxuan/bestJavaer

  这是一个成为更好的Java程序员的系列教程

  6.1k1.3k

• gloxec/CrossC2

  generate CobaltStrike's cross-platform payload

  Language:C2.3k348

• lengjibo/FourEye

  AV Evasion Tool For Red Team Ops

  Language:C757153

• LeadroyaL/pdd_3years

  1.7k167

• cdk-team/CDK

  📦 Make security testing of K8s, Docker, and Containerd easier.

  Language:Go4k553

• bin-maker/BYPASS-CDN

  43184

• welk1n/JNDI-Injection-Exploit

  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

  Language:Java2.6k726

• Nanguage/Rainbow-Fart-MBG

  程序员要讲码德，耗子尾汁，好好反思！

  45853

• cure53/H5SC

  HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

  Language:JavaScript2.9k420

• GGyao/CVE-2020-14882_ALL

  CVE-2020-14882_ALL综合利用工具，支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。

  Language:Python14539

• p1g3/Fastjson-Scanner

  a burp extension to find where use fastjson

  Language:Python16421

• hayasec/360SafeBrowsergetpass

  这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。

  Language:C#61193