Pinned Repositories
Aggressor
Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
AlliN
A flexible scanner
antSword
中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
AntSword-Loader
AntSword 加载器
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
As-Exploits
中国蚁剑后渗透框架
awesome-go
A curated list of awesome Go frameworks, libraries and software.
Behinder
“冰蝎”动态二进制加密网站管理客户端
CiscoExploit
Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
swagger-exp
A Swagger API Exploit
lnm3000's Repositories
lnm3000/antSword
中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.
lnm3000/As-Exploits
中国蚁剑后渗透框架
lnm3000/CVE-2021-22005
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
lnm3000/ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
lnm3000/fastjson_rce_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显,内存shell等,fastjson漏洞检测辅助工具, Log4j漏洞检测辅助工具
lnm3000/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
lnm3000/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
lnm3000/H
H是一款强大的资产收集管理平台
lnm3000/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
lnm3000/heapdump_tool
heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等
lnm3000/J2EEScan
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
lnm3000/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
lnm3000/JavaGuide
「Java学习+面试指南」一份涵盖大部分 Java 程序员所需要掌握的核心知识。准备 Java 面试,首选 JavaGuide!
lnm3000/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
lnm3000/Khepri
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
lnm3000/LadonGo
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
lnm3000/lbb
lbb是一个企业信息查询工具,可以帮助企业查询自身对外公开的应用、新媒体,网站等。
lnm3000/MDUT
MDUT - Multiple Database Utilization Tools
lnm3000/Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
lnm3000/OneForAll
OneForAll是一款功能强大的子域收集工具
lnm3000/Periscope
Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)
lnm3000/pingtunnel
Pingtunnel is a tool that send TCP/UDP traffic over ICMP
lnm3000/ProxyNotShell-PoC
lnm3000/PySharpSphere
Yet another SharpSphere
lnm3000/rogue-jndi
A malicious LDAP server for JNDI injection attacks
lnm3000/SecurityList
A list for Web Security and Code Audit
lnm3000/shell-analyzer
Java内存马查杀GUI工具,实时动态分析,支持本地和远程查杀
lnm3000/ShuiZe_0x727
信息收集自动化工具
lnm3000/SpringSecurity
A list for Spring Security
lnm3000/vhost_password_decrypt
vhost password decrypt