lyx52888's Stars
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
rasta-mouse/Watson
Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
lgandx/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
f0ng/poc2jar
Java编写,Python作为辅助依赖的漏洞验证、利用工具,添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块,加快测试效率
fabacab/awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
hudunkey/Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
boy-hack/ksubdomain
Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Ares-X/shiro-exploit
Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload
Becivells/iconhash
fofa shodan favicon.ico hash icon ico 计算器
wgpsec/fofa_viewer
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
awake1t/PortBrute
一款跨平台小巧的端口爆破工具,支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD
tihanyin/PSSW100AVB
A list of useful Powershell scripts with 100% AV bypass (At the time of publication).
EdgeSecurityTeam/EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
PeiQi0/PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
tr0uble-mAker/POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
pmiaowu/BurpShiroPassiveScan
一款基于BurpSuite的被动式shiro检测插件
wgpsec/VulnRange
漏洞靶场-快速搭建Web安全漏洞和第三方组件漏洞环境,用于漏洞复现和研究