not-know

not-know's Stars

• shmilylty/netspy

  netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

  Language:Go2k213

• go-toast/toast

  A go package for Windows 10 toast notifications

  Language:Go45565

• feihong-cs/ShiroExploit-Deprecated

  Shiro550/Shiro721 一键化利用工具，支持多种回显方式

  Language:Java1.9k298

• welk1n/JNDI-Injection-Exploit

  JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

  Language:Java2.6k727

• GetRektBoy724/BetterXencrypt

  A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.

  Language:PowerShell21245

• danigargu/CVE-2020-0796

  CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

  Language:C1.3k343

• zyylhn/zscan

  Zscan a scan blasting tool set

  Language:Go53178

• ffffffff0x/BerylEnigma

  ffffffff0x team toolset for penetration testing, cryptography research, CTF and daily use. | ffffffff0x 团队工具集，用来进行渗透测试，密码学研究，CTF和日常使用。

  Language:Java679102

• Ed1s0nZ/cool

  Golang-Gin 框架写的免杀平台，内置分离、捆绑等多种BypassAV方式。

  Language:HTML690112

• fangzesheng/free-api

  收集免费的接口服务,做一个api的搬运工

  15.1k1.6k

• bigsizeme/fastjson-check

  fastjson 被动扫描、不出网payload生成

  36731

• mitmproxy/mitmproxy

  An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

  Language:Python37.5k4.1k

• tinode/chat

  Instant messaging platform. Backend in Go. Clients: Swift iOS, Java Android, JS webapp, scriptable command line; chatbots

  Language:Go12.2k1.9k

• dnSpy/dnSpy

  .NET debugger and assembly editor

  Language:C#26.9k5.2k

• safe6Sec/Fastjson

  Fastjson姿势技巧集合

  1.7k339

• bit4woo/domain_hunter_pro

  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

  Language:Java2k199

• Syst2m/FunnyMeterpreter

  与反病毒软件老大哥们的打闹日常

  Language:C++142

• wafinfo/Sunflower_get_Password

  一款针对向日葵的识别码和验证码提取工具

  Language:Python888138

• ba0gu0/520apkhook

  将安卓远控Apk附加进普通的App中，运行新生成的App时，普通App正常运行，远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.

  Language:Java988240

• virusdefender/copy-cert

  本工具可以基于已知网站 ssl 证书的信息生成新的自签名证书，保持签发者、有效期、序列号、域名等一致，用于伪装流量。

  Language:Go27930

• jas502n/0day-security-software-vulnerability-analysis-technology

  0day安全_软件漏洞分析技术

  Language:C618248

• Ghost2097221/addMemShellsJSP

  通过jsp注入valve内存马，可以忽略框架影响，通用tomcat789

  Language:Java9013

• silentsignal/burp-requests

  Copy as requests plugin for Burp Suite

  Language:Java13125

• ventoy/Ventoy

  A new bootable USB solution.

  Language:C63.9k4.1k

• hvqzao/burp-wildcard

  Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

  Language:Java12815

• 0x727/SchTask_0x727

  创建隐藏计划任务，权限维持，Bypass AV

  Language:C#524112

• Awrrays/Pentest-Tips

  RedTeam Pentesting 学习资源，工具

  6315

• pmiaowu/HostCollision

  用于host碰撞而生的小工具,专门检测渗透中需要绑定hosts才能访问的主机或内部系统

  Language:Java60162

• Hzllaga/JsLoader

  js免杀shellcode，绕过杀毒添加自启

  Language:C#35772

• lintstar/About-Attack

  一个旨在通过应用场景 / 标签对 Github 红队向工具 / 资源进行分类收集，降低红队技术门槛的手册【持续更新】

  620138