p0fy's Stars
tarunkant/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
anhilo/xiaogongju
EW重构计划
Wh0ale/SRC-experience
工欲善其事,必先利其器
Cl0udG0d/SZhe_Scan
碎遮SZhe_Scan Web漏洞扫描器,基于python Flask框架,对输入的域名/IP进行全面的信息搜集,漏洞扫描,可自主添加POC
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
aboul3la/Sublist3r
Fast subdomains enumeration tool for penetration testers
admintony/svnExploit
SvnExploit支持SVN源代码泄露全版本Dump源码
shack2/javaserializetools
Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。
tenable/routeros
RouterOS Security Research Tooling and Proof of Concepts
gentilkiwi/mimikatz
A little tool to play with Windows security
bitsadmin/wesng
Windows Exploit Suggester - Next Generation
gbonacini/CVE-2016-5195
A CVE-2016-5195 exploit example.
The-Z-Labs/linux-exploit-suggester
Linux privilege escalation auditing tool
H4ckForJob/dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
boy-hack/gwhatweb
CMS识别 python gevent实现
boy-hack/w8fuckcdn
Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
boy-hack/airbug
Airbug(空气洞),收集漏洞poc用于安全产品
knownsec/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
boy-hack/wooyun-payload
从wooyun中提取的payload,以及burp插件
xiaoheiwo/GGSCAN
一款渗透时快速资产探测工具
Xyntax/POC-T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
CTFd/CTFd
CTFs as you need them
robertdavidgraham/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
ehang-io/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
Dliv3/redis-rogue-server
Redis 4.x/5.x RCE
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
minimaxir/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
xmendez/wfuzz
Web application fuzzer