Pinned Repositories
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
CVE-2019-0708-EXP-MSF-
CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
My-SecurityNotes
todo
Pentest_Dict
渗透测试常用字典。
Pentest_Mind-mapping
自己总结的渗透测试思维导图
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
qing-root's Repositories
qing-root/Pentest_Mind-mapping
自己总结的渗透测试思维导图
qing-root/CVE-2019-0708-EXP-MSF-
CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708
qing-root/Pentest_Dict
渗透测试常用字典。
qing-root/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
qing-root/Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
qing-root/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
qing-root/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
qing-root/JSPHorse
JSPHorse Project Backup
qing-root/KCon
KCon is a famous Hacker Con powered by Knownsec Team.
qing-root/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
qing-root/My-SecurityNotes
todo
qing-root/my_t00ls
qing-root/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
qing-root/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
qing-root/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
qing-root/regulex
:construction: Regular Expression Excited!
qing-root/SFBD
Backdoor&后渗透工具
qing-root/SpringMemShell
Spring内存马检测和隐形马研究
qing-root/Takin
Takin is an Java-based, open-source system designed to measure online environmental performance test for full-links, Especially for microservices. Through Takin, middlewares and applications can identify real online traffic and test traffic, ensure that they enter the right databases.
qing-root/teemo
A Domain Name & Email Address Collection Tool
qing-root/TerraformGoat
TerraformGoat is HuoCorp research lab's "Vulnerable by Design" multi cloud deployment tool.
qing-root/tsh-go
Tiny SHell Go - An open-source backdoor written in Go
qing-root/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
qing-root/webshell-venom
免杀webshell无限生成工具
qing-root/XSStrike
Most advanced XSS scanner.
qing-root/zadig
Zadig is a cloud native, distributed, developer-oriented continuous delivery product.
qing-root/2021hvv_vul
2021hvv漏洞汇总
qing-root/pxplan
poc
qing-root/ReBeacon_Src
qing-root/ysoserial-su18
fork