qs-L

qs-L's Stars

• k8gege/K8tools

  K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

  Language:PowerShell5.8k2.1k

• k8gege/Ladon

  Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

  Language:PowerShell4.9k860

• Ed1s0nZ/cool

  Golang-Gin 框架写的免杀平台，内置分离、捆绑等多种BypassAV方式。

  Language:HTML690112

• insightglacier/Dictionary-Of-Pentesting

  Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

  Language:Shell1.9k355

• github/codeql

  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  Language:CodeQL7.7k1.5k

• ffuf/ffuf

  Fast web fuzzer written in Go

  Language:Go12.6k1.3k

• github/codeql-cli-binaries

  Binaries for the CodeQL CLI

  748112

• ASTTeam/CodeQL

  《深入理解CodeQL》Finding vulnerabilities with CodeQL.

  1.5k163

• safe6Sec/CodeqlNote

  Codeql学习笔记

  Language:CodeQL840107

• f0ng/log4j2burpscanner

  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

  Language:Java800111

• Qianlitp/crawlergo

  A powerful browser crawler for web vulnerability scanners

  Language:Go2.8k480

• elkokc/reflector

  Burp plugin able to find reflected XSS on page in real-time while browsing on site

  Language:Java1.1k162

• initstring/cloud_enum

  Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

  Language:Python1.7k247

• nccgroup/ScoutSuite

  Multi-Cloud Security Auditing Tool

  Language:Python6.7k1.1k

• android-hacker/VirtualXposed

  A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.

  Language:Java15.4k2.5k

• projectdiscovery/httpx

  httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

  Language:Go7.7k838

• bit4woo/domain_hunter_pro

  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

  Language:Java2k198

• sting8k/BurpSuite_403Bypasser

  Burpsuite Extension to bypass 403 restricted directory

  Language:Python1.6k205

• gh0stkey/HaE

  HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

  Language:Java3.1k245

• Adminisme/ServerScan

  ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

  Language:Go1.6k216

• Leon406/ToolsFx

  基于kotlin+tornadoFx的跨平台密码学工具箱.包含编解码,编码转换,加解密, 哈希,MAC,签名,大数运算,压缩,二维码功能,ctf等实用功能,支持插件

  Language:Kotlin1.6k268

• EASY233/Finger

  一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具

  Language:Python1.6k160

• Skykai521/DingDongHelper

  叮咚买菜抢菜插件

  Language:Kotlin1.1k376

• rsmudge/Malleable-C2-Profiles

  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

  1.5k425

• whwlsfb/BurpCrypto

  BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

  Language:Java1.4k170

• NyDubh3/CuiRi

  一款红队专用免杀木马生成器，基于shellcode生成绕过所有杀软的木马。

  Language:Go906168

• d1nfinite/sec-interview

  信息安全面试题汇总

  72779

• mstxq17/CVE-2021-1675_RDL_LPE

  PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。

  14726

• pandasec888/taowu-cobalt_strike

  1.8k331

• timwhitez/Cobalt-Strike-Aggressor-Scripts

  Cobalt Strike Aggressor 插件包

  Language:C67299