reeee3ky's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
TheKingOfDuck/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
wy876/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1000多个poc/exp,长期更新。
itm4n/PrivescCheck
Privilege Escalation Enumeration Script for Windows
cliffe/SecGen
Create randomly insecure VMs
Mr-xn/RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
zema1/suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
Dec0ne/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
ibaiw/2023Hvv
2023 HVV情报速递~
Dec0ne/DavRelayUp
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
Tas9er/ByPassGodzilla
哥斯拉WebShell免杀生成 / Code By:Tas9er
Ridter/atexec-pro
Fileless atexec, no more need for port 445
MzzdToT/HAC_Bored_Writing
各种漏洞批量扫描poc、exp,涵盖未授权、RCE、文件上传、sql注入、信息泄露等
yichensec/yichen_Password_dictionary
逸尘的字典 渗透测试个人专用的字典,搜索网上,及自己平常收集的一些路径,其中信息包括HVV中常见的各大厂商的弱密码,web常见漏洞测试,会遇到的邮箱,密码,服务弱口令,中间件,子域名,漏洞路径,账户密码,等等,这些内容都是基于本人在实战中收集到的,其中包含Github上公布的密码字典整合,堪称最经典的字典,用这个足以满足日常src,渗透测试,资产梳理,红蓝对抗等前期探测工作。
awakecoding/wireshark-rdp
Wireshark RDP resources
3gstudent/pyKerbrute
Use python to perform Kerberos pre-auth bruteforcing
godzeo/swagger-scan
对在测试中常见的swagger页面泄露 ,进行批量的测试,未授权和被动扫描
Muhammadizhan/Memefi-AB
Muhammadizhan/OFX-Sapphire-Plug-in
Muhammadizhan/Trapcode-2024
x3t2con/Rttools-2
项目内包含工具涉及类别:漏洞利用工具、代审辅助、漏洞利用、靶场环境项目地址列表、漏洞扫描/序列化、密码/隧道项目地址链接、免杀项目地址列表、内网项目地址链接、应急响应项目地址列表、木马查杀、中间件工具项目链接、字典/钓鱼/社工/爆破项目目地址链接、自动化/资产项目链接、子域名/目录/指纹地址
HamsterAdmin/HamsterAutoclicker
Best HamsterKombat autoclicker on the whole GitHub!
SecurityDevelop/2FAcrypto
2FA crypto security app, easy and ready-to-go
Ehsansalek96/cubasepro13-license
Talha836902/adbPP_2o24
Talha836902/phspro_2024-ai
Talha836902/tenor-shar3
SoftwareDesignLab/national-vulnerability-intelligence-platform