Pinned Repositories
AndroidSecurityStudy
安卓应用安全学习
awesome-frida
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
Behinder
“冰蝎”动态二进制加密网站管理客户端
ByteDance-HIDS
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
chisel
A fast TCP/UDP tunnel over HTTP
cobra
Source Code Security Audit (源代码安全审计)
CrossC2
generate CobaltStrike's cross-platform payload
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
EPPlus
Create advanced Excel spreadsheets using .NET
report090's Repositories
report090/AndroidSecurityStudy
安卓应用安全学习
report090/awesome-frida
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
report090/Behinder
“冰蝎”动态二进制加密网站管理客户端
report090/ByteDance-HIDS
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
report090/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
report090/chisel
A fast TCP/UDP tunnel over HTTP
report090/cobra
Source Code Security Audit (源代码安全审计)
report090/EPPlus
Create advanced Excel spreadsheets using .NET
report090/FART
ART环境下自动化脱壳方案
report090/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
report090/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
report090/GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
report090/ghidra
Ghidra is a software reverse engineering (SRE) framework
report090/Goby
Attack surface mapping
report090/GobyExtension
Goby extension doc.
report090/Godzilla
哥斯拉
report090/graylog2-server
Free and open source log management
report090/iNote
个人学习研究笔记整理
report090/IOS13-SimulateTouch
iOS13 iOS14 touch simulation Simulate Touch iOS touch event
report090/iox
Tool for port forward & intranet proxy, just like lcx/ew, but better
report090/Kunlun-M
Kunlun-Mirror 专注于安全研究员使用的审计辅助工具
report090/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
report090/Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
report090/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql
report090/pingtunnel
流量转发加速工具.a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
report090/proxychains-ng
proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
report090/r0capture
安卓应用层抓包通杀脚本
report090/red_team_tool_countermeasures
report090/RedTeaming2020
RedTeaming知识星球2020年安全知识汇总
report090/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters