Pinned Repositories
hacking-material-books
collection of articles/books about programing
Penetration-Testing-Tools
Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
pentestscript
ctf_script
secfb's Repositories
secfb/ADenum
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
secfb/AWSealion
A tool to keep AWS pentests efficient, organized, and stealthy.
secfb/Black_Viru5_Recon_v1.0
These Repositories About My Recon Methodology To Give Some Idea For Other Hunter How To Do Recon
secfb/burpFakeIP-1
服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件
secfb/BurpSuite
Burp Suite loader version --> ∞
secfb/CobaltStrike_RedTeam_CheatSheet
Useful Cobalt Strike techniques learned from engagements
secfb/Discovery-GraphQL-Endpoint-Fuzzing
Discovery-GraphQL-Endpoint-Fuzzing
secfb/easyg
Here I gather all the resources about PenTesting and Bug Bounty Hunting that I find interesting
secfb/hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
secfb/kenzer
automated web assets enumeration & scanning
secfb/linux-commands-cheatsheet
All Useful Linux Commands (For OSCP & daily pen-testing usage)
secfb/Mail-Server-Attacks-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Mail Server.
secfb/manjusaka
牛屎花 一款C2远控
secfb/many-passwords
Default credentials list. 🐱💻 Leave a star if you like this project! (that motivates me)⭐️
secfb/ms-exchange-version-nse
Nmap script to detect a Microsoft Exchange instance version with OWA enabled.
secfb/Notes-2
Cybersecurity Notes
secfb/nuclei-json-to-csv
Convert Nuclei's JSON output to CSV
secfb/oswe-prep-2022
Offensive Security OSWE Prep 2022
secfb/owncraft
offensive notes & resources
secfb/PenTest-Certifications-Roadmap
secfb/Pentesting-Bugbounty
Bringing infosec community, group and leaders together that solve community challenges, problems, create cultural and provide value to Infosec community.
secfb/poc2jar
Java编写,Python作为辅助依赖的漏洞验证、利用工具,添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块,加快测试效率
secfb/Redeye
secfb/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
secfb/Spartacus
Spartacus DLL Hijacking Discovery Tool
secfb/SpringSecurity
A list for Spring Security
secfb/URLFinder
类似JSFinder的golang实现,一款用于快速提取检测页面中JS与URL的工具,更快更全更舒服
secfb/vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
secfb/VulFi
secfb/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1