Pinned Repositories
AttacksonImplementationsCourseBook
BruteDum
BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
crawlergo
A powerful dynamic crawler for web vulnerability scanners
headless-recorder
Headless recorder is a Chrome extension that records your browser interactions and generates a Puppeteer or Playwright script.
Minimalistic-offensive-security-tools
A repository of tools for pentesting of restricted and isolated environments.
python_brute4pass
little python script for brute of md5, sha1 etc.
Scanver
scanver
social-warfare-RCE
RCE on a Wordpress plugin: Social Warfare < 3.5.3
TinyCheck
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
VulRec
Vulnerability Recurrence:漏洞复现记录
shad0w008's Repositories
shad0w008/TinyCheck
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
shad0w008/aksk_tool
AK利用工具,阿里云/腾讯云 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM操作,OSS/COS管理,RDS管理,域名管理,添加RAM账号等
shad0w008/Authenticator-1
Authenticator generates 2-Step Verification codes in your browser.
shad0w008/blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
shad0w008/blocklist-ipsets
ipsets dynamically updated with firehol's update-ipsets.sh script
shad0w008/burpFakeIP
一个用于伪造ip地址进行爆破的Burp Suite插件
shad0w008/DivideAndScan
Divide full port scan results and use it for targeted Nmap runs
shad0w008/DriedMango
shad0w008/frida-skeleton
基于frida的安卓hook框架,提供了很多frida自身不支持的功能,将hook安卓变成简单便捷,人人都会的事情
shad0w008/Fuzzing-Dicts
Web Security Dictionary
shad0w008/GDA-android-reversing-Tool
GDA is a new fast and powerful decompiler for the APK, DEX, ODEX, OAT, JAR, AAR and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption and encryption etc.
shad0w008/gshark
Scan for sensitive information easily and effectively.
shad0w008/JustTrustMePlus
shad0w008/MDUT
MDUT - Multiple Database Utilization Tools
shad0w008/MifareClassicTool
An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.
shad0w008/ms-teams-rce
shad0w008/MySQLMonitor
MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具)
shad0w008/nacosScan
nacos api bypass & jwt bypass & get all configs
shad0w008/next-terminal
Next Terminal是使用Golang和React开发的一款HTML5的远程桌面网关,具有小巧、易安装、易使用、资源占用小的特点,支持RDP、SSH、VNC和Telnet协议的连接和管理。
shad0w008/PcapMonkey
PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
shad0w008/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
shad0w008/pongoOS
pongoOS
shad0w008/Proxmark3GUI
A cross-platform GUI for Proxmark3 client | 为PM3设计的图形界面
shad0w008/pybombs
PyBOMBS (Python Build Overlay Managed Bundle System) is the GNU Radio install management system for resolving dependencies and pulling in out-of-tree projects.
shad0w008/Recaf
The modern Java bytecode editor
shad0w008/russia-ukraine_IOCs
Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake
shad0w008/scilla
🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
shad0w008/Scrummage
The Ultimate OSINT Framework
shad0w008/www-project-csrfguard
OWASP Foundation Web Respository
shad0w008/xstream
Serialize Java objects to XML and back again.