Pinned Repositories
520apkhook
把msf生成的安卓远控附加进普通的app中,并进行加固隐藏特征。可以绕过常见的手机安全管家。
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
AllForOne
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Awesome-POC
一个各类漏洞POC知识库
Awesome-Redteam
一个红队知识仓库
startAt35's Repositories
startAt35/AllForOne
startAt35/cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
startAt35/cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
startAt35/chatgpt-web
用 Express 和 Vue3 搭建的 ChatGPT 演示网页
startAt35/cs-self-learning
计算机自学指南
startAt35/cve_hub
startAt35/daniu-comment
存放daniu评论,Utterance
startAt35/dolphinscheduler-ApiDisclosure
startAt35/dolphinscheduler-CodeExec
startAt35/dolphinscheduler-CSRF
startAt35/ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
startAt35/Goby
startAt35/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
startAt35/living_off_the_land
startAt35/LOLDrivers
Living Off The Land Drivers
startAt35/NotionNext
使用 NextJS + Notion API 实现的,支持多种部署方案的静态博客,无需服务器、零门槛搭建网站,为Notion和所有创作者设计。 (A static blog built with NextJS and Notion API, supporting multiple deployment options. No server required, zero threshold to set up a website. Designed for Notion and all creators.)
startAt35/OSCP
OSCP Cheat Sheet
startAt35/OSCP-Cheatsheet
OSCP Cheatsheet by Sai Sathvik
startAt35/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
startAt35/PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
startAt35/pentest-tools
A collection of custom security tools for quick needs.
startAt35/security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
startAt35/tig
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
startAt35/TongdaScan_go
通达OA漏洞检测工具-TongdaScan_go
startAt35/useful-code
useful-code
startAt35/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
startAt35/watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
startAt35/wewe-rss
🤗更优雅的微信公众号订阅方式,支持私有化部署、微信公众号RSS生成(基于微信读书)v2.x
startAt35/WPeChatGPT
A plugin for IDA that can help to analyze binary file, it based on Gepetto which uses OpenAI's davinci-003 model.
startAt35/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.