Pinned Repositories
autoSqlmap
autoSqlmap for sqlmapapi by proxy
hhtravel
sqli-proxy
-APT-
APT
3xp10it
一个自动化渗透框架
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
ad.js
An ad blocker.
airbug
Airbug(空气洞),收集漏洞poc用于安全产品
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
AngelSword
Python3编写的CMS漏洞检测框架
test123test111's Repositories
test123test111/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
test123test111/auto-domain-takeover
test123test111/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
test123test111/Log4j2-RCE-Scanner
BurpSuite Extension: Log4j2 RCE Scanner
test123test111/Log4j2Scan-1
Log4j2 RCE Passive Scanner plugin for BurpSuite
test123test111/PRET
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
test123test111/Viper
Viper (炫彩蛇) 图形化内网渗透工具
test123test111/fengchenzxc.github.io
安全知识wiki,内容涉及:漏洞复现 | 代码审计 | 内网渗透 | 应急响应|安全工具
test123test111/fscan
一款内网扫描工具,方便一键大保健~
test123test111/injectra
Injectra injects shellcode payloads into MacOS applications and package installers.
test123test111/ds_store_exp
A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
test123test111/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
test123test111/gophish
Open-Source Phishing Toolkit
test123test111/emergency-response-toolbox
test123test111/Pentest_Note
渗透测试常规操作记录
test123test111/muraena
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
test123test111/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
test123test111/ksubdomain
无状态子域名爆破工具
test123test111/CVE-2020-13935
Exploit for WebSocket Vulnerability in Apache Tomcat
test123test111/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
test123test111/PortBrute
一款跨平台小巧的端口爆破工具,支持爆破FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD / A cross-platform compact port blasting tool that supports blasting FTP/SSH/SMB/MSSQL/MYSQL/POSTGRESQL/MONGOD
test123test111/CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
test123test111/redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
test123test111/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
test123test111/inql
InQL - A Burp Extension for GraphQL Security Testing
test123test111/Godzilla
哥斯拉
test123test111/pentest
:no_entry: offsec batteries included
test123test111/rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
test123test111/CrossC2
generate CobaltStrike's cross-platform payload
test123test111/weak_password_detect
多线程探测弱密码程序