Pinned Repositories
-apt-K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
-CVE-2017-0785-BlueBorne-PoC
CVE-2017-0785 BlueBorne PoC
acra
Database encryption proxy for data-driven apps: strong selective encryption, SQL injections prevention, intrusion detection, honeypots.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
airbug
Airbug(空气洞),收集漏洞poc用于安全产品
android-exploit
Android Auto Exploit (Via Internet)
gvisor
Container Runtime Sandbox
m365-lock
Script to lock Xiaomi 365 Scooter (PoC)
metabase
The simplest, fastest way to get business intelligence and analytics to everyone in your company :yum:
threatintel-c's Repositories
threatintel-c/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
threatintel-c/qsym
QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
threatintel-c/vulncode-db
Vulncode-DB project
threatintel-c/fast-check
Property based testing framework for JavaScript (like QuickCheck) written in TypeScript
threatintel-c/GyoiThon
GyoiThon is a growing penetration test tool using Machine Learning.
threatintel-c/T-Fuzz
threatintel-c/CBoard
An easy to use, self-service open BI reporting and BI dashboard platform.
threatintel-c/dispatch
All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!
threatintel-c/go-agent
Sqreen's Application Security Management for the Go language
threatintel-c/OSSEM
Open Source Security Events Metadata (OSSEM)
threatintel-c/junit-quickcheck
Property-based testing, JUnit-style
threatintel-c/Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function clustering.
threatintel-c/kelinci
AFL-based fuzzing for Java
threatintel-c/hunter
Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。
threatintel-c/functionaljava
Functional programming in Java
threatintel-c/OAP
Optimized Analytics Package for Spark Platform
threatintel-c/awesome-zero-trust
A curated collection of awesome resources for the zero-trust security model.
threatintel-c/Ladon
大型内网渗透扫描器&Cobalt Strike,包含信息收集/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、Weblogic、ActiveMQ、Tomcat等,密码口令爆破含(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB)等,可高度自定义插件支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器一键生成Web漏洞POC,可快速扩展扫描或利用能力。支持Cobalt Strike插件化直接内存加载Ladon扫描快速拓展内网横向移动
threatintel-c/sagan
Sagan uses a 'Snort like' engine and rules to analyze logs (syslog/event log/snmptrap/netflow/etc)
threatintel-c/SecIoT-Web
IoT漏洞检测平台,支持固件第三方库版本分析。移动安全相关功能移至SecMobile。
threatintel-c/domato
DOM fuzzer
threatintel-c/panda
Platform for Architecture-Neutral Dynamic Analysis
threatintel-c/harbor
An open source trusted cloud native registry project that stores, signs, and scans content.
threatintel-c/ossec-hids
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
threatintel-c/WatchAD
AD Security Intrusion Detection System
threatintel-c/WindowsSpyBlocker
🛡 Block spying and tracking on Windows
threatintel-c/openrasp-iast
IAST 灰盒扫描工具
threatintel-c/antispy
AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
threatintel-c/radar
实时风控引擎(Risk Engine),自定义规则引擎(Rule Script),完美支持中文,适用于反欺诈(Anti-fraud)应用场景,开箱即用!!!移动互联网时代的风险管理利器,你 Get 到了吗?
threatintel-c/Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.