tomsux's Stars
XiaomingX/awesome-webshell
A curated collection of webshells for various platforms, including PHP, ASP, JSP, and more. This repository provides a comprehensive and organized list of webshells used for testing, penetration testing, or educational purposes
tw93/Pake
🤱🏻 Turn any webpage into a desktop app with Rust. 🤱🏻 利用 Rust 轻松构建轻量级多端桌面应用
djytmdj/Tool_Summary
网络安全测试工具汇总,包含漏洞库、漏洞利用工具、漏洞扫描工具、密码读取工具、中间件利用工具、内网渗透工具。cs、burp、浏览器插件工具、字典等
stonith404/pingvin-share
A self-hosted file sharing platform that combines lightness and beauty, perfect for seamless and efficient file sharing.
al0ne/LinuxCheck
Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查
DataDog/security-labs-pocs
Proof of concept code for Datadog Security Labs referenced exploits.
lal0ne/vulnerability
收集、整理、修改互联网上公开的漏洞POC
MrWQ/vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
baihengaead/wifi-crack-tool
WiFi密码暴力破解工具-图形界面,支持WPA/WPA2/WPA3、多开并发、自动破解、自定义密码本、自动生成密码字典
1234567Yang/cf-proxy-ex
Cloudflare超级代理,无服务器代理,Duckduckgo代理(可用AI聊天,包含GPT4o/Calude3),OpenAI/ChatGPT代理,Github加速,在线代理。Cloudflare super proxy, setting up a free serverless proxy by using Cloudflare worker.
onewinner/POCS
收集最新漏洞POC(Yaml\Python)
bepass-org/oblivion-desktop
Oblivion Desktop - Unofficial Warp Client for Windows/Mac/Linux
XIU2/CloudflareSpeedTest
🌩「自选优选 IP」测试 Cloudflare CDN 延迟和速度,获取最快 IP !当然也支持其他 CDN / 网站 IP ~
fiddyschmitt/File-Tunnel
Tunnel TCP connections through a file
k8gege/LadonGo
Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
quentinhardy/odat
ODAT: Oracle Database Attacking Tool
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
IvanGlinkin/AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
Threekiii/Vulnerability-Wiki
基于 docsify 快速部署 Awesome-POC 中的漏洞文档
ph4ntonn/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
shack2/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
j3ers3/PassList
👍 Awesome password to hack
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
0xs1riu5/vulawdhub
该项目是利用docker技术创建的有漏洞的cms环境集合,可以进行练习
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Lotus6/ThinkphpGUI
Thinkphp(GUI)漏洞利用工具,支持各版本TP漏洞检测,命令执行,getshell。
qianxiao996/FrameScan
FrameScan 一款python3编写的简易的cms漏洞检测框架
guchangan1/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。