vesperp's Stars
XingangPan/DragGAN
Official Code for DragGAN (SIGGRAPH 2023)
HoAd-sc/R-dict
一些自己常用的渗透字典
sry309/PwdBUD
一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典
gpt-engineer-org/gpt-engineer
Platform to experiment with the AI Software Engineer. Terminal based. NOTE: Very different from https://gptengineer.app
pen4uin/java-memshell-generator
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
passer-W/snakeyaml-memshell
springboot跨线程注入内存马
veo/wsMemShell
WebSocket 内存马/Webshell,一种新型内存马/WebShell技术
0x00007c00/JundeadShell
Java内存马注入工具
SuperZero/CVE-2023-33246
Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit
moonD4rk/HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
win3zz/CVE-2023-25157
CVE-2023-25157 - GeoServer SQL Injection - PoC
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
Ghr07h/Heimdallr
一款完全被动监听的谷歌插件,用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
Snowming04/The-Hacker-Playbook-3-Translation
对 The Hacker Playbook 3 的翻译。
woodpecker-appstore/jexpr-encoder-utils
Java表达式语句生成器
iamadamdev/bypass-paywalls-chrome
Bypass Paywalls web browser extension for Chrome and Firefox.
altEr1125/ShiroAttack2
一款针对Shiro550漏洞进行快速漏洞利用工具。 对 @SummerSec 大佬的项目https://github.com/SummerSec/ShiroAttack2 进行了一些改进。
dogadmin/windodws-logs-analysis
windows日志一键分析小工具
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
looCiprian/GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or Microsoft SharePoint Document.
musana/fuzzuli
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
The-Z-Labs/linux-exploit-suggester
Linux privilege escalation auditing tool
sairson/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)
owasp-amass/amass
In-depth attack surface mapping and asset discovery
vavkamil/awesome-bugbounty-tools
A curated list of various bug bounty tools
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
biggerduck/RedTeamNotes
红队笔记
cipher387/juicyinfo-nuclei-templates
Nuclei (https://github.com/projectdiscovery/nuclei) templates for extracting juicy info from web pages
0xPugal/fuzz4bounty
1337 Wordlists for Bug Bounty Hunting
projectdiscovery/katana
A next-generation crawling and spidering framework.