x-f1v3's Stars
vulhub/redis-rogue-getshell
redis 4.x/5.x master/slave getshell module
defparam/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
ffuf/ffuf
Fast web fuzzer written in Go
Li4n0/revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
0x727/ShuiZe_0x727
信息收集自动化工具
JoyChou93/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
wyzxxz/heapdump_tool
heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等
TheKingOfDuck/MySQLMonitor
MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具)
skylot/jadx
Dex to Java decompiler
EASY233/Finger
一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具
projectdiscovery/mapcidr
Utility program to perform multiple operations for a given subnet/CIDR ranges.
lintstar/LSTAR
LSTAR - CobaltStrike 综合后渗透插件
Lotus6/Keylogger
从cs4.2反编译后提取的web端键盘记录,记录web页面输入的所有文本内容。
iiiusky/alicloud-tools
阿里云ECS、策略组辅助小工具
r00tSe7en/Flash-Pop
Flash钓鱼弹窗优化版
gh0stkey/CaA
CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
J0hnWalker/MysqlMonitor
Mysql 语句执行记录监控
fnmsd/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
m4ll0k/BBTz
BBT - Bug Bounty Tools (examples💡)
nccgroup/keimpx
Check for valid credentials across a network over SMB
feihong-cs/Java-Rce-Echo
Java RCE 回显测试代码
devanshbatham/CertEagle
Weaponizing Live CT logs for automated monitoring of assets
LandGrey/spring-boot-upload-file-lead-to-rce-tricks
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
Al1ex/Pentest-tools
Intranet penetration tools
MountCloud/BehinderClientSource
❄️冰蝎客户端源码-V4.0.6🔞
mhaskar/XMLDecoder-payload-generator
A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec
paranoidninja/Boomerang
Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Multiple levels of Pivoting and exposing multiple internal services to external/other networks
rtcatc/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.