Pinned Repositories
-OSCP-Pentest-Methodologies
AggressorScript-UploadAndRunFrp
AggressorScript-UploadAndRunFrp/上传frpc并且运行frpc
Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
AlliN
A flexible scanner
ApolloScanner
自动化巡航扫描框架(可用于红队打点评估)
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
AssetScan
资产探测工具,检测存活,检测风险端口,常规端口,全端口探测等等,对探测的端口的脆弱面进行安全分析进行
AV_Evasion_Tool
掩日 - 免杀执行器生成工具
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
ligolo
Ligolo : 用于内网渗透的反向隧道
xiaobei97's Repositories
xiaobei97/Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
xiaobei97/ApolloScanner
自动化巡航扫描框架(可用于红队打点评估)
xiaobei97/bufferfly
攻防演习/渗透测试资产处理小工具,对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。
xiaobei97/bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
xiaobei97/CVE-2021-21972
CVE-2021-21972 Exploit
xiaobei97/DivideAndScan
Divide full port scan results and use it for targeted Nmap runs
xiaobei97/ENScan
基于爱企查的一款企业信息查询工具,为了更快速的获取企业的信息,省去收集的麻烦过程,web端于plat平台上线
xiaobei97/goby_poc
goby poc or exp,分享goby最新网络安全漏洞检测或利用代码
xiaobei97/GolangBypassAV
研究利用golang来bypassAV
xiaobei97/H
H是一款强大的资产收集管理平台
xiaobei97/henggeFish
自动化批量发送钓鱼邮件(横戈安全团队出品)
xiaobei97/Invoke-Obfuscation-Bypass
Invoke-Obfuscation-Bypass + PS2EXE 过主流杀软
xiaobei97/log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
xiaobei97/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
xiaobei97/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
xiaobei97/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
xiaobei97/nanodump
Dumping LSASS has never been so stealthy
xiaobei97/PetitPotam
xiaobei97/rebeyond-Mode
修改版rebeyond
xiaobei97/RequestTemplate
双语双端内网扫描以及验证工具
xiaobei97/sendMail
批量发送钓鱼邮箱
xiaobei97/SpringCore0day
SpringCore0day from https://share.vx-underground.org/
xiaobei97/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
xiaobei97/VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
xiaobei97/volatility
An advanced memory forensics framework
xiaobei97/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
xiaobei97/WanLi
方便红队人员对目标站点进行安全检测,快速获取资产。It is convenient for red team personnel to conduct security detection on the target site and quickly obtain assets.
xiaobei97/Webshell_Generate
用于生成各类免杀webshell
xiaobei97/wechat-export
获取微信聊天记录数据库密钥并导出聊天记录,各版本通用。
xiaobei97/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)