xiaoma002's Stars
gh0stkey/HaE
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
h4r5h1t/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
projectdiscovery/katana
A next-generation crawling and spidering framework.
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
h4x0r-dz/CVE-2024-21762
out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability
subat0mik/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
garrettfoster13/sccmhunter
bigb0sss/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
xiaoy-sec/Pentest_Note
渗透测试常规操作记录
tkmru/awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
hangchuanin/Intranet_penetration_history
内网渗透学习的一份记录 mark
t94j0/sddl_py
Parse SDDL strings
D3n13d/googleCrawler
这个作者很懒,什么也没有留下。
Ivan1ee/NET-Deserialize
总结了20+.Net反序列化文章,持续更新
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
biggerduck/RedTeamNotes
红队笔记
AabyssZG/SpringBoot-Scan
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
binderlabs/DirCreate2System
Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
makoto56/penetration-suite-toolkit
本项目制作的初衷是帮助渗透新手快速搭建工作环境,工欲善其事,必先利其器。
ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Ridter/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
dk47os3r/hongduiziliao
红队渗透测试|攻防|学习|工具|分析|研究资料汇总
0x727/ShuiZe_0x727
信息收集自动化工具
ffuf/ffuf
Fast web fuzzer written in Go