xiaoma002

xiaoma002's Stars

• gh0stkey/HaE

  HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

  Language:Java2.6k220

• h4r5h1t/webcopilot

  An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

  Language:Shell932154

• projectdiscovery/katana

  A next-generation crawling and spidering framework.

  Language:Go10.2k529

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go9.6k1.2k

• blacklanternsecurity/bbot

  A recursive internet scanner for hackers.

  Language:Python4k370

• h4x0r-dz/CVE-2024-21762

  out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability

  Language:Python10417

• subat0mik/Misconfiguration-Manager

  Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

  Language:PowerShell58055

• garrettfoster13/sccmhunter

  Language:Python58567

• bigb0sss/RedTeam-OffensiveSecurity

  Tools & Interesting Things for RedTeam Ops

  Language:Python2.1k355

• xiaoy-sec/Pentest_Note

  渗透测试常规操作记录

  3.3k868

• tkmru/awesome-edr-bypass

  Awesome EDR Bypass Resources For Ethical Hacking

  81188

• hangchuanin/Intranet_penetration_history

  内网渗透学习的一份记录 mark

  111

• t94j0/sddl_py

  Parse SDDL strings

  Language:Python346

• D3n13d/googleCrawler

  这个作者很懒，什么也没有留下。

  Language:Python8

• Ivan1ee/NET-Deserialize

  总结了20+.Net反序列化文章，持续更新

  68078

• ly4k/Certipy

  Tool for Active Directory Certificate Services enumeration and abuse

  Language:Python2.2k302

• infosecn1nja/AD-Attack-Defense

  Attack and defend active directory using modern post exploitation adversary tradecraft activity

  4.3k1k

• biggerduck/RedTeamNotes

  红队笔记

  1.9k348

• AabyssZG/SpringBoot-Scan

  针对SpringBoot的开源渗透框架，以及Spring相关高危漏洞利用工具

  Language:Python1.4k134

• S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  5.2k1.1k

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python58.2k14.2k

• binderlabs/DirCreate2System

  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting

  Language:C++35539

• makoto56/penetration-suite-toolkit

  本项目制作的初衷是帮助渗透新手快速搭建工作环境，工欲善其事，必先利其器。

  2.3k329

• ffffffff0x/1earn

  ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

  Language:C++5.2k1.2k

• Ridter/Intranet_Penetration_Tips

  2018年初整理的一些内网渗透TIPS，后面更新的慢，所以整理出来希望跟小伙伴们一起更新维护~

  4.4k1.1k

• infosecn1nja/Red-Teaming-Toolkit

  This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

  8.7k2.2k

• shmilylty/OneForAll

  OneForAll是一款功能强大的子域收集工具

  Language:Python7.9k1.3k

• dk47os3r/hongduiziliao

  红队渗透测试|攻防|学习|工具|分析|研究资料汇总

  20155

• 0x727/ShuiZe_0x727

  信息收集自动化工具

  Language:Python3.6k555

• ffuf/ffuf

  Fast web fuzzer written in Go

  Language:Go11.8k1.2k