xnianq

xnianq's Stars

• s0md3v/Diggy

  Extract endpoints from apk files.

  Language:Shell867139

• shmilylty/OneForAll

  OneForAll是一款功能强大的子域收集工具

  Language:Python8.4k1.3k

• OneSourceCat/BcelPayloadGenerator

  A fastjson payload generator

  Language:Java566

• FeeiCN/Security-PPT

  Security-related Slide Presentation & Security Research Report（大安全各领域各公司各会议分享的PPT以及各类安全研究报告）

  Language:HTML3.5k884

• staaldraad/xxeserv

  A mini webserver with FTP support for XXE payloads

  Language:Go32656

• grayddq/GScan

  本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

  Language:Python2.6k619

• HunnicCyber/SharpDomainSpray

  Basic password spraying tool for internal tests and red teaming

  Language:C#8918

• z7zmey/php-parser

  PHP parser written in Go

  Language:Go94163

• blackorbird/APT_REPORT

  Interesting APT Report Collection And Some Special IOC

  Language:Python2.4k512

• artkond/cisco-snmp-rce

  Cisco IOS SNMP RCE PoC

  Language:Python24563

• k8gege/K8CScan

  K8Ladon大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

  Language:Python1.3k340

• GoSecure/pyrdp

  RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

  Language:Python1.5k250

• ehang-io/nps

  一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.

  Language:Go30.7k5.6k

• p1r06u3/phishing

  The Security Practices of Party A Phishing

  Language:HTML1915

• mdsecactivebreach/o365-attack-toolkit

  A toolkit to attack Office365

  Language:Go1k213

• Matrix07ksa/Brute_Force

  Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix

  Language:Python1.5k241

• miladaslaner/ThreatHunt

  ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

  Language:PowerShell13418

• QAX-A-Team/CobaltStrike-Toolset

  Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on

  Language:PowerShell529101

• yuuwill/1024app-android

  草榴官方客户端，小草客户端，Android

  6.1k1.1k

• welk1n/JNDI-Injection-Bypass

  Some payloads of JNDI Injection in JDK 1.8.0_191+

  Language:Java47382

• k8gege/scrun

  BypassAV ShellCode Loader (Cobaltstrike/Metasploit)

  Language:Python17776

• cw1997/NATBypass

  一款lcx.exe在golang下的实现, 可用于内网穿透, 建立TCP反弹隧道用以绕过防火墙入站限制等, This tool is used to establish reverse tunnel in NAT network environment, it can bypass firewall inbound restriction, support all functions of lcx.exe

  Language:Go1.1k279

• c0ny1/FastjsonExploit

  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

  Language:Java1.3k168

• p1r06u3/opencanary_web

  The web management platform of honeypot

  Language:Python663224

• pwnlandia/mhn

  Modern Honey Network

  Language:Python2.4k631

• lavalamp-/password-lists

  Password lists for use in penetration testing situations, broken up by TLD.

  31782

• az0ne/Github_Nuggests

  自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱

  Language:Python340105

• drk1wi/portspoof

  Portspoof

  Language:Makefile966147

• adhdproject/adhd-artillery

  The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

  Language:Python103

• adhdproject/honeybadger

  Language:Python13120