y1nglamore
Security Researcher from Alibaba Cloud. CCIE#52XXX. Blog: www.gem-love.com
Alibaba CloudBeijing
y1nglamore's Stars
maaaaz/impacket-examples-windows
The great impacket example scripts compiled for Windows
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
Kevin-Robertson/Invoke-TheHash
PowerShell Pass The Hash Utils
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
PowerShellMafia/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
itm4n/PrivescCheck
Privilege Escalation Enumeration Script for Windows
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
Heart-Sky/ListRDPConnections
C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录,从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机
uknowsec/SharpEventLog
c# 读取登录过本机的登录失败或登录成功(4624,4625)的所有计算机信息,在内网渗透中快速定位运维管理人员。
uknowsec/SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
djhohnstein/SharpSearch
Search files for extensions as well as text within.
Mob2003/rakshasa
基于go编写的跨平台、稳定、隐秘的多级代理内网穿透工具
20142995/Goby
zhl2008/awd-platform
platform for awd
bit4woo/domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
guchangan1/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
Aur0ra-m/APIKiller
API Security DAST & Oprations
federicodotta/Java-Deserialization-Scanner
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
j7ur8/WebBook
Stick to it
knownsec/Pocsuite
This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
BeichenDream/SharpToken
Windows Token Stealing Expert
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
veracode-research/rogue-jndi
A malicious LDAP server for JNDI injection attacks
c0ny1/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator
SonarSource/SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
wupco/PHP_INCLUDE_TO_SHELL_CHAR_DICT
bit4woo/knife
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
doocs/advanced-java
😮 Core Interview Questions & Answers For Experienced Java(Backend) Developers | 互联网 Java 工程师进阶知识完全扫盲:涵盖高并发、分布式、高可用、微服务、海量数据处理等领域知识
YunaiV/ruoyi-vue-pro
🔥 官方推荐 🔥 RuoYi-Vue 全新 Pro 版本,优化重构所有功能。基于 Spring Boot + MyBatis Plus + Vue & Element 实现的后台管理系统 + 微信小程序,支持 RBAC 动态权限、数据权限、SaaS 多租户、Flowable 工作流、三方登录、支付、短信、商城、CRM、ERP、AI 大模型等功能。你的 ⭐️ Star ⭐️,是作者生发的动力!