yonghuXa's Stars
Axx8/Bypass_AV
Bypass_AV msf免杀,ShellCode免杀加载器 ,免杀shellcode执行程序 ,360&火绒&Windows Defender
Airboi/bypass-av-note
免杀技术大杂烩---乱拳也打不死老师傅
yuyan-sec/RedisEXP
Redis 漏洞利用工具
joaomatosf/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
l3m0n/pentest_study
从零开始内网渗透学习
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
coffeehb/Some-PoC-oR-ExP
各种漏洞poc、Exp的收集或编写
Lucifer1993/AngelSword
Python3编写的CMS漏洞检测框架
andrivet/ADVobfuscator
Obfuscation library based on C++11/14 and metaprogramming
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
sobinge/shadow2
渗透 超全面的渗透资料💯 包含:0day,xss,sql注入,提权……
s0md3v/XSStrike
Most advanced XSS scanner.
VirusTotal/yara
The pattern matching swiss knife
fofapro/Hosts_scan
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
secretsquirrel/SigThief
Stealing Signatures and Making One Invalid Signature at a Time
1y0n/AV_Evasion_Tool
掩日 - 免杀执行器生成工具
berdav/CVE-2021-4034
CVE-2021-4034 1day
emo-crab/observer_ward
侦查守卫(observer_ward)Web应用和服务指纹识别工具
ffffffff0x/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
sensepost/reGeorg
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
cube0x0/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
R0B1NL1N/Linux-Kernel-Exploites
ffuf/ffuf
Fast web fuzzer written in Go
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
z3r023/BaiLu-SED-Tool
白鹿社工字典生成器,灵活与易用兼顾。
fatedier/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
fesh0r/fernflower
Unofficial mirror of FernFlower Java decompiler (All pulls should be submitted upstream)
p1g3/JSINFO-SCAN
递归式寻找域名和api。