youcannotseemeagain's Stars
FDlucifer/Proxy-Attackchain
Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)
0x727/FingerprintHub
侦查守卫(ObserverWard)的指纹库
VickScarlet/lifeRestart
やり直すんだ。そして、次はうまくやる。
darkb1rd/DarkGld
A tool for quickly generating fishing Trojan horse.
LandGrey/pydictor
A powerful and useful hacker dictionary builder for a brute-force attack
TryGOTry/multiplexing_port_socks5
一款golang写的支持http与socks5的端口复用小工具,并且可以开启socks5代理。
akavel/rsrc
Tool for embedding .ico & manifest resources in Go programs for Windows.
xiaoy-sec/Pentest_Note
渗透测试常规操作记录
PowerShellMafia/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
daikerSec/windows_protocol
danielbohannon/Invoke-Obfuscation
PowerShell Obfuscator
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Vu1nT0tal/IoT-vulhub
IoT固件漏洞复现环境
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
crifan/industrial_control_security_overview
工控安全概览
hanc00l/some_pocsuite
用于漏洞排查的pocsuite3验证POC代码
BaizeSec/bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
nosafer/nosafer.github.io
在线漏洞平台
threatexpress/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
rsmudge/Malleable-C2-Profiles
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
wyzxxz/jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
ehang-io/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
DeEpinGh0st/Erebus
CobaltStrike后渗透测试插件
Gality369/CS-Loader
CS免杀
TideSec/Decrypt_Weblogic_Password
搜集了市面上绝大部分weblogic解密方式,整理了7种解密weblogic的方法及响应工具。
1y0n/AV_Evasion_Tool
掩日 - 免杀执行器生成工具