zhiruhaha's Stars
ffffffff0x/f8x
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
Wh04m1001/CVE-2023-21752
zhengjim/Chinese-Security-RSS
网络安全资讯的RSS订阅,网络安全博客的RSS订阅,网络安全公众号的RSS订阅
numencyber/Vulnerability_PoC
Rurik/Noriben
Noriben - Portable, Simple, Malware Analysis Sandbox
bb33bb/CVE-2022-2639-PipeVersion
CVE-2022-2639 Linux kernel openvswitch local privilege escalation
mhaskar/ExchangeFinder
Find Microsoft Exchange instance for a given domain and identify the exact version
z92g/ZentaoSqli
Zentao v16.5 SQL Injection POC
GhostWolfLab/nginx-1.21.6RCE
Nginx 0-day on latest nginx
west9b/Weaver-Eoffice-getshell
泛微 eoffice10 前台 getshell
Tas9er/LandrayOATreexmlRCE
LandrayOATreexmlRCE / 蓝凌OA Treexml远程命令执行
xz-zone/Webpackfind
Webpack自动化信息收集
W01fh4cker/cve-2022-33891
cve-2022-33891-poc
wgpsec/tig
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
iSafeBlue/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Wh04m1001/DFSCoerce
euphrat1ca/redteam_vul
红队作战中比较常遇到的一些重点系统漏洞整理。
DaxiaSec/SXF_aTrust_sandbox_bypass
init
xiaoy-sec/Pentest_Note
渗透测试常规操作记录
Dec0ne/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
star-sg/Presentations
chenaotian/CVE-2022-0847
CVE-2022-0847 POC and Docker and Analysis write up
b0bac/ApolloScanner
自动化巡航扫描框架(可用于红队打点评估)
klezVirus/CheeseTools
Self-developed tools for Lateral Movement/Code Execution
b0bac/GetMail
利用NTLM Hash读取Exchange邮件
GhostPack/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
PowerShellMafia/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
TideSec/WDScanner
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
FeeiCN/ESD
Enumeration sub domains(枚举子域名)