Pinned Repositories
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
2022-HW-POC
2022 护网行动 POC 整理
403-bypass
403-bypass tool to bypass 403 responses.
AD_Pentest
红队|域渗透重要漏洞汇总(持续更新)
alist
🗂️A file list program that supports multiple storage, powered by Gin and Solidjs. / 一个支持多存储的文件列表程序,使用 Gin 和 Solidjs。
R-dict
一些自己常用的渗透字典
usbrubberducky-payloads
The Official USB Rubber Ducky Payload Repository
vulntarget
vulntarget靶场系列
yuque-crawl
语雀爬虫 可以保存整个语雀知识库为Markdown格式 (包含完整目录结构和索引)
ziduhuihai's Repositories
ziduhuihai/siusiu
一款基于docker的渗透测试工具箱,致力于做到渗透工具随身携带、开箱即用、按需下载。
ziduhuihai/FrameScan-GUI
FrameScan-GUI 一款python3和Pyqt编写的具有图形化界面的cms漏洞检测框架。
ziduhuihai/OpenSSL-2022
Operational information about the recently announced vulnerability in OpenSSL 3
ziduhuihai/kscan
Kscan是一款纯go开发的全方位扫描器,具备端口扫描、协议检测、指纹识别,暴力破解等功能。支持协议1200+,协议指纹10000+,应用指纹20000+,暴力破解协议10余种。
ziduhuihai/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
ziduhuihai/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
ziduhuihai/usbrubberducky-payloads
The Official USB Rubber Ducky Payload Repository
ziduhuihai/cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
ziduhuihai/sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
ziduhuihai/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
ziduhuihai/vulntarget
vulntarget靶场系列
ziduhuihai/commons-text
Mirror of Apache Commons Text
ziduhuihai/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ziduhuihai/lamda
⚡️ Android reverse engineering & automation framework | 史上最强安卓抓包/逆向/HOOK & 云手机/自动化辅助框架,你的工作从未如此简单快捷。
ziduhuihai/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
ziduhuihai/PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
ziduhuihai/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
ziduhuihai/Vulhub-Reproduce
一个Vulhub漏洞复现知识库
ziduhuihai/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ziduhuihai/frida
Clone this repo to build Frida
ziduhuihai/interactsh
An OOB interaction gathering server and client library
ziduhuihai/Awesome-POC
一个各类漏洞POC知识库
ziduhuihai/Toolies
Ad hoc collection of Red Teaming & Active Directory tooling
ziduhuihai/expdevBadChars
Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
ziduhuihai/phc-winner-argon2
The password hash Argon2, winner of PHC
ziduhuihai/vulfocus
🚀Vulfocus 是一个漏洞集成平台,将漏洞环境 docker 镜像,放入即可使用,开箱即用。
ziduhuihai/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
ziduhuihai/PentestDB
各种数据库的利用姿势
ziduhuihai/R-dict
一些自己常用的渗透字典
ziduhuihai/bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目