ziduhuihai's Stars
vxunderground/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
trickest/cve
Gather and update all available and newest CVEs with their PoC.
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
qiyeboy/IPProxyPool
IPProxyPool代理池项目,提供代理ip
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
mvscode/frps-onekey
Frp server one-click configuration script. The script obtains the latest Frp version by default
ignis-sec/Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
wtsxDev/Penetration-Testing
List of awesome penetration testing resources, tools and other shiny things
safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
ffffffff0x/f8x
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
Vu1nT0tal/IoT-vulhub
IoT固件漏洞复现环境
Tsojan/TsojanScan
An integrated BurpSuite vulnerability detection plug-in.
Tylous/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
JackOfMostTrades/gadgetinspector
A byte code analyzer for finding deserialization gadget chains in Java applications
c0ny1/java-object-searcher
java内存对象搜索辅助工具
QAX-A-Team/WeblogicEnvironment
Weblogic环境搭建工具
akkuman/rotateproxy
利用fofa搜索socks5开放代理进行代理池轮切的工具
asaotomo/FofaMap
FofaMap是一款基于Python3开发的跨平台FOFA API数据采集器,支持普通查询、网站存活检测、统计聚合查询、Host聚合查询、网站图标查询、批量查询等查询功能。同时FofaMap还能够自定义查询FOFA数据,并根据查询结果自动去重和筛选关键字,生成对应的Excel表格。另外春节特别版还可以调用Nuclei对FofaMap查询出来的目标进行漏洞扫描,让你在挖洞路上快人一步。
wgpsec/whohk
whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
tangxiaofeng7/SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
klsfct/getshell
各大平台提权工具
r0eXpeR/RedTeamAttack
关于红队方面的一些工具\资料\Checklist
chasingboy/Xtools
Xtools 是一款 Sublime Text 插件,同时是一款简单的资产处理、命令行调用工具。
HHa1ey/TKHunter
一个基于JavaFX写的一个Hunter资产测绘平台的图形化工具
cn-panda/logbackRceDemo
The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment where there are arbitrary file uploads, and then use the `scan` attribute in the loghack configuration file to cooperate with the logback vulnerability to implement RCE.
x3t2con/Rttools-2
项目内包含工具涉及类别:漏洞利用工具、代审辅助、漏洞利用、靶场环境项目地址列表、漏洞扫描/序列化、密码/隧道项目地址链接、免杀项目地址列表、内网项目地址链接、应急响应项目地址列表、木马查杀、中间件工具项目链接、字典/钓鱼/社工/爆破项目目地址链接、自动化/资产项目链接、子域名/目录/指纹地址
shadforth/pentesterlab-bootcamp
My notes on PentesterLab's Bootcamp series 🕵️
lz2y/CVE-2021-2394
POC of CVE-2021-2394
clearcdq/Trojan-killer
木马查杀工具
mtkirby/rootkitrecon