1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+1215.25%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-69.49%)
WeirdaalWeirdAAL (AWS Attack Library)
Stars: ✭ 503 (+752.54%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+30.51%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1528.81%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-59.32%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+703.39%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-40.68%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+1210.17%)
revshfuzzA tool for fuzzing for ports that allow outgoing connections
Stars: ✭ 18 (-69.49%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+8200%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-77.97%)
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+1718.64%)
kumasia./kumasia php simple backdoor
Stars: ✭ 13 (-77.97%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+662.71%)
behindflareThis tool was created as a Proof of Concept to reveal the threats related to web service misconfiguration using CloudFlare as reverse proxy and WAF
Stars: ✭ 14 (-76.27%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (+1133.9%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-38.98%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+586.44%)
transportc2PoC Command and Control Server. Interact with clients through a private web interface, add new users for team sharing and more.
Stars: ✭ 22 (-62.71%)
OdatODAT: Oracle Database Attacking Tool
Stars: ✭ 906 (+1435.59%)
ARL-NPoC集漏洞验证和任务运行的一个框架
Stars: ✭ 73 (+23.73%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+557.63%)
DumbDumain Bruteforcer - a fast and flexible domain bruteforcer
Stars: ✭ 54 (-8.47%)
ServerscanServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (+1042.37%)
FlashRoute🚀 Takes minutes to explore the topology of all routable /24 prefixes in IPv4 address space. Now supports IPv6 scan!
Stars: ✭ 26 (-55.93%)
RdpasssprayPython3 tool to perform password spraying using RDP
Stars: ✭ 368 (+523.73%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+386.44%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+1732.2%)
RPCScanTool to communicate with RPC services and check misconfigurations on NFS shares
Stars: ✭ 53 (-10.17%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+501.69%)
wifibangwifi attacks suite
Stars: ✭ 56 (-5.08%)
WpforceWordpress Attack Suite
Stars: ✭ 633 (+972.88%)
ftpknocker🔑 ftpknocker is a multi-threaded scanner for finding anonymous FTP servers
Stars: ✭ 38 (-35.59%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+484.75%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+103.39%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+608.47%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+7022.03%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-57.63%)
MsdatMSDAT: Microsoft SQL Database Attacking Tool
Stars: ✭ 621 (+952.54%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+398.31%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+442.37%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (-1.69%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-33.9%)
PLtools整理一些内网常用渗透小工具
Stars: ✭ 227 (+284.75%)
Txtoolan easy pentesting tool.
Stars: ✭ 246 (+316.95%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (+403.39%)
KbA minimalist command line knowledge base manager
Stars: ✭ 2,789 (+4627.12%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+1405.08%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+5647.46%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1728.81%)
Nmap Nse InfoBrowse and search through nmap's NSE scripts.
Stars: ✭ 54 (-8.47%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-35.59%)
PompemFind exploit tool
Stars: ✭ 786 (+1232.2%)
PerfusionExploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
Stars: ✭ 272 (+361.02%)