Sec Admin分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (-63.18%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+592.04%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-96.19%)
Poc ExploitsSelect proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Stars: ✭ 111 (-81.59%)
ExploitsExploits by 1N3 @CrowdShield @xer0dayz @XeroSecurity
Stars: ✭ 154 (-74.46%)
Hisilicon Dvr TelnetPoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-83.25%)
ExploitsMiscellaneous exploit code
Stars: ✭ 1,157 (+91.87%)
Ddos RootsecDDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
Stars: ✭ 108 (-82.09%)
Web exploit detectorThe Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Stars: ✭ 81 (-86.57%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (-78.11%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+1536.15%)
exploitsSome personal exploits/pocs
Stars: ✭ 52 (-91.38%)
SecuritymanageframworkSecurity Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-37.31%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+382.75%)
Xunfeng巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Stars: ✭ 3,131 (+419.24%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-31.51%)
LadongoLadon Pentest Scanner framework 全平台LadonGo开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Stars: ✭ 366 (-39.3%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+14.93%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-82.59%)
ApiVulners Python API wrapper
Stars: ✭ 313 (-48.09%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-29.68%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (-18.74%)
Cve 2017 0785Blueborne CVE-2017-0785 Android information leak vulnerability
Stars: ✭ 428 (-29.02%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+882.92%)
Opencanary webThe web management platform of honeypot
Stars: ✭ 547 (-9.29%)
Bylibrary白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
Stars: ✭ 488 (-19.07%)
PassportscannerScan the MRZ code of a passport and extract the firstname, lastname, passport number, nationality, date of birth, expiration date and personal numer.
Stars: ✭ 417 (-30.85%)
PurebloodA Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
Stars: ✭ 431 (-28.52%)
DionaeaHome of the dionaea honeypot
Stars: ✭ 490 (-18.74%)
EvilscanNodeJS Simple Network Scanner
Stars: ✭ 428 (-29.02%)
Am I Affected By MeltdownMeltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
Stars: ✭ 549 (-8.96%)
Ngx ScannerAngular (2+) QR code, Barcode, DataMatrix, scanner component using ZXing.
Stars: ✭ 420 (-30.35%)
YsoserialA proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Stars: ✭ 4,808 (+697.35%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-3.32%)
Vulscanvulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
Stars: ✭ 486 (-19.4%)
RoothelperA Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
Stars: ✭ 416 (-31.01%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-31.51%)
KonanKonan - Advanced Web Application Dir Scanner
Stars: ✭ 412 (-31.67%)
HoneypyA low to medium interaction honeypot.
Stars: ✭ 410 (-32.01%)
Folder Explorer分析文件目录,统计数据并以树形结构和图表的形式展示结果,也可以导出多种格式留存
Stars: ✭ 479 (-20.56%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-33.17%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (-2.82%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+931.18%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-21.39%)
JflexThe fast scanner generator for Java™ with full Unicode support
Stars: ✭ 380 (-36.98%)
Azscanner 自动漏洞扫描器,自动子域名爆破,自动爬取注入,调用sqlmapapi检测注入,端口扫描,目录爆破,子网段服务探测及其端口扫描,常用框架漏洞检测。 Automatic scanner, automatic sub domain blasting, automatic crawl injection, injection, call the sqlmapapi port scan detection, directory service detection and segment blasting, port scanning, vulnerability detection framework commonly used.
Stars: ✭ 468 (-22.39%)
EqgrpDecrypted content of eqgrp-auction-file.tar.xz
Stars: ✭ 3,743 (+520.73%)
Code ScannerCode scanner library for Android, based on ZXing
Stars: ✭ 543 (-9.95%)
PocProofs-of-concept
Stars: ✭ 467 (-22.55%)
PocAdvisories, proof of concept files and exploits that have been made public by @pedrib.
Stars: ✭ 376 (-37.65%)
Drupalgeddon2Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
Stars: ✭ 464 (-23.05%)
Poc Exppoc or exp of android vulnerability
Stars: ✭ 362 (-39.97%)
PyrdpRDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Stars: ✭ 567 (-5.97%)
A2svAuto Scanning to SSL Vulnerability
Stars: ✭ 524 (-13.1%)