Stars
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Covenant is a collaborative .NET C2 framework for red teamers.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
Pre-Built Vulnerable Environments Based on Docker-Compose
fastjson 1.2.68 版本 autotype bypass
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
Simple shell script for automated domain recognition with some tools
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
Kubernetes Security: from Image Hygiene to Network Policies
wh1t3p1g / ysoserial
Forked from frohoff/ysoserialforked from frohoff/ysoserial and added my own payloads.
Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等
Guidance for mitigation web shells. #nsacyber
WeblogicScanLot系列,Weblogic漏洞批量检测工具,V2.2
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
PowerDNS pipe backend adapter powering xip.io
A DNS meta-query spider that enumerates DNS records, and subdomains.