Stars
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
这个仓库收集了所有在 GitHub 上能找到的 CVE 漏洞利用工具。 This repository collects all CVE exploits found on GitHub.
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
Tools and Techniques for Red Team / Penetration Testing
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀
Nidhogg is an all-in-one simple to use windows kernel rootkit.
An List of my Powershell scripts, commands and Blogs for windows Red Teaming.
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests and assumed breach exercises (red teaming)
Scoop-Buket for Penetration Suite Toolkit - Windows渗透测试工具仓库For Scoop
A tool matrix for Russian APTs based on the Ransomware Tool Matrix
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点
一个用于web框架、CDN和CMS指纹识别的高性能命令行工具。A high-performance command-line tool for web framework, CDN and CMS fingerprinting.
Run PowerShell command without invoking powershell.exe
🔥小巧、美观的桌面快速启动工具 Small, beautiful desktop quickstart management tool with integrated Everything search
Veil 3.1.X (Check version info in Veil at runtime)
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem…
C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
This repo contains some Amsi Bypass methods i found on different Blog Posts.
Termux - a terminal emulator application for Android OS extendible by variety of packages.
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter