404tk

cloudtoolkit

Cloud Penetration Testing Toolkit

credcollect

Automatic credential collection

CVE-2022-46463

harbor unauthorized detection

lazyscan

cloudrecon

云上资产暴露面枚举

OSINT

1earn

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

404tk.github.io

Build Jekyll site with GitBook style!

CDK

📦 Make security testing of K8s, Docker, and Containerd easier.

fastjson_rce_tool

fastjson命令执行利用工具， remote code execute，JNDI服务利用工具 RMI/LDAP

go-prompt

Building powerful interactive prompts in Go, inspired by python-prompt-toolkit.

InScan

边界打点后的自动化渗透工具

NATBypass

一款lcx在golang下的实现

nvdcve

NVD/CVE as JSON files

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

phuip-fpizdam

Exploit for CVE-2019-11043

RedisWriteFile

通过 Redis 主从写出无损文件

scf-proxy

云函数代理服务

table

Modified from github.com/modood/table