Yuri's repositories
2022-HW-POC
2022 护网行动 POC 整理
afrog
afrog 是一款性能卓越、快速稳定、PoC 可定制化的漏洞扫描工具 - A tool for finding vulnerabilities
Banli
Banli-高危资产识别和高危漏洞扫描
blueming
备份文件扫描,并自动进行下载
cf
云环境利用框架 Cloud Exploitation Framework 方便红队人员在获得 AK 的后续工作
CodeIgniter-session-unsign
Command line tool to fetch, decode and brute-force CodeIgniter session cookies by guessing secret keys.
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
CSAgent
CobaltStrike 4.x通用白嫖及汉化加载器
dismember
:knife: Scan memory for secrets and more. Maybe eventually a full /proc toolkit.
frpmgr
Windows 平台的 FRP GUI 客户端 / A user-friendly desktop GUI client for FRP on Windows.
gold-miner
🥇掘金翻译计划,可能是世界最大最好的英译中技术社区,最懂读者和译者的翻译平台:
gshark
Scan for sensitive information easily and effectively.
heartsk_community
Hearts K-企业资产发现与脆弱性检查工具,自动化资产信息收集与漏洞扫描
Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
MYExploit
OAExploit一款基于产品的一键扫描工具。
nacs
事件驱动的渗透测试扫描器 Event-driven pentest scanner
NoNetCmdEcho-FileW.e
应对渗透中极限环境下命令回显 & 文件落地
OneListForAll
Rockyou for web fuzzing
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PoC-2
Advisories, proof of concept files and exploits that have been made public by @pedrib.
scan4all
Vulnerabilities Scan;15000+PoC漏洞扫描;18种应用密码爆破;7000+Web指纹;146种协议90000+规则Port扫描;Fuzz、HW打点、BugBounty神器...
Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
slidev
Presentation Slides for Developers
SMSBoom
短信轰炸/短信测压/ | 一个健壮免费的python短信轰炸程序,专门炸坏蛋蛋,百万接口,多线程全自动添加有效接口,支持异步协程百万并发,全免费的短信轰炸工具!!高一美术生开发全网首发!!
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
UACME
Defeating Windows User Account Control
vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
WEF
Wi-Fi Exploitation Framework
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
X-AV
X系列安全工具-AV免杀框架-BypassAV