4sh3s's repositories
Platypus
:hammer: A modern multiple reverse shell sessions manager written in go
searchall
强大的敏感信息搜索工具
suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
JavaSec-1
a rep for documenting my study, may be from 0 to 0.1
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
geacon_pro
跨平台重构了Cobaltstrike Beacon,适配了大部分Beacon的功能,行为对国内主流杀软免杀,支持4.1以上的版本。 A cross-platform CobaltStrike Beacon bypass anti-virus, supports 4.1+ version.
AsamF
AsamF是集成Fofa、Quake、Hunter、Shodan、Zoomeye、Chinaz、0.zone及爱企查的一站式企业信息资产收集、网络资产测绘工具。
www-project-kubernetes-top-ten
OWASP Foundation Web Respository
4sh3s
Config files for my GitHub profile.
SilentHound
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
pxplan
CVE-2022-2022
WaterDragon
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022
0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Study
一起学习,一起进步
SweetBabyScan
Red Tools 渗透测试
PaddleDetection
Object Detection toolkit based on PaddlePaddle. It supports object detection, instance segmentation, multiple object tracking and real-time multi-person keypoint detection.
web-sec
WEB安全手册,漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】
All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
Awesome-Redteam
一个红队知识仓库
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
Polaris
渗透测试框架
GetDomainAdmin
获取域控权限方法枚举
saucerframe
python3批量poc检测工具
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
sx
:vulcan_salute: Fast, modern, easy-to-use network scanner
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.