Adminisme

ServerScan

ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

SharpRDPLog

Windows rdp相关的登录记录导出工具，可用于后渗透中Windows服务器的信息收集阶段。输出内容包括：本地rdp端口、mstsc缓存、cmdkey缓存、登录成功、失败日志事件。

ByPassUACTools

Windows 平台下的UAC(User Account Contro) 绕过工具。

Cobalt_Strike_wiki

Cobalt Strike系列

Fuck_CSDN

一个适用于屏蔽搜索结果包含CSDN的ampermonkey插件脚本。

Pentest-tools

内网渗透工具

ClassHound

利用任意文件下载漏洞自动循环下载并反编译class文件获得网站源码

CrackMapExtreme

For all your network pentesting needs

SatanSword

红队综合渗透框架

Adminisme.github.io

Trim's Bolg

awesome-hacking

awesome hacking chinese version

Beginners-Guide-to-Obfuscation

Blog

blog

CrackMapExec

A swiss army knife for pentesting networks

CrossC2

generate CobaltStrike's cross-platform payload

fuzzDicts

Web Pentesting Fuzz 字典,一个就够了。

gophish

Open-Source Phishing Toolkit

informer

A Telegram Mass Surveillance Bot in Python

Vulnerable-World

基于Docker的微服务攻防对抗实验系统

awesome-readme

A guide to writing an Awesome README. Read the full article in Towards Data Science.

EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

gost

GO Simple Tunnel - a simple tunnel written in golang

nps

一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发，支持内网http代理、内网socks5代理，同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理，集成多用户模式。

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Platypus

:hammer: A modern multiple reverse shell sessions manager written in go

Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

smokeping_prober

Prometheus style smokeping

vscan-go

golang version for nmap service and application version detection (without nmap installation)

websocket-heartbeat-js

:hearts: simple and useful

Writeups

国内各大CTF赛题及writeup整理