Catcherman

F-Scrack

对各类服务进行弱口令检测的脚本

365CS

CobaltStrike优秀资源

aaa

这是一个测试

AZScanner

bbbb

这是一个测试

catcher_man.github.io

CodeqlNote

Codeql学习笔记

collection-document

Collection of quality safety articles

CVEs

A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

fenghuangscanner_v3

fuzz_dict

常用的一些fuzz及爆破字典，欢迎大神继续提供新的字典及分类。

HackBrowserData

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

HackLog4j

致敬全宇宙最无敌的Java日志库！

JNDI-Inject-Exploit

解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

JNDIExploit

A malicious LDAP server for JNDI injection attacks

linux-kernel-exploits

linux-kernel-exploits Linux平台提权漏洞集合

pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Scan-T

a new spider based on python with more function including Network fingerprint search

shadowbroker

The Shadow Brokers "Lost In Translation" leak

subDomainsBrute

A simple and fast sub domain brute tool for pentesters

ToolSuite

Security tools

VulApps

快速搭建各种漏洞环境(Various vulnerability environment)

vulhub

Docker-Compose file for vulnerability environment

w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Web-Security-Learning

Web-Security-Learning

WebEye

WhatWeb

Website Fingerprinter

wiki

windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合

wpscan

WPScan is a black box WordPress vulnerability scanner.