Hekeats-L

Apt_t00ls

高危漏洞利用工具

As-Exploits

**蚁剑后渗透框架

AzureHound

Azure Data Exporter for BloodHound

BurpFastJsonScan

一款基于BurpSuite的被动式FastJson检测插件

BurpShiroPassiveScan

一款基于BurpSuite的被动式shiro检测插件

cloud-security

dirsearch_bypass403

目录扫描+403状态绕过

doc

evil-winrm

The ultimate WinRM shell for hacking/pentesting

Gel4y-Mini-Shell-Backdoor-Decode

Gel4y-Mini-Shell-Backdoor-Decode

HackReport

渗透测试报告/资料文档/渗透经验文档/安全书籍

hw2023-bigbang

HW2023中安全厂和超级大厂的大爆炸

Hyacinth

一款java漏洞集合工具

impacket-gui

impacket-gui

JavaSec

a rep for documenting my study, may be from 0 to 0.1

javaweb-sec

kunge-cybersecurity-learning

全网首创，坤哥网安学习法，最屌没有之一

metasploit-framework

Metasploit Framework

Network-security-study-notes

主要记录网络安全学习笔记，包含WEB基础、提权、APP渗透、内网横向移动、工具学习等

PassGAN

A Deep Learning Approach for Password Guessing

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PeiQi-WIKI-Book

面向网络安全从业者的知识文库🍃

qq-tim-elevation

CVE-2023-34312

RedTeamNotes

红队笔记

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Tool_Summary

网络安全测试工具汇总，包含漏洞库、漏洞利用工具、漏洞扫描工具、密码读取工具、中间件利用工具、内网渗透工具。cs、burp、浏览器插件工具、字典等

unauthorized

常见的未授权漏洞检测

WTF-Solidity

我最近在重新学solidity，巩固一下细节，也写一个“WTF Solidity极简入门”，供小白们使用，每周更新1-3讲。官网: https://wtf.academy

Rubeus

Trying to tame the three-headed dog.

ShiroAttack2

shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack