LoneWolf1927's repositories
Sublist3r
Fast subdomains enumeration tool for penetration testers
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
FAE
FeAture Explorer
webshell-1
This is a webshell open source project
PeiQi-WIKI-POC
鹿不在侧,鲸不予游🐋
Godzilla
哥斯拉
metasploitable3
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
j2ee-scan
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
webshell
免杀webshell生成工具
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Fuzz_dic
参数 | 字典 collections
CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner
Cnvd-2020-10487 / cve-2020-1938, scanner tool
onlinetools
在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
LadonGo
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
skyscorpion
新版将不再对外公开发布。天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端,支持跨平台运行,目前基于JDK1.8开发,运行必须安装JDK或JRE 1.8,注意不能是open jdk,只能是oracle的jdk。 天蝎权限管理工具基于冰蝎加密流量进行WebShell通信管理的原理,目前实现了jsp、aspx、php、asp端的常用操作功能,在原基础上,优化了大文件上传下载、Socket代理的问题,修改了部分API接口代码。
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
CTFCrackTools-V2
China's first CTFTools framework.**国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
sm2_sm3_sm4_tools
sm2/3/4 tools for cryptography practitioners
Phantom-Evasion
Python antivirus evasion tool
Aggressor
Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
oracleShell
oracle 数据库命令执行
VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
fastjson_rec_exploit
fastjson一键命令执行