Einaudi's repositories
ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Behinder
“冰蝎”动态二进制加密网站管理客户端
cve
Gather and update all available and newest CVEs with their PoC.
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
github-cve-monitor
实时监控github上新增的cve和安全工具更新,多渠道推送通知
Glass
Glass是一款针对资产列表的快速指纹识别工具,通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹,也可针对IP/IP段或资产列表进行快速的指纹识别。
impacket
Impacket is a collection of Python classes for working with network protocols.
impacket-examples-windows
The great impacket example scripts compiled for Windows
ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
LaZagne
Credentials recovery project
LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
mimikatz
A little tool to play with Windows security
mimipenguin
A tool to dump the login password from the current linux user
OneForAll
OneForAll是一款功能强大的子域收集工具
pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
sqlmap
Automatic SQL injection and database takeover tool
subDomainsBrute
A fast sub domain brute tool for pentesters
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Vulmap-1
Vulmap Online Local Vulnerability Scanners Project
w13scan
Passive Security Scanner (被动式安全扫描器)
webshell
This is a webshell open source project
wesng
Windows Exploit Suggester - Next Generation
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
XrayFofa
一款将xray和fofa完美结合的自动化工具,调用fofaAPI进行查询扫描,新增爬虫爬取扫描(懒人必备)