PACEJJ27's repositories
naxsi
NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
theHarvester
E-mails, subdomains and names Harvester - OSINT
jumpserver
Jumpserver是全球首款完全开源的堡垒机,是符合 4A 的专业运维审计系统。
icmpsh
Simple reverse ICMP shell
WebHubBot
Python + Scrapy + MongoDB . 5 million data per day !!!💥 The world's largest website.
EvilOSX
A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.
XSStrike
XSStrike is an advanced XSS detection and exploitation suite.
insight
洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
upx
UPX - the Ultimate Packer for eXecutables
ezXSS
ezXSS is an easy way to test (blind) XSS
p0wnedShell
PowerShell Runspace Post Exploitation Toolkit
POC-T
渗透测试插件化并发框架
mitm6
pwning IPv4 via IPv6
bcloud
百度网盘的linux桌面客户端
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
Th3inspector
Th3Inspector 🕵️ best tool for Information Gathering 🔎
WALKOFF
A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. iadgov
honssh
HonSSH is designed to log all SSH communications between a client and server.
password_pwncheck
Kerberos / Windows AD / Linux PAM password change check against breached lists (HIBP), and other rules
Powershell-RAT
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
XBruteForcer
Brute Force Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento
Memcrashed-DDoS-Exploit
DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
play-with-docker.github.io
Play with docker class-room repo
injectify
Perform advanced MiTM attacks on websites with ease. https://injectify.js.org
hacker-scripts
Based on a true story
BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
AutoSploit
Automated Mass Exploiter
WebGoat
WebGoat 8.0
ip2region
准确率99.9%的ip地址定位库,0.0x毫秒级查询,数据库文件大小只有1.5M,提供了java,php,c,python,nodejs,golang查询绑定和Binary,B树,内存三种查询算法,妈妈再也不用担心我的ip地址定位!