Quinn Yan's repositories
365-days-get-xuanwulab-job
Get a job from Xuanwu Lab in 365 days
WechatDecrypt
微信消息解密工具
Amass
In-depth Attack Surface Mapping and Asset Discovery
awesome-go
A curated list of awesome Go frameworks, libraries and software
Awesome-macOS-Red-Teaming
List of Awesome macOS Red Teaming Resources.
Backstab
A tool to kill antimalware protected processes
BBTz
BBT - Bug Bounty Tools
black-hat-go
《Black.Hat.Go》中文翻译
black-hat-rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
chisel
A fast TCP/UDP tunnel over HTTP
CobaltStrike_RedTeam_CheatSheet
Useful Cobalt Strike techniques learned from engagements
CobaltstrikeSource
Cobaltstrike4.1 Source
CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
exp-hub
漏洞仓库:Web漏洞、系统漏洞、客户端漏洞
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
fingerprint-android
Swiss army knife for identifying and fingerprinting Android devices.
firefox_decrypt
Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles
HellsGate
Original C Implementation of the Hell's Gate VX Technique
HOLLOW
EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode
Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
ivre
Network recon framework.
kerlab
Kerberos laboratory to better understand and then detecting attack on kerberos
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
NessusToReport
nessus扫描报告自动化生成工具
OSWE-1
This Repo includes all the Learning materials to Crack OSWE
PoisonApple
macOS persistence tool
SecurityManageFramwork-SeMF
企业内网安全管理平台,包含资产管理,漏洞管理,账号管理,知识库管、安全扫描自动化功能模块,可用于企业内部的安全管理。 本平台旨在帮助安全人员少,业务线繁杂,周期巡检困难,自动化程度低的甲方,更好的实现企业内部的安全管理。
seotools
SEO(黑帽+白帽)相关的工具
spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
threat-dragon
An open source, online threat modelling tool from OWASP