SN-Yang's repositories
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
awesome-chatgpt-prompts
This repo includes ChatGPT promt curation to use ChatGPT better.
awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
burpgpt
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.
clash
A rule-based tunnel in Go.
ClashForAndroid
A rule-based tunnel for Android.
CVE-2022-37042
Zimbra CVE-2022-37042 Nuclei weaponized template
CVE-2024-1698-PoC
Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
FastjsonScan
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
Hacking-Write-ups
A collection of awesome write-ups from topics ranging from CVE, vulnHub, CTFs, Hack the box walkthroughs, real-life encounters and everything which can help other enthusiasts learn.
malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
MYExploit
OAExploit一款基于产品的一键扫描工具。
OneForAll
OneForAll是一款功能强大的子域收集工具
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pinduoduo_backdoor
pdd is diaomao
PyWxDump
获取微信账号信息(昵称/账号/手机/邮箱/数据库密钥/wxid);PC微信数据库读取、解密脚本;聊天记录查看工具;聊天记录导出为html(包含语音图片)。支持多账户信息获取,支持所有微信版本。
R-dict
一些自己常用的渗透字典
Red-Blueteam-party
Red Blue team party is a collection of tools , articles , writeups and useful things for blue and Redteaming
Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
tdv11.6_rce
2020.8
VcenterKit
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
whohk
whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
XSS-Payloads
List of XSS Vectors/Payloads
xxxxx
A clash client for Windows, support clash core and Clash.Meta core