无情的 Fork 机器's repositories
wechat-dump-rs
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
searchall-2
强大的敏感信息搜索工具
Sign-Sacker-2
Sign-Sacker(签名掠夺者):一款数字签名复制器,可将其他官方exe中数字签名,图标,详细信息复制到没有签名的exe中,作为免杀,权限维持,伪装的一种小手段。
ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
SmmBackdoorNg
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
burp-menu-level
一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.
curlshell
reverse shell using curl
ele
cobaltstrike的BypassUAC、提权dll插件
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
FrameVul
POC集合,框架nday漏洞利用
Golin
弱口令检测、 漏洞扫描、端口扫描(协议识别,组件识别)、web目录扫描、子域名扫描、等保模拟定级、自动化运维、等保工具(网络安全等级保护现场测评工具)内置3级等保核查命令、基线核查工具
GZCTF
The GZ::CTF project, an open source CTF platform.
hbit
一款用于安全测试中信息收集的自动化工具
ICP-Checker
ICP备案查询,可查询企业或域名的ICP备案信息,自动完成滑动验证,保存结果到Excel表格,适用于新版的工信部备案管理系统网站,告别频繁拖动验证,以及某站*工具要开通VIP才可查看备案信息的坑
jexpr-encoder-utils
Java表达式语句生成器
LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
memory-image-auto-analyzer
一个雏形,一个基于Volatility进行可视化、自动化内存镜像分析的工具
NetExec
The Network Execution Tool
perfect-loader
Load a dynamic library from memory by modifying the native Windows loader
Periscope
Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)
PingRAT
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.
PleasantTools
Tools for Attacking Pleasant Password Server
poc-proxycommand-vulnerable
Proof of conept to exploit vulnerable proxycommand configurations on ssh clients
SharpWeb
一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。
telegram-get-remote-ips
Get IP address on other side audio call in Telegram.
UACME
Defeating Windows User Account Control
webshell1
某免杀webshell
wordlists
Real-world infosec wordlists, updated regularly