Smitnald's repositories
bing-ip2hosts
bingip2hosts is a Bing.com web scraper that discovers websites by IP address
SocksOverRDP
Socks5 Proxy support for Remote Desktop Protocol / Terminal Services
awesome-virtualization
Collection of resources about Virtualization
pypykatz
Mimikatz implementation in pure Python
SystemToken
Steal privileged token to obtain SYSTEM shell
Information_Collection_Handbook
Handbook of information collection for penetration testing and src
SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
advisories
A collection of my public security advisories.
eviloffice
Inject Macro and DDE code into Excel and Word documents (reverse shell)
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本,均为亲测可用的脚本文件,优先更新高危且易利用的漏洞利用脚本,最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340
CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
sifter
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.
Linco2
模拟Cobalt Strike的Beacon与C2通信过程,实现了基于HTTP协议的Linux C2
Ninja
Open source C2 server created for stealth red team operations
CTFium
A collection of pwn challenges from various CTFs.
Octopus
Open source pre-operation C2 server based on python and powershell
security_w1k1
collect
GoSH
Golang reverse/bind shell generator
xxexploiter
Tool to help exploit XXE vulnerabilities
android-security
Android Security Resources.
php-csrf
Single PHP library file for protection over Cross-Site Request Forgery
OA-tongda-RCE
Office Anywhere网络智能办公系统
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
shellcode-resources
Resources About Shellcode
zphisher
Automated Phishing Tool
BypassShell
anti AV
Linux-NetSpeed
将Linux现常用的网络加速集成在一起
jsEncrypter
一个用于前端加密Fuzz的Burp Suite插件
crawlergo_x_XRAY
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能