Smitnald's repositories
ptrace
a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志
NtdllUnpatcher
Example code for EDR bypassing
ChunkedHTTPAdapter
参考《利用分块传输吊打所有WAF》修改的requests的Adapter
SSRFmap
Automatic SSRF fuzzer and exploitation tool
bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
ChineseDarkWebCrawler
中文暗网爬虫
w9scan
Plug-in type web vulnerability scanner
Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
python-spider
:rainbow:Python3网络爬虫实战:VIP视频破解助手;GEETEST验证码破解;小说、动漫下载;手机APP爬取;财务报表入库;火车票抢票;抖音APP视频下载;百万英雄辅助;网易云音乐下载;B站视频和弹幕下载;京东晒单图下载
awd-platform
platform for awd
shodan-python
The official Python library for Shodan
Sohu-Project
呼搜库社工库
EventCleaner
A tool mainly to erase specified records from Windows event logs, with additional functionalities.
webshell-sample
收集自网络各处的 webshell 样本,用于测试 webshell 扫描器检测率。
PassList
👍 Awesome password to hack
JShell
JShell - Get a JavaScript shell with XSS.
mimipenguin
A tool to dump the login password from the current linux user
Auto-Root-Exploit
Auto Root Exploit Tool
injectify
Perform advanced MiTM attacks on websites with ease 💉
webcgi-exploits
Multi-language web CGI interfaces exploits.
web-security
Web安全中比较好的文章
BShell
A webshell helps script kiddies to bypass disable_functions
0day-security-software-vulnerability-analysis-technology
0day安全_软件漏洞分析技术
Struts-S2-xxx
整理收集Struts2漏洞环境
Meltdown
Meltdown PoC for reading passwords from Google Chrome.
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
Anti-Anti-Spider
越来越多的网站具有反爬虫特性,有的用图片隐藏关键数据,有的使用反人类的验证码,建立反反爬虫的代码仓库,通过与不同特性的网站做斗争(无恶意)提高技术。(欢迎提交难以采集的网站)(因工作原因,项目暂停)
sectoolset
The security tool(project) Set from github。github安全项目工具集合
win-powerup-exp-index
Windows提权EXP搜索辅助工具 -- 讨厌长途🚄