Wnltc0's repositories
adsec
An introduction to Active Directory security
awesome-reverse
awesome-逆向基础入门,包括JS、安卓APP/Native
BaiduPCS-Go
百度网盘工具箱 - Go语言编写
bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
CodeQLRule
个人使用CodeQL编写的一些规则
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
Finger
一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具
DecryptTools
DecryptTools-综合解密
FridaAntiRootDetection
A frida script for bypass common root detection,the collection of detection methods is still improving!
gosint
Gosint is a distributed asset information collection and vulnerability scanning platform
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
ip2domain
批量查询ip对应域名及百度权重、备案信息;ip反查域名;ip查备案信息;资产归属查询;百度权重查询
JavaTools
一些Java编写的小工具。
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
n0kovo_subdomains
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
oFx
一款漏洞验证工具而已
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PHP_INCLUDE_TO_SHELL_CHAR_DICT
php无文件,文件包含rce
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
ProxyPool
An Efficient ProxyPool with Getter, Tester and Server
r0capture
安卓应用层抓包通杀脚本
red-tldr
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.
redteam-tools
红队作战中的一些工具分享。
SendToXray
SendToXray - Burp Suite Extender, Send HTTP request to XRAY proxy.
spy-debugger
微信调试,各种WebView样式调试、手机浏览器的页面真机调试。便捷的远程调试手机页面、抓包工具,支持:HTTP/HTTPS,无需USB连接设备。
TomcatMemShell
拿来即用的Tomcat7/8/9/10版本Listener/Filter/Servlet内存马,支持注入CMD内存马和冰蝎内存马
w5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
wechatMiniAppReverse
微信小程序解密并反编译
wechatmp2markdown
微信公众号文章转Markdown