XTTF

XTTF

Geek Repo

Location:Beijing

Github PK Tool:Github PK Tool

XTTF's starred repositories

fzf

:cherry_blossom: A command-line fuzzy finder

gridea

✍️ A static blog writing client (一个静态博客写作客户端)

Language:TypeScriptLicense:MITStargazers:9969Issues:111Issues:1045

Bob

Bob 是一款 macOS 平台的翻译和 OCR 软件。

Ladon

Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange

Language:PowerShellLicense:MITStargazers:4857Issues:90Issues:76

CPython-Internals

Dive into CPython internals, trying to illustrate every detail of CPython implementation

31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

TideFinger

TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。

Bug-bounty

Ressources for bug bounty hunting

XSRFProbe

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Language:PythonLicense:GPL-3.0Stargazers:1105Issues:37Issues:34

SharpRDP

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

Language:C#License:BSD-3-ClauseStargazers:991Issues:33Issues:12

Autorize

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Apple

苹果美区账号 APPLE ID 免费账号共享

Stargazers:843Issues:0Issues:0

Grouper2

Find vulnerabilities in AD Group Policy

DBScanner

自动扫描内网常见sql、no-sql数据库脚本(mysql、mssql、oracle、postgresql、redis、mongodb、memcached、elasticsearch),包含未授权访问及常规弱口令检测

Language:PythonLicense:AGPL-3.0Stargazers:563Issues:13Issues:4

xxexploiter

Tool to help exploit XXE vulnerabilities

Language:TypeScriptLicense:MITStargazers:540Issues:14Issues:5

Firefox-Security-Toolkit

A tool that transforms Firefox browsers into a penetration testing suite

Language:ShellLicense:MITStargazers:483Issues:42Issues:3

flamingo

Flamingo captures credentials sprayed across the network by various IT and security products.

Language:GoLicense:BSD-2-ClauseStargazers:453Issues:23Issues:9

Ps-Tools

Ps-Tools, an advanced process monitoring toolkit for offensive operations

vmware_vcenter_cve_2020_3952

Exploit for CVE-2020-3952 in vCenter 6.7

Language:PythonLicense:BSD-3-ClauseStargazers:271Issues:13Issues:3

Print-My-Shell

Python script wrote to automate the process of generating various reverse shells.

Language:PythonLicense:MITStargazers:193Issues:7Issues:2

android_application_analyzer

The tool is used to analyze the content of the android application in local storage.

Language:PythonLicense:MITStargazers:154Issues:6Issues:9

Pentest-Wiki

规范渗透测试报告中的漏洞名称以及修复建议

Webfinger

web指纹识别

Language:PythonLicense:GPL-3.0Stargazers:129Issues:2Issues:2
Language:PythonLicense:GPL-3.0Stargazers:89Issues:5Issues:3

Fudge

Hiding implants in HTML files

dom-red

Small script to check a list of domains against open redirect vulnerability

Top-Port-Slicer

Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma separated list you can copy into -p arg for nmap or masscan

Language:PythonLicense:UnlicenseStargazers:17Issues:1Issues:0

wappalyzer-api

Simple wrap of [Wappalyzer](https://github.com/AliasIO/Wappalyzer) to use instead of subscription wappalyzer API.

Language:JavaScriptLicense:GPL-3.0Stargazers:15Issues:2Issues:0
Language:PowerShellStargazers:8Issues:2Issues:0