b1gw00d's repositories
S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
403-fuzz
针对 403 页面的 fuzz 脚本
ksubdomain
Subdomain scanner, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
bug-bounty
list of bug bounty writeups
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
c4udit
Static analyzer for solidity contracts based on regexs specifically crafted for code4rena contests
ad-password-protection
Active Directory password filter featuring breached password checking and custom complexity rules
Rubeus
Trying to tame the three-headed dog.
pentest-note
渗透测试☞经验/思路/想法/总结/笔记/. . .
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
CVE-2021-4034
CVE-2021-4034 1day
CreateHiddenAccount
A tool for creating hidden accounts using the registry.
Kernelhub
:palm_tree:Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
WarFox
An HTTPS beaconing Windows implant and multi-layered proxy C2 network designed for covert APT emulation focused offensive operations
VunHunterTips
漏洞挖掘技巧及其一些工具集成
Network-segmentation-cheat-sheet
Best practices for segmentation of the corporate network of any company
SOC-OpenSource
This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.
easy-rl
强化学习中文教程,在线阅读地址:https://datawhalechina.github.io/easy-rl/
LiSa
Sandbox for automated Linux malware analysis.
adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Cheat-Sheet---Active-Directory
This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
SecOpsDev
自己闲来无事所写以及工作中抽取的安全/运维/开发方面的小脚本
Kunyu
Kunyu, more efficient corporate asset collection
nanodump
Dumping LSASS has never been so stealthy
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.