black-A's repositories
-Baseline-check
windows和linux基线检查,配套自动化检查脚本。纯手打。
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
BurpExtend
基于Burp插件开发打造渗透测试自动化
code-snippets
Various code snippets
cool
Golang-Gin 框架写的免杀平台,内置分离、捆绑等多种BypassAV方式。
crawlergo
A powerful browser crawler for web vulnerability scanners
crowsec
视频课件和工具分享
CTFd
CTFs as you need them
domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
fofax
fofax is a command line query tool based on the API of https://fofa.info/, simple is the best!
go-dork
The fastest dork scanner written in Go.
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
jsForward
解决web及移动端H5数据加密Burp调试问题
kerbrute
A tool to perform Kerberos pre-auth bruteforcing
krbrelayx
Kerberos unconstrained delegation abuse toolkit
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEGASUS-LIME-HVNC
For the time being, project will be published like this, more as test of my protector project.
PegasusHVNC
This repo is just to teach owner a lesson, that life isnt Turkish soap drama and that there are consequences of behaving like soap actress ;)
PegasusHVNCclient
This repo is just to teach owner a lesson, that life isnt Turkish soap drama and that there are consequences of behaving like soap actress ;)
php-SER-libs
php反序列化靶场,集合了常见的php反序列化漏洞——由这周末在做梦制作
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
post-hub
后渗透:代理、C2、免杀、横向、域渗透
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
SecurityInterviewGuide
网络信息安全从业者面试指南(持续补充各公司招聘面试题目和侧重点)
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
webshell
This is a webshell open source project