cerrymoli

grok-1

Grok open release

h4cker

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

GOAD

game of active directory

apkleaks

Scanning APK file for URIs, endpoints & secrets.

awesome-reverse-engineering

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

drozer

The Leading Security Assessment Framework for Android.

fuxploider

File upload vulnerability scanner and exploitation tool.

pingvin-share

A self-hosted file sharing platform that combines lightness and beauty, perfect for seamless and efficient file sharing.

CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

PCAPdroid

No-root network monitor, firewall and PCAP dumper for Android

DarkGPT

DarkGPT is an OSINT assistant based on GPT-4-200K (recommended use) designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.

domain_hunter_pro

domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

Android-Reports-and-Resources

A big list of Android Hackerone disclosed reports and other resources.

jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

shiro_rce_tool

shiro 反序列 命令执行辅助检测工具

wordlists

📜 A collection of wordlists for many different usages

recollapse

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

Frida-Labs

The repo contains a series of challenges for learning Frida for Android Exploitation.

SSTImap

Automatic SSTI detection tool with interactive interface

linbing

本系统是对Web中间件和Web框架进行自动化渗透的一个系统,根据扫描选项去自动化收集资产,然后进行POC扫描,POC扫描时会根据指纹选择POC插件去扫描,POC插件扫描用异步方式扫描.前端采用vue技术,后端采用python fastapi.

docker-phobia

Analyze Docker images size

lc

LC（List Cloud）是一个多云攻击面资产梳理工具

lldbinit

A gdbinit clone for LLDB

ics-forensics-tools

Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.

EnvFuzz

Fuzz anything with Program Environment Fuzzing

go-exploitdb

Tool for searching Exploits from Exploit Databases, etc.

MpaasPentestTool

mpass移动开发框架ios端抓包hook脚本

SimpleHoneyPot

面向护网，攻防演练等场景下的小型蜜罐

TailorFinder

cloud-security-resources