du1ge's repositories
ShiroExp
shiro综合利用工具
impacket
Impacket is a collection of Python classes for working with network protocols.
MiniCMS
至简的个人网站内容管理系统
linux-exploit-suggester
Linux privilege escalation auditing tool
Middleware-Vulnerability-detection
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
AutoSRC
Use FOFA automatic vulnerability scanning tool
Fuzz_dic
参数 | 字典 collections
super-guacamole
记录渗透测试有关POC、EXP、脚本、提权、小工具 About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql
Malleable-C2-Profiles
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
Erebus
CobaltStrike后渗透测试插件
pot-sdk
ARGOS LAB's POT SDK
redtool
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种
bypassAV
免杀shellcode加载器
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
CVE-2021-26855_Exchange
Microsoft Exchange Proxylogon Exploit Chain EXP分析
ShellCodeFramework
绕3环的shellcode免杀框架
VMware_ESXI_OpenSLP_PoCs
CVE-2020-3992 & CVE-2019-5544
BT_Panel_Privilege_Escalation
宝塔面板Windows版提权方法
Fuzzing-Dicts
Web Security Dictionary
dedecmscan
织梦全版本漏洞扫描
reGeorg
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
XSS-Payloads
List of advanced XSS payloads
SuperWordlist
基于实战沉淀下的各种弱口令字典
miniProxy
🚨⚠️ UNMAINTAINED! ⚠️🚨 A simple PHP web proxy.
domainWeakPasswdCheck
内网安全·域账号弱口令审计