Beast code in Giters

ginipropro's starred repositories

ffuf

Fast web fuzzer written in Go

Language:GoMIT1235700

CVE-2022-40684

A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager

Language:Python33900

AWSome-Pentesting

My cheatsheet notes to pentest AWS infrastructure

GPL-3.065600

CVE-2022-2992

Authenticated Remote Command Execution in Gitlab via GitHub import

Language:Python21900

一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption)

Language:RustGPL-3.0180100

gitleaks

Protect and discover secrets using Gitleaks 🔑

Language:GoMIT1753900

WeblogicExploit-GUI

Weblogic漏洞利用图形化工具支持注入内存马、一键上传webshell、命令执行

70100

penetration-suite-toolkit

本项目制作的初衷是帮助渗透新手快速搭建工作环境，工欲善其事，必先利其器。

245500

OrcaC2

OrcaC2是一款基于Websocket加密通信的多功能C&C框架，使用Golang实现。

Language:GoGPL-3.062700

httpx

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Language:GoMIT754500

vulmap

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Language:PythonGPL-3.0337400

weblogicScanner

weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力：CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883

Language:Python198600

trojan_simple_demo

简单的用python写的远控demo 执行命令只一个心跳完成所有操作

Language:Python3500

dnsReaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Language:PythonAGPL-3.0198700

VcenterKiller

一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

Language:GoApache-2.0131300

xLog

🪽 An open-source creative community written on the blockchain.

Language:TypeScriptNOASSERTION225700

ipranges

🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.

Language:ShellCC0-1.058100

foundry

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

Language:RustApache-2.0817900

kscan

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Language:GoGPL-3.0388600

sliver

Adversary Emulation Framework

Language:GoGPL-3.0830800

PentestDB

各种数据库的利用姿势

98400

Heroinn

A cross platform C2/post-exploitation framework.

Language:RustGPL-3.064100

Homework-of-Python

Python codes of my blog.

Language:Python35800

azureOutlookC2

Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

Language:CMIT45500

dirmap

An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

Language:PythonGPL-3.0313100

cobaltstrike4.5_cdf

cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等

24500

Adinfo

域信息收集工具

Language:Go38000

zpscan

一个有点好用的信息收集工具。A somewhat useful information gathering tool.

Language:GoMIT102200

WTF-Solidity

WTF Solidity 极简入门教程，供小白们使用。Now supports English! 官网: https://wtf.academy

Language:SolidityNOASSERTION1137800

ginipropro