GitHub-yxl's repositories
Windows-INCIDENT-RESPONSE-COOKBOOK
Windows 应急响应手册
Linux-INCIDENT-RESPONSE-COOKBOOK
Linux 应急响应手册
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
FindSomething
基于chrome、firefox插件的被动式信息泄漏检测工具
MindAPI
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2022
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
yakit
Cyber Security ALL-IN-ONE Platform
BREAK
业务风险枚举与规避知识(Business Risk Enumeration & Avoidance Kownledge)
Awesome-Redteam
一个红队知识仓库
www-project-kubernetes-top-ten
OWASP Foundation Web Respository
dirsearch
Web path scanner
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
goproxy
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
HackReport
渗透测试报告/资料文档/渗透经验文档/安全书籍
JNDIExploit
A malicious LDAP server for JNDI injection attacks
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
olist213_Information_Security_Books
150本信息安全方面的书籍书籍(持续更新)
BurpLoaderKeygen
Burp Suite Pro Loader & Keygen ( BurpSuite version v2020.1 - ∞ )
WhatWeb
Next generation web scanner
EyeJo
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。
secguide
面向开发人员梳理的代码安全指南
OneForAll
OneForAll是一款功能强大的子域收集工具
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
PentesterSpecialDict
渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
OneDragon
OneDragon 安全圈一条龙服务,全自动化挖洞,助力挖SRC的赏金猎人白帽子,一键实现子域名扫描,全端口扫描,目录扫描,漏洞扫描。
exp-hub
漏洞复现、批量脚本
nosafer.github.io
在线漏洞平台
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.