kevin's repositories
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
XSStrike
Most advanced XSS scanner.
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Java-Security
Java Security Documents
x-crack
x-crack - Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
Behinder
“冰蝎”动态二进制加密网站管理客户端
w9scan
Plug-in type web vulnerability scanner
memShell
a webshell resides in the memory of java web server
find-sec-bugs
The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects)
MS17-010
MS17-010
AV_Kernel_Vulns
Pocs for Antivirus Software‘s Kernel Vulnerabilities
JavaSecurity
Java web and command line application projects for different security topics
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
Benchmarks
常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
Java-Web-Security
Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
shadowbroker
The Shadow Brokers "Lost In Translation" leak
win-keyboardlogger
Key logger that records keystrokes in 2 different formats and saves it to file as well as cloud in Windows.
Sec-Box
information security Tools Box (信息安全工具集合)
research-method
论文写作与资料分享
SearchWebPath
根据网站URL,判断出URL所在的网站物理路径地址。
jmxbf
A brute force program to test weak accounts configured to access a JMX Registry
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
penetration
this is some pentest script based on python, just simple but useful, maybe it can help you do something else. just have a try