kevin's repositories
sqlmap
Automatic SQL injection and database takeover tool
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
linux-exploit-development-tutorial
a series tutorial for linux exploit development to newbie.(Linux exploit 开发指南)
awesome-sec-talks
A collected list of awesome security talks
InForMation
windows Server Information gathering tool (主机信息收集工具)
nishang
Nishang - PowerShell for penetration testing and offensive security.
Android-Penetration
there are some guidelines for us to do penetration on Android application
CrackMapExec
A swiss army knife for pentesting Windows/Active Directory environments
python-pentest-tools
Python tools for penetration testers
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
penetration-testing-tools
Penetration Testing tools - one repo to clone them all... containing latest pen testing tools
public-pentesting-reports
Curated list of public penetration testing reports released by several consulting firms and academic security groups
eqgrp-free-file
Free sampling of files from the purported Equation Group hack.
tools
一些实用的python脚本
SSTIF
一个Fuzzing服务器端模板注入漏洞的半自动化工具
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
Some-PoC-oR-ExP
各种Web应用漏洞和其他应用系统的poc、Exp的收集或编写,欢迎各位补充,共同打造友情检测网络安全环境!^^**_**^^
Pentest
tools
Cheatsheets
Penetration Testing/Security Cheatsheets
wiki.secmobi.com
SecMobi Wiki is a collection of mobile security resources.
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
genpAss
**特色的弱口令生成器
webshell
This is a webshell open source project
CVE-2016-0051
EoP (Win7) & BSoD (Win10) PoC for CVE-2016-0051 (MS-016)
Chinese_Laws
这是收集**法律的集合,尽量在短时间内更新完整
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
pentestpackage
a package of Pentest scripts I have made or commonly use(渗透测试的脚本集锦 )
jboss_autoexploit
JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution 漏洞批量检测