gold1029's repositories
OSCP-Notes
preparing for OSCP test
NessusToReport
Nessus扫描报告自动化生成工具
CrackMapExec
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks.https://github.com/byt3bl33d3r/CrackMapExec/wiki
The-Nessus-Butcher
Nessus enterprise vulnerability management - visualise data from multiple nessus reports simultaneously, filter data, and output on terminal, as text, html or excel / xlsx
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
Struts2-Scan
Struts2全漏洞扫描利用工具
CrossC2
generate CobaltStrike's cross-platform payload
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
MemShellDemo
memshell demo for java and php
RedTeam-1
Tools & Interesting Things for RedTeam Ops
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
metasploit-framework
Metasploit Framework
crawlergo
A powerful dynamic crawler for web vulnerability scanners
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
awesome-incident-response-1
A curated list of tools for incident response
PayloadsAllTheThings-1
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
java-object-searcher
java内存对象搜索辅助工具
DeTTECT
Detect Tactics, Techniques & Combat Threats
Impost3r
👻Impost3r -- A linux password thief
Spray
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
fastjson-rce-exploit
exploit for fastjson remote code execution vulnerability
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
BrowserGhost
这是一个抓取浏览器密码的工具,后续会添加更多功能