hittimes's repositories
weblive
批量获取网站基本信息
phpvuln
Audit tool to find common vulnerabilities in PHP source code
AutoRDPwn
The Shadow Attack Framework
Pentest_Note
渗透测试常规操作记录
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Fuzzing-Dicts
Web Security Dictionary
domainTools
内网域渗透小工具
BBScan
A fast vulnerability scanner
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
pingtunnel
ICMP流量伪装转发工具 ping tunnel is a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
sentinel-scanner
Next Generation Distributed Web Security Scanner with Futuristic Architecture and UI :dizzy: 混沌守望者(扫描器),多策略(爬虫扫描&POC 扫描)、模块化、分布式的智能网络空间测绘、管理与安全探测
Redis-Getshell
Redis 未授权检测,密码爆破,Webshell写入,SSH公私钥写入,定时计划反弹Shell.
weblogic_exploit
weblogic漏洞利用工具
PoC-in-GitHub
📡 PoC auto collect from GitHub.
OSCP
备考 OSCP 的各种干货资料/渗透测试干货资料
Noctilucent
Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
spectre
A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Shiroexploit
Shiro命令执行工具
Python3-Spider
Python爬虫实战 - 模拟登陆各大网站 包含但不限于:滑块验证、拼多多、美团、百度、bilibili、大众点评、淘宝,如果喜欢请start ❤️
CVE-2020-1337-exploit
CVE-2020-1337 Windows Print Spooler Privilege Escalation
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon7.0内置83个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Violation_Pnetest
渗透红线Checklist
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
WMIHACKER
A Bypass Anti-virus Software Lateral Movement Command Execution Tool
GobyExtension
Goby extension doc.
mimipenguin
A tool to dump the login password from the current linux user
SatanSword
红队综合渗透框架