huyanshuhan's repositories
APT_CyberCriminal_Campagin_Collections
APT & CyberCriminal Campaign Collection
awesome-opensource-security
A list of interesting open-source tools
Awesome-Redteam
一个红队知识仓库
ByteDance-HIDS
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
domainNamePredictor
一个简单的现代化公司域名使用规律预测及生成工具
epagneul
Graph Visualization for windows event logs
firmeye
An auxiliary tool for iot vulnerability hunter
hacktools
自己辅助渗透用的小工具(真心小工具)
HIBP-578M
Hash cracking wordlist, rules, masks, and tokens taken from cracking over half a billion passwords.
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
insight
洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
JNDIExploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
kscan
Kscan是一款纯go开发的轻量级的资产发现工具,可针对指定IP段、资产清单、存活网段自动化进行端口扫描以及TCP指纹识别和Banner抓取,在不发送更多的数据包的情况下尽可能的获取端口更多信息。并且能够针对扫描结果进行自动化暴力破解,且是go平台首款开源的RDP暴力破解工具。
ohmyzsh
🙃 A delightful community-driven (with 2,000+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python, etc), 140+ themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
OneForAll
OneForAll是一款功能强大的子域收集工具
PeiQi-WIKI-POC
鹿不在侧,鲸不予游🐋
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
PowerRemoteDesktop
Remote Desktop entirely coded in PowerShell.
Sandboxie
Sandboxie - Open Source
SniperPhish
SniperPhish - The Web-Email Spear Phishing Toolkit
SnowShadow
雪影,一款桌面软件,集成了IP查询,端口扫描,系统命令,Webshell,C段存活扫描,后台目录扫描,远程控制等功能,以后还会增加其它实用功能。
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
TailorScan
自用缝合怪内网扫描器,支持端口扫描,识别服务,获取title,扫描多网卡,ms17010扫描,icmp存活探测。
transfer
🍭 集合多个API的大文件传输工具.
transfer.sh
Easy and fast file sharing from the command-line.
wiki
WgpSec 公开POC WIKI文库 @PeiQi0 师傅
zscan
Zscan a scan blasting tool set