Beast code in Giters

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

MIT000

ExchangeLearn

000

go-sec-code

Go-sec-code is a project for learning Go vulnerability code.

000

HackReport

渗透测试报告/资料文档/渗透经验文档/安全书籍

000

impacket-programming-manual

impacket编程手册

000

joern

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs

Apache-2.0000

llama

Inference code for LLaMA models

NOASSERTION000

Metasploit-framework-CVE-2022-41082

NOASSERTION000

POC_Collect

(持续更新)本项目为存储团队Bot小K每日监测到的最新POC，EXP，以及自己平时总结的POC，为了方便渗透测试过程中，漏洞查询，脱网环境的渗透测试。

000

PrivescCheck

Privilege Escalation Enumeration Script for Windows

BSD-3-Clause000

Proxy-Attackchain

proxylogon & proxyshell & proxyoracle & proxytoken & all exchange server vulns summarization :)

000

ProxyNotShell

000

scalpel

scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常见的数据格式（json, xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构的变异。变异完成之后，将树结构还原为原始的数据格式。原理：https://mp.weixin.qq.com/s/U_llBwC05vb84U9wb8NZog

000

scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

BSD-3-Clause000

SharpExchangeKing

Exchange 服务器安全性的辅助测试工具

000

sliver

Adversary Emulation Framework

GPL-3.0000

tools-note

常用工具收集

000

web-sec

WEB安全手册(红队安全技能栈)，漏洞理解，漏洞利用，代码审计和渗透测试总结。【持续更新】

000

wsMemShell

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

000

zpscan

一个有点好用的信息收集工具。A somewhat useful information gathering tool.

MIT000

icysun

scriptsec's repositories

0day

AlliN

Amsi-Bypass-Powershell

awesome-cloud-security

ChatGPTScanner

Cobalt_Strike_wiki

ColossalAI

CVE-2023-23397-POC-Powershell

DCSec

dolphin

DomainPasswordSpray