jenxp's repositories
All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
alioss-stinger
利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。
AppMessenger
一款适用于以APP病毒分析、APP漏洞挖掘、APP开发、HW行动/红队/渗透测试团队为场景的移动端(Android、iOS)辅助分析工具
appsmith
Low code project to build admin panels, internal tools, and dashboards. Integrates with 15+ databases and any API.
asmoboot
Java低代码快速开发框架,含轻量级数据中台、轻量级物联网平台、基于ZLmediakit的流媒体平台等。基于该框架开发的智慧安防平台项目:https://github.com/RotaNova/isc 在线体验:http://rotanava.synology.me:9980 账号:guest 密码:guest123
austin-admin
austin项目前端,依赖amis
cloud-native-security-inspector
This project scans and assesses workloads in Kubernetes at runtime. It can apply protection rules to workloads to avoid further risks as well.
CVE-2021-22555-Exploit
dokcer escape 提权
CVE-2022-2992
Authenticated Remote Command Execution in Gitlab via GitHub import
cve-2022-31898
Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215
CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
CVE-2022-40684
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
CVE-2023-21608
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
dgiot
Open source platform for iot , 30 min Quick Deployment,10M devices connection,Carrier level Stability;物联网开源平台,30分钟快速部署,千万级承载,电信级稳定性. Low code for Object model-Rule Engine-Data Channel-Configuration Page; Fully open source, Multi industrial protocols are compatible.物模型-规则引擎-数据通道-组态页面全流程零代码开发、全业务全链路模拟压测、前后端完全开源、多行业工业协议兼容。QQ群:346566935
Ehoney
安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.
FOKS-TROT
It's a minifilter used for transparent-encrypting.
geacon_pro
跨平台重构了Cobaltstrike Beacon,适配了大部分Beacon的功能,行为对国内主流杀软免杀,支持4.1以上的版本。 A cross-platform CobaltStrike Beacon bypass anti-virus, supports 4.1+ version.
go-check-plugins
Check Plugins for monitoring written in golang
go-wechaty
Go Wechaty is a Conversational SDK for Chatbot Makers Written in Go
go-yara
Go bindings for YARA
GoWxDump
SharpWxDump的Go语言版。微信客户端取证,获取信息(微信号、手机号、昵称),微信聊天记录分析(Top N聊天的人、统计聊天最频繁的好友排行、关键词列表搜索等)
IoTDevIDv2
A Behavior-Based Device Identification Method for the IoT
macos_security
macOS Security Compliance Project
metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
pikachu
一个好玩的Web安全-漏洞测试平台
RansomLook
Yet an other Ransomware gang tracker
Sandboxie
Sandboxie Plus & Classic
seckeySystem
一个几年前黑马的小项目(密钥协商系统),但当时的一些其他功能没实现,这里把剩下的功能都实现了(当然代码是在原有基础上扩展的再加修改些许bug)用到的主要技术有连接池,多线程,网络通信,ASN.1报文编解码,工厂模式,共享内存,利用openssl库里的加密算法进行加密,最后还有常用MYSQL的API接口(原项目是oracle的,但是虚拟机上没装,但其实都一样😅)。项目整体不难,可以拿来巩固大家的知识点,适合新手
sliver
Adversary Emulation Framework
WaterDragon
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022