liu0tufang's repositories
JDSRC-Small-Classroom
京东SRC小课堂系列文章
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
AndroidNativeEmu
Allows you to partly emulate an Android native library.
redis-rce
Redis 4.x/5.x RCE
Safety-Project-Collection
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
WDScanner
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
The-Hacker-Playbook-3-Translation
对 The Hacker Playbook 3 的翻译。
0xbird.github.io
欢迎关注小鸟的技术博客!(Pwn/智能硬件/AI安全/漏洞分析/威胁情报/RedTeam/移动设备/内核/虚拟机/容器安全/浏览器/CPU/安全开发/漏洞挖掘/APT/病毒分析/安全学术)
sysmon-cheatsheet
All sysmon event types and their fields explained
FACT_core
Firmware Analysis and Comparison Tool
Enterprise-Security-Skill
用于记录企业安全规划,建设,运营,攻防的相关资源
sdwannewhope
SD-WAN security and insecurity
F-NAScan-PLUS
F-NAScan-PLUS 安服资产搜集
aswan
陌陌风控系统静态规则引擎,零基础简易便捷的配置多种复杂规则,实时高效管控用户异常行为。
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
crawlab
Celery-based web crawler admin platform for managing distributed web spiders regardless of languages and frameworks.
Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,弱口令探测,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
opencanary_web
The web management platform of honeypot
APT_REPORT
Interesting apt report collection and some special ioc express
antSword
AntSword is a cross-platform website management toolkit.
APT34
APT34/OILRIG leak
CVE-2019-0708
dump
AgentSmith-HIDS
Low performance loss and by LKM technology HIDS tool.from Dianrong InfoSEC team.
CVE-2019-2725
CVE-2019-2725 命令回显
fatt
fatt /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
rdpscan
A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
WeblogicScan
Weblogic vulnerability one-click poc detection.
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
awesome-threat-detection
A curated list of awesome threat detection and hunting resources