lowliness9

lowliness9's repositories

weaponKu

Some scripts written to solve problems at work .

Language:PythonApache-2.01 10

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

Language:GoGPL-2.0000

CrossC2

generate CobaltStrike's cross-platform payload

Language:C000

FourEye

AV Evasion Tool For Red Team Ops

Language:Objective-CApache-2.0000

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Language:GoApache-2.0000

fscan

一款内网扫描工具，方便一键大保健~

Language:Go000

HackReport

渗透测试报告/资料文档/渗透经验文档/安全书籍

Language:Python000

harbor

An open source trusted cloud native registry project that stores, signs, and scans content.

Language:GoApache-2.0000

hydrapy

Language:Python010

impacket

Impacket is a collection of Python classes for working with network protocols.

Language:PythonNOASSERTION000

InScan

边界打点后的自动化渗透工具

Language:Go000

jarm

Language:PythonBSD-3-Clause000

JNDI-Injection-Exploit

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

Language:JavaMIT000

LadonGo

Ladon Network Scanner For Golang (Full platform penetration scanner framework)LadonGo一款开源内网渗透扫描器框架，使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.2版本包含24个模块功能，高危漏洞检测MS17010、SmbGhost，远程执行SshCmd、WinrmCmd，密码爆破SmbScan、SshScan、FtpScan、MysqlScan、MssqlScan、OracleScan、SqlplusScan、WinrmScan、HttpBasicScan，存活探测/信息收集/指纹识别PingScan、IcmpScan，HttpBanner、HttpTitle、TcpBanner、WeblogicScan、OxidScan，端口扫描PortScan。

Language:GoMIT000

Log4j2Scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

Language:JavaApache-2.0000

Memcrashed-DDoS-Exploit

DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API

Language:Python000

passive-scan-client

Burp被动扫描流量转发插件

Language:Java000

rad

000

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Language:PythonGPL-3.0000

Safety-Project-Collection

收集一些比较优秀的开源安全项目，以帮助甲方安全从业人员构建企业安全能力。

000

scylla

Intelligent proxy pool for Humans™ (Maintainer needed)

Language:PythonApache-2.0000

shiro_attack

shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）

Language:Java000

suricata-rules

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

000

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Language:VueNOASSERTION000

yarGen

yarGen is a generator for YARA rules