lsh4ck's repositories
Langzi_SRC_Safe_Cruise
LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
self-linux-exp
linux-exp
self-windows-exp
windows-exp
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2023HW-0Day-vulnerability-detection
为更好帮助师傅们HW及日常安全巡检期间进行安全自查检测,银遁安全团队编写了最近公开漏洞的检测工具
app-env-docker
基于 Docker 的真实应用测试环境
archerysec
Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities.
att-ck
Small and highly portable detection tests based on MITRE's ATT&CK.
awakening-conscience
利用公开的验证漏洞框架 编写批量测试脚本
awesome-cyber-security
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
bypass-firewalls-by-DNS-history
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
CVE-2019-5786
FileReader Exploit
EnumStrike
Cobalt Strike Aggressor script to automate host and domain enumeration.
gengzimingli
此为庚子年梳理的八字命理手册
metasploit-framework
Metasploit Framework
sec-tool-list
More than 16000 security tools, sorted by star count. Both in markdown and json format.
thinkphp-RCE-POC-Collection
thinkphp v5.x 远程代码执行漏洞-POC集合
WCE
This Python tool enables network node command and exfiltration while applying OPSEC to ensure the process is hidden by transmitting commands through window flags.
ZentaoSqli
zentao v16.5 SQL injection POC