medasz's repositories
go-xunfeng
xunfeng by go
scan_server
端口服务识别
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
crlf-injector
A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
d-eyes
D-Eyes为绿盟科技一款检测与响应工具
DIYSearchEngine
🔍 Go 开发的开源互联网搜索引擎,附教程《自己动手开发互联网搜索引擎》
docs
互联网数字垃圾回收专用废纸篓
GatherInfo
信息收集 OR 信息搜集
go-crlf-injector
A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
gogo
面向红队的, 高度可控可拓展的自动化引擎
goproxy
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
hexo-theme-cactus
:cactus: A responsive, clean and simple theme for Hexo.
iotscan-web
这是一个基于vue3+element-plus+vite4+pinia开发一个资产测绘平台+漏洞扫描的前端项目,提供多种自定义的开发,如果你的扫描器或资产测绘平台不追求UI仅仅是为了快速开发,可以参考此项目。
ip_location_api
ip地址归属地查询api
no-defender
no-defender re-up all credit goes to https://github.com/es3n1n/no-defender
nuclei_poc
Nuclei POC,每日更新
penetration-suite-toolkit
本项目制作的初衷是帮助渗透新手快速搭建工作环境,工欲善其事,必先利其器。
SiteScan
专注一站化解决渗透测试的信息收集任务,功能包括域名ip历史解析、nmap常见端口爆破、子域名信息收集、旁站信息收集、whois信息收集、网站架构分析、cms解析、备案信息收集、CDN信息解析、是否存在waf检测、后台寻找以及生成检测结果html报告表。
tcping
ping over a tcp connection
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
windows
Windows inside a Docker container.