medasz

go-xunfeng

xunfeng by go

scan_server

端口服务识别

sx

:vulcan_salute: Fast, modern, easy-to-use network scanner

xunfeng

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

BypassAntiVirus

远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

crlf-injector

A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.

CRLFsuite

The most powerful CRLF injection (HTTP Response Splitting) scanner.

d-eyes

D-Eyes为绿盟科技一款检测与响应工具

DIYSearchEngine

🔍 Go 开发的开源互联网搜索引擎，附教程《自己动手开发互联网搜索引擎》

docs

互联网数字垃圾回收专用废纸篓

EHole

EHole(棱洞)2.0 重构版-红队重点攻击系统指纹探测工具

GatherInfo

信息收集 OR 信息搜集

go-crlf-injector

A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.

gogo

面向红队的, 高度可控可拓展的自动化引擎

goproxy

🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。

gotestwaf

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

hexo-theme-cactus

:cactus: A responsive, clean and simple theme for Hexo.

iotscan-web

这是一个基于vue3+element-plus+vite4+pinia开发一个资产测绘平台+漏洞扫描的前端项目，提供多种自定义的开发，如果你的扫描器或资产测绘平台不追求UI仅仅是为了快速开发，可以参考此项目。

ip_location_api

ip地址归属地查询api

medasz

medasz.github.io

no-defender

no-defender re-up all credit goes to https://github.com/es3n1n/no-defender

nuclei

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.

nuclei_poc

Nuclei POC，每日更新

penetration-suite-toolkit

本项目制作的初衷是帮助渗透新手快速搭建工作环境，工欲善其事，必先利其器。

SiteScan

专注一站化解决渗透测试的信息收集任务，功能包括域名ip历史解析、nmap常见端口爆破、子域名信息收集、旁站信息收集、whois信息收集、网站架构分析、cms解析、备案信息收集、CDN信息解析、是否存在waf检测、后台寻找以及生成检测结果html报告表。

tcping

ping over a tcp connection

Villain

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

watchvuln

一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

windows

Windows inside a Docker container.