myndtt's repositories
Apache-Solr-RCE-via-Velocity-template
https://gist.githubusercontent.com/s00py/a1ba36a3689fa13759ff910e179fc133/raw/fae5e663ffac0e3996fd9dbb89438310719d347a/gistfile1.txt
APT_REPORT
Interesting apt report collection and some special ioc express
awvs_190703137
Docker Awvs
commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
Email-Categorization
Automatic email classification and categorization into organized bundles. data/ : The data folder categories.txt(http://bailando.sims.berkeley.edu/enron/enron_categories.txt): The categories which are used to label the emails emailCategorization.py: The main program, this is the program which needs to be executed. How to run this project: 1] Setting up the environment. Requires Python 3+ Libraries required: pandas numpy scikit-learn timeit (Alternatively use the Anaconda Data Science platform) 2] The data is to be downloaded from the link: http://bailando.sims.berkeley.edu/enron/enron_with_categories.tar.gz and extracted into the data/folder. The data directory should look like this after data extraction into it. data/ enron_with_categories/ 1/ 2/ 3/ 4/ 5/ 6/ 7/ 8/ 3] Run the script emailCategorization.py Expected time to complete ~15min
english-words
:memo: A text file containing 479k English words for all your dictionary/word-based projects e.g: auto-completion / autosuggestion
Event-Extraction
基于法律裁判文书的事件抽取及其应用,包括数据的分词、词性标注、命名实体识别、事件要素抽取和判决结果预测等内容
Fake-flash.cn
flash.cn钓鱼页(中文+英文)
Flash-Pop2
Flash-Pop升级版
Fuzz-Dicts
自己收集整理的一些fuzz及密码爆破字典
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
go-common
哔哩哔哩 bilibili 网站后台工程 源码
henggeFish
自动化批量发送钓鱼邮件(横戈安全团队出品)
JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/Exploit/APT/0day/Shellcode/Payload/priviledge/OverFlow/WebShell/PenTest)
kubeasz
使用Ansible脚本安装K8S集群,介绍组件交互原理,方便直接,不受国内网络环境影响
LangSrcCurise
SRC子域名资产监控
myndtt.github.io
blog
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Pentest_Note
渗透测试常规操作记录
Redis-Getshell
Redis 未授权检测,密码爆破,Webshell写入,SSH公私钥写入,定时计划反弹Shell.
RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料
twint
An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
twitter_nlp
Twitter NLP Tools
VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
x-proxy
honeypot proxy