n0smi1e

Goal

Goal Go Red-Team 工具类

Vulnerability-Wiki

基于 docsify 快速部署 Awesome-POC 中的漏洞文档

reverse-shell-generator

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

fuzz.txt

Potentially dangerous files

AntiHoneypot-Chrome-simple

Chrome 蜜罐检测插件

Serein

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。

webshell-detect-bypass

绕过专业工具检测的Webshell研究文章和免杀的Webshell

Cobra

Source Code Security Audit (源代码安全审计)

Fvuln

F-vuln（全称：Find-Vulnerability）是为了自己工作方便专门编写的一款自动化工具，主要适用于日常安全服务、渗透测试人员和RedTeam红队人员，它集合的功能包括：存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。

onlinetools

在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

railgun

vajra

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

nemo_go

Nemo是用来进行自动化信息收集的一个简单平台，通过集成常用的信息收集工具和技术，实现对内网及互联网资产信息的自动收集，提高隐患排查和渗透测试的工作效率。

AlliN

A flexible scanner

gosint

Gosint is a distributed asset information collection and vulnerability scanning platform

bscan

rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

CyberSpaceSearchEngine-Research

网络空间测绘/搜索引擎相关的资料

ivre

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.

github-search

A collection of tools to perform searches on GitHub.

wordlist

Sequel-Ace

MySQL/MariaDB database management for macOS

insight

洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。

PublicSecScan

针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞

monkey

Infection Monkey - An open-source adversary emulation platform

KodExplorer

A web based file manager,web IDE / browser based code editor

Cloudreve

🌩支持多家云存储的云盘系统 (Self-hosted file management and sharing system, supports multiple storage providers)

zpan

A self-hosted cloud disk base on the cloud storage./ 一个基于云存储的网盘系统，用于自建私人网盘或企业网盘。

zfile

在线云盘、网盘、OneDrive、云存储、私有云、对象存储、h5ai、上传、下载