且行且珍惜's repositories
2021_Hvv
2021 hw
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
awesome-electronjs-hacking
A curated list of awesome resources about Electron.js (in)security
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
Binary-Learning
滴水逆向初、中级学习笔记,不定时更新,自用仓库,不喜勿喷;感谢滴水,有如此完整体系的学习视频,白嫖党嫖了一波...感谢海东老师,听课受益匪浅。
china-operator-ip
**运营商IPv4/IPv6地址库-每日更新
Detours
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
DongTai-agent-java
“火线~洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具,可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。
DumpsterDiver
Tool to search secrets in various filetypes.
gore
GoRE - Package gore is a library for analyzing Go binaries
hooker
🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service和其他任意对象。
InScan
边界打点后的自动化渗透工具
insuperRCE
浪潮云 ClusterEngineV4.0 前台getshell
kiterunner
Contextual Content Discovery Tool
kube-scan
kube-scan: Octarine k8s cluster risk assessment tool
malware-samples
Malware samples, analysis exercises and other interesting resources.
no-sandbox
No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/
OA-Seeyou
note
OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
OpenSearch-Dashboards
Open source visualization dashboards for OpenSearch.
pd-actions
Continuous recon and vulnerability assessment using Github Actions.
qiling
Qiling Advanced Binary Emulation Framework
sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
scant3r
ScanT3r - Bug Bounty Automation Tool
SecondaryDevCobaltStrike
二次开发过后的CobaltStrike,版本为4.1.在原来CobaltStrike的基础上修改多处特征,解决流量查杀问题.
SecondaryDevCobaltStrike-1
二次开发过后的CobaltStrike,版本为4.1.在原来CobaltStrike的基础上修改多处特征,解决流量查杀问题.
sslscan
sslscan tests SSL/TLS enabled services to discover supported cipher suites
swagger-hack
自动化爬取并自动测试所有swagger接口
weblogic_cmd_plus
weblogic full vulnerability exploit tool, support T3/XMLDecoder vulnerability scanning .