EvanZhang's repositories
-
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
17010
17010
ARL-plus-docker
基于斗象灯塔ARL修改后的版本。相比原版,增加了OneForAll、**数据库,修改了altDns
Awesome-Redteam
一个攻防知识仓库
awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
cf-backup
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
CVE-2021-4034
CVE-2021-4034 1day
Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
docker-php7.2-nginx-prod-env
PHP 7.2 , Nginx 1.10.3 ,Optimized production environment for laravel.
Fuzzing-Dicts
Web Security Dictionary
Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
Java
关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
metasploit-framework
Metasploit Framework
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
olist213_Information_Security_Books
150本信息安全方面的书籍书籍(持续更新)
OSCP-
A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
POC
收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了700多个poc/exp,长期更新。
PSTools
PSTools
SecDictionary
实战沉淀字典
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
twiki
T Wiki 云安全知识文库
UACME
Defeating Windows User Account Control
webshell-venom
免杀webshell无限生成工具(利用随机异或无限免杀D盾)