ououover's repositories
1earn
暂停维护 | ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
BloodHound.py
A Python based ingestor for BloodHound
bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
Cloud-Bucket-Leak-Detection-Tools
六大云存储,泄露利用检测工具
crack
弱口令爆破工具。Weak Password Blaster Tool.
CVE-2023-20887
VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)
Mac-IOS-Security
Mac&IOS安全学习资料汇总
nimo-markdown-cv
Maintain your CV in Markdown :sparkles:
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
powershell-obfuscation
powershell免杀混淆器,简单有效。A simple and effective powershell obfuscaiton tool bypass Anti-Virus
PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
PurplePanda
Identify privilege escalation paths within and across different clouds
quarkspwdump
Dump various types of Windows credentials without injecting in any process.
radare2
UNIX-like reverse engineering framework and command-line toolset
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
RedTeamNotes
红队笔记
scalpel
scalpel是一款命令行漏洞扫描工具,支持深度参数注入,拥有一个强大的数据解析和变异算法,可以将常见的数据格式(json, xml, form等)解析为树结构,然后根据poc中的规则,对树进行变异,包括对叶子节点和树结构 的变异。变异完成之后,将树结构还原为原始的数据格式。 原理:https://mp.weixin.qq.com/s/U_llBwC05vb84U9wb8NZog
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
SharpHostInfo
SharpHostInfo是一款快速探测内网主机信息工具(深信服深蓝实验室天威战队强力驱动)
Some-PoC-oR-ExP
各种漏洞poc、Exp的收集或编写
suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
vcenter_saml_login
A tool to extract the IdP cert from vCenter backups and log in as Administrator
webshell
This is a webshell open source project