pythonjwm's repositories
Rubeus-GUI
GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements
AD_Pentest
红队|域渗透重要漏洞汇总(持续更新)
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
BurpFastJsonScan
一款基于BurpSuite的被动式FastJson检测插件
CAudit
集权设施扫描器
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
chatViewTool
基于Java实现的图形化微信聊天记录解密查看器
CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
command
红队常用命令速查
dbeaver
Free universal database tool and SQL client
dirsearch
Web path scanner
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
GoBypass
Golang免杀生成工具
GUI_Tools
一个由各种图形化渗透工具组成的工具集
Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
Invoke-Obfuscation-Bypass
Invoke-Obfuscation-Bypass + PS2EXE 过主流杀软
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
RemotePotato0
Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Sharp-dumpkey
基于C#实现的获取微信数据库密钥的小工具
SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
SpringBootEnvDecrypt
SpringBoot获取被星号脱敏的密码的明文
sql-injection-payload-list
🎯 SQL Injection Payload List
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
zBang
zBang is a risk assessment tool that detects potential privileged account threats