c4i's repositories
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
awesome-web-security
🐶 A curated list of Web Security materials and resources.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Android-Analysis
Getting Genymotion & Burpsuite setup for Android Mobile App Analysis
AntSword-Loader
AntSword 加载器
AWAE-Preparation
This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.
awesome-android-security
A curated list of Android Security materials and resources For Pentesters and Bug Hunters
bypass-paywalls-chrome
Bypass Paywalls web browser extension for Chrome and Firefox.
CodeExecutionOnWindows
A list of ways to execute code on Windows using legitimate Windows tools
CVE-2019-3396
Confluence Widget Connector RCE - ptquan
CVE-2019-3397
Confluence Widget Connector RCE
Ghazi
Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB in "Proxy" or "Repeater" TAB
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
medusa
Binary instrumentation framework based on FRIDA
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
pentest-tools
Custom pentesting tools
pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
powershell-browser-credentials-obtain
This repo is for research purpose only
PrivEsc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
RE-iOS-Apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
red-container
Containerized pentesting tools
RsaCtfTool
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
sandbox
sandbox
ssl-kill-switch2
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.