songofhack

awesome-pentest-note

渗透测试☞经验/思路/总结

conti-leaks-backup

backup of the conti leaks rar (not decrypted do it ur self dumbass)

Conti_Leaked

All about Conti Leak on 1 March 2022

dcat-admin

🔥 基于 Laravel 的后台系统构建工具 (Laravel Admin)，使用很少的代码快速构建一个功能完善的高颜值后台系统，内置丰富的后台常用组件，开箱即用，让开发者告别冗杂的HTML代码

Discovery

☀️ Nepxion Discovery is a solution for Spring Cloud with blue green, gray, route, limitation, circuit breaker, degrade, isolation, tracing, dye, failover 蓝绿、灰度、路由、限流、熔断、降级、隔离、追踪、流量染色、故障转移

DNSlog-GO

DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具，自带WEB界面

Domain-penetration_one-stop

域渗透一条龙

ghidra

Ghidra is a software reverse engineering (SRE) framework

HackReport

渗透测试报告/资料文档/渗透经验文档/安全书籍

Information_Security_Books

150本信息安全方面的书籍书籍（持续更新）

interactsh

An OOB interaction gathering server and client library

JNDI-Inject-Exploit

解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

JNDIExploit

对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改

jumpserver

JumpServer 是全球首款开源的堡垒机，是符合 4A 的专业运维安全审计系统。

Ladon

Ladon modular hacking framework penetration scanner & Cobalt strike, Ladon 10.1 has 180 built-in modules, including information collection / surviving host / port scanning / service identification / password blasting / vulnerability detection / vulnerability utilization. Vulnerability detection includes ms17010 / smbghost / Weblogic / ActiveMQ

libnvram

Machine-Learning

:zap:机器学习实战（Python3）：kNN、决策树、贝叶斯、逻辑回归、SVM、线性回归、树回归

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

obs-studio

OBS Studio - Free and open source software for live streaming and screen recording

PaddleOCR

Awesome multilingual OCR toolkits based on PaddlePaddle (practical ultra lightweight OCR system, support 80+ languages recognition, provide data annotation and synthesis tools, support training and deployment among server, mobile, embedded and IoT devices)

phpinfo

post-hub

后渗透：学习、实战

python_for_data_analysis_2nd_chinese_version

《利用Python进行数据分析·第2版》

QingScan

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

ShiroKeyDetect

一个ShiroKey检测工具

solon

noear:: 一个高效的 Java 应用开发框架，新兴独立的开放生态。更快、更小、更简单！！！启动快 5 ～ 10 倍；qps 高 2～ 3 倍；运行时内存节省 1/3 ~ 1/2；打包可以缩到 1/2 ~ 1/10

tools

Python渗透漏洞工具

v2rayN

A V2Ray client for Windows, support Xray core and v2fly core

winafl

A fork of AFL for fuzzing Windows binaries

ysomap

A helpful Java Deserialization exploit framework.