upload's repositories
this_is_my_study
this_my_ctf
basecrack
Decode All Bases - Base Scheme Decoder
BloodHound
Six Degrees of Domain Admin
bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
Cobra_upload
Source Code Security Audit (源代码安全审计)
CodeqlLearn
记录学习codeql的过程
CodeQLpy
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
conote-community
Conote 综合安全测试平台社区版。
crowsec
视频课件和工具分享
CSAgent
CobaltStrike 4.x通用白嫖及汉化加载器
Fastjson
Fastjson姿势技巧集合
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
hackerone-reports
Top disclosed reports from HackerOne
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Logout4Shell
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Sec-Tools
Sec-Tools
study
dd
study2
yj
tcyba.github.io
My blog
vulnerability-paper
收集的文章
w13scan
Passive Security Scanner (被动式安全扫描器)
weird_proxies
Reverse proxies cheatsheet
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.