whichard

RpcZoo

基于Netty和ZooKeeper的简单RPC框架

Manage-your-orders

Seller's end for the real-time ordering system

SHTipFlow

用于存储高并发流量信息的多层HashMap结构

AboutSecurity

用于渗透测试和红队基础设施建设的 payload 和 bypass 字典。A list of payload and bypass lists for penetration and red team infrastructure build.

apache-log4j-poc

Apache Log4j 远程代码执行

BurpSuite-collections

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

bylibrary

白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目

caidao-official-version

**菜刀官方版本，拒绝黑吃黑，来路清晰

CrackMapExec

A swiss army knife for pentesting networks

crowsec

视频课件和工具分享

CVE-2020-0796

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

CVE-2020-1948

Dictionary-Of-Pentesting

渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目

exphub

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本，均为亲测可用的脚本文件，优先更新高危且易利用的漏洞利用脚本，最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340

fastjson_rec_exploit

fastjson一键命令执行

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

fuzzDicts

Web Pentesting Fuzz 字典,一个就够了。

HowToCook

程序员在家做饭方法指南。Programmer's guide about how to cook at home (Chinese).

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

linux-exploit-suggester-2

Next-Generation Linux Kernel Exploit Suggester

PEST

Here is some simple and useful scripts for penetration.

Pic

seckill

苗苗 约苗 九价 秒杀 脚本

SMBGhost

Scanner for CVE-2020-0796 - SMBv3 RCE

Struts2-Scan

Struts2全漏洞扫描利用工具

TyporaCrack

TyporaCrack Typora破解 Typora激活 Typora

Veil

Veil 3.1.X (Check version info in Veil at runtime)

webgoat

WMIHACKER

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

XssPy

XssPy - Web Application XSS Scanner