wiwei's starred repositories
gpt-crawler
Crawl a site to generate knowledge files to create your own custom GPT from a URL
testssl.sh
Testing TLS/SSL encryption anywhere on any port
securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
bpf-developer-tutorial
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
java-memshell-generator-release
一款支持高度自定义的 Java 内存马生成工具
burp-awesome-tls
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
wmiexec-Pro
New generation of wmiexec.py
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
ThunderSearch
小而美【支持Fofa、Shodan、Hunter、Zoomeye、Quake网络空间搜索引擎】闪电搜索器;GUI图形化(Mac/Windows)渗透测试信息搜集工具;资产搜集引擎;hw红队工具hvv
HackerPermKeeper
Linux权限维持
Restore-JS
《反爬虫JS破解与混淆还原手册》 by @No-Attack @LoseNine。 一本教你JS破解以及混淆与还原的教程。欢迎star,持续更新。
MemoryShell
JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
js-cookie-monitor-debugger-hook
js cookie逆向利器:js cookie变动监控可视化工具 & js cookie hook打条件断点
Sign-Sacker
Sign-Sacker(签名掠夺者):一款数字签名复制器,可将其他官方exe中数字签名,图标,详细信息复制到没有签名的exe中,作为免杀,权限维持,伪装的一种小手段。
java-echo-generator
一款支持高度自定义的 Java 回显载荷生成工具|A highly customizable Java echo payload generation tool.
OPSEC-Tradecraft
Collection of OPSEC Tradecraft and TTPs for Red Team Operations