xizy's repositories
Apt_t00ls
高危漏洞利用工具
Autoscanner
输入域名>爆破子域名>扫描子域名端口>发现扫描web服务>集成报告的全流程全自动扫描器。集成oneforall、masscan、nmap、dirsearch、crawlergo、xray等工具,另支持cdn识别、网页截图、站点定位;动态识别域名并添加功能、工具超时中断等
BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
BypassAnti-Virus
免杀姿势学习、记录、复现。
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
ddddocr
带带弟弟 通用验证码识别OCR pypi版
exploit-db
exploit-db备份
exploitdb
The official Exploit Database repository
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
geacon_plus
CobaltStrike beacon written in golang
geacon_pro
重构了Cobaltstrike Beacon,行为对国内主流杀软免杀,支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.
GolangBypassAV
研究利用golang各种姿势bypassAV
graphql_notes
Important notes and methodology to follow when having encountered a graphql endpoint in the wild
HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
PEzor
Open-Source Shellcode & PE Packer
r0capture
安卓应用层抓包通杀脚本
red-team
Notes, red team materials, testing tools, etc.
Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
SrcCommon
QAQ个人收集
xingtu
星图日志分析系统反编译的源码