xnianq

cve-2021-21985_exp

cve-2021-21985 exploit

awd-frame

ctf awd framework

hack_tools_for_me

自己为了方便收集的小工具

xnianq.github.io

sec-chart

安全思维导图集合

BloodHound

Six Degrees of Domain Admin

Bypass_Disable_functions_Shell

一个各种方式突破Disable_functions达到命令执行的shell

CloudFail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CobaltstrikeSource

Cobaltstrike4.1 Source

DBScanner

自动扫描内网常见sql、no-sql数据库脚本(mysql、mssql、oracle、postgresql、redis、mongodb、memcached、elasticsearch)，包含未授权访问及常规弱口令检测

DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️🔥

eBook-BypassingAVsByCSharp

eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)

external_c2_framework

Python api for usage with cobalt strike's External C2 specification

information

信息论实验

kekeo

A little toolbox to play with Microsoft Kerberos in C

linux_information

自动化收集linux信息

macOS-iOS-system-security

macos/ios exploit writeup

Middleware-Vulnerability-detection

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

Minimalistic-offensive-security-tools

A repository of tools for pentesting of restricted and isolated environments.

mitm

Nim-RunPE

A Nim implementation of reflective PE-Loading from memory

p0wnedShell

PowerShell Runspace Post Exploitation Toolkit

php_bugs

PHP代码审计分段讲解

Scanners-Box

The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合集👻

ShadowBrokersFiles

Cracked ShadowBrokers tools and latested dumps 😎

SpookFlare

Meterpreter loader generator with multiple features for bypassing client-side and network-side countermeasures.

the-backdoor-factory

Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)

web3-testxnianq

web3-testxnianq

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.