xxnbyy's repositories
bsql
bsql hacker tool
bugcrowd-levelup-subdomain-enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
cmsPoc
CMS渗透测试框架-A CMS Exploit Framework
Cr3dOv3r
Know the dangers of credential reuse attacks.
CrackMapExec
A swiss army knife for pentesting networks
dirbot
Scrapy project to scrape public web directories (educational) [DEPRECATED]
dirsearch
Web path scanner
DNS-Shell
DNS-Shell is an interactive Shell over DNS channel
Dr0p1t-Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Exploits
Exploits by 1N3@CrowdShield
GitLeak
GitLeak 是一个从 Github 上查找密码信息的小工具
hack.chat
a minimal, distraction-free chat application
JavaDeserH2HC
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
JAWS
JAWS - Just Another Windows (Enum) Script
Mobile-Security-Framework-MobSF
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
MyPython
一些常用的Python脚本
net-creds
Sniffs sensitive data from interface or pcap
Pentest
tools
php_bugs
PHP代码审计分段讲解
poc-exp
poc or exp of android vulnerability
rdpwrap
RDP Wrapper Library
S7scan
a pentest scanner, To make excellent tools / 一个集七种功能的漏洞综合检测利用工具, 希望可以打造出一款优秀的渗透工具
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
shimit
A tool that implements the Golden SAML attack
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
thc-hydra
hydra
XAttacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter