xx_smile's repositories
BurpSuite_payloads
BurpSuite Intruder payloads
7kbscan-RDP-Sniper
一款有图形界面的RDP(3389)口令检测工具
autosub
Command-line utility to transcribe/translate from video/audio/subtitles to subtitles
Burpsuite-Plugins-Usage
Burpsuite-Plugins-Usage
chromium
Chromium browser with SSL VPN. Use this browser to unblock websites.
commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
Digital-Privacy
一个关于数字隐私搜集、保护、清理集一体的方案,外加开源信息收集(OSINT)对抗 (长期更新)
ESD
Enumeration sub domains(枚举子域名)
EverydayWechat
每日自动给女朋友发微信暖心话。
http-server
a simple zero-configuration command-line http server
JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest)
Kunyu
Kunyu, more efficient corporate asset collection
Lierda_tracker
NB-iot tracker
PL-Compiler-Resource
程序语言与编译技术相关资料(持续更新中)
pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Scanners-Box
The toolbox of open source scanners(abbr - scanbox) - 安全行业从业者自研开源扫描器合辑
sqlmap
Automatic SQL injection and database takeover tool
ssh_scan
A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)
Struts2-Scan
Struts2全漏洞扫描利用工具
test.wangruilin.com
This is a subdomain takeover Repository
Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,弱口令探测,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
wechat-mp-crawler
微信公众号爬虫,可抓取文章与评论
wpscan
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
x-patrol
github泄露扫描系统