村花's repositories
ENScan_GO
一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。
pxplan
CVE-2022-2022
horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
2022-HW-POC
2022 护网行动 POC 整理
wsMemShell
WebSocket 内存马,一种新型内存马技术
DeathSleep
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
AniYa
免杀框架
Pokemon-Shellcode-Loader
Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you.
GoFileBinder
golang免杀捆绑器
Go_Bypass
Golang Bypass Av Generator template
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
cobaltstrike_bofs
My CobaltStrike BOFS
CaptfEncoder
Captfencoder is a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
SharpWxDump
微信客户端取证,可获取用户个人信息(昵称/账号/手机/邮箱/数据库密钥(用来解密聊天记录));支持获取多用户信息,不定期更新新版本偏移,目前支持所有新版本、正式版本
pikachu
一个好玩的Web安全-漏洞测试平台
linbing
本系统是对Web中间件和Web框架进行自动化渗透的一个系统,根据扫描选项去自动化收集资产,然后进行POC扫描,POC扫描时会根据指纹选择POC插件去扫描,POC插件扫描用异步方式扫描.前端采用vue技术,后端采用python fastapi.
BypassAnti-Virus
免杀姿势学习、记录、复现。
OneForAll
OneForAll是一款功能强大的子域收集工具
pegasus_spyware
decompiled pegasus_spyware
ransomware-simulator
Ransomware simulator written in Golang
apng-canvas
APNG implementation on canvas.
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
beacon
Former attempt at creating a independent Cobalt Strike Beacon
HackBar
Firefox and Google Chrome Extension of HackBar without license
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
bypass-403
A simple script just made for self use for bypassing 403
penetration-suite-toolkit
本项目制作的初衷是帮助渗透新手快速搭建工作环境,工欲善其事,必先利其器。
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
TScan
TScan 提供了CMS指纹识别、端口扫描、旁站信息、信息泄漏等功能,期许在最短的时间辅助安全人员在渗透前做好充分的信息搜集