zhl2008's starred repositories
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
AhMyth-Android-RAT
Android Remote Administration Tool
r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
CursedChrome
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
libprocesshider
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
NetDiscovery
NetDiscovery 是一款基于 Vert.x、RxJava 2 等框架实现的通用爬虫框架/中间件。
chromebackdoor
Chromebackdoor is a PoC of pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malicious extension or script on most popular browsers, and send all DOM datas on command and control.
exploitdb-papers
The legacy Exploit Database paper repository - New repo located at https://gitlab.com/exploit-database/exploitdb-papers
gadgetinspector
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
port-forward
Go语言开发的端口转发工具 for port data forward (TavenLi)
app-env-docker
基于 Docker 的真实应用测试环境
user-agent-list
常用浏览器的user-agent列表
fastjson-rce-exploit
exploit for fastjson remote code execution vulnerability
modsec-flameeyes
Flameeyes's Ruleset for ModSecurity
anti-crawler
Anti Distributed Crawler
anti-crawler
Haozigege's Master degree thesis project for crawler detection and crawler exploit