zkbupt's repositories
afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Amass
In-depth Attack Surface Mapping and Asset Discovery
awesome-bugbounty-tools
A curated list of various bug bounty tools
CVE-2018-3191
CVE-2018-3191-PoC
Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
fscan
一款内网扫描工具,方便一键大保健~
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon7.0内置83个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Llama2-Chinese
Llama中文社区,最好的中文Llama大模型,完全开源可商用
monkey
Infection Monkey - An automated pentest tool
murphysec
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
nali
一个查询IP地理信息和CDN服务提供商的离线终端工具.An offline tool for querying IP geographic information and CDN provider.
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
OneForAll
OneForAll是一款功能强大的子域收集工具
naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
POC-bomber
利用大量高威胁漏洞poc快速获取目标权限
Python-Core-50-Courses
Python语言基础50课
subDomainsBrute
A fast sub domain brute tool for pentesters
SuperWordlist
基于实战沉淀下的各种弱口令字典
theHarvester
E-mails, subdomains and names Harvester - OSINT
uncover
Quickly discover exposed hosts on the internet using multiple search engines.
vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
w12scan
🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
wappalyzer
Identify technology on websites.
WhatWeb
Next generation web scanner
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合