deadpool代理池工具，可从hunter、quake、fofa等网络空间测绘平台取高质量socks5代理，或本地导入socks5代理，轮询使用代理进行流量转发。

基于chrome、firefox插件的被动式信息泄漏检测工具

DudeSuite Web Security Tools

带带弟弟 通用验证码识别OCR pypi版

一款部署于云端或本地的隧道代理池中间件，可将静态代理IP灵活运用成隧道IP，提供固定请求地址，一次部署终身使用

⚔️Windows11 Penetration Suite Toolkit 🔰 The First Windows Penetration Testing Environment on Mac M Chips

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

Kerberos relaying and unconstrained delegation abuse toolkit

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

Trying to tame the three-headed dog.

A little toolbox to play with Microsoft Kerberos in C

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

https://github.com/abatchy17/WindowsExploits

Windows Elevation(持续更新)

A swiss army knife for pentesting networks

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

Impacket is a collection of Python classes for working with network protocols.

A tool to perform Kerberos pre-auth bruteforcing

SharpDecryptPwd source, To Decrypt Navicat,Xmanager,Filezilla,Foxmail,WinSCP,etc

对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。源码：https://github.com/RowTeam/SharpDecryptPwd

这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

No longer maintained, see pinned issues

Pillager是一个适用于后渗透期间的信息收集工具

强大的敏感信息搜索工具

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

本项目集成了全网优秀的攻防武器工具项目，包含自动化利用，子域名、目录扫描、端口扫描等信息收集工具，各大中间件、cms、OA漏洞利用工具，爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。

A fast TCP/UDP tunnel over HTTP