📚 黑客X档案2002-2012、黑客防线 2000-2015

A plugin that allows you execute python and get return to BurpSuite.

Using Socks4/5 proxy to make a multithread Http-flood/Https-flood (cc) attack.

A collection of various awesome lists for hackers, pentesters and security researchers

The fastest and cross-platform subdomain enumerator, don't waste your time.

“冰蝎”动态二进制加密网站管理客户端

bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)

基于poc-t 并在此基础上增加批量功能！

CMS (Content Management Systems) Detection and Exploitation suite

The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.

一个fuzzdb扩展库

RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: https://www.youtube.com/watch?v=Ul8uPvlOsug

Docker-Compose file for vulnerability environment

Finds unknown classes of injection vulnerabilities

windows-kernel-exploits Windows平台提取漏洞集合

This is a webshell open source project

a plenty of poc based on python

[Project-Kob-6]The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合集👻

An easy tool to generate backdoor with msfvenom (a part from metasploit framework) and easy post exploitation attack. This tool compiles a malware with popular payload and then the compiled malware…

A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Web application bruteforcer

A collection of android security related resources