Stars
🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…
Python - 100天从新手到大师
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A collection of awesome penetration testing resources, tools and other shiny things
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
一些非常有趣的python爬虫例子,对新手比较友好,主要爬取淘宝、天猫、微信、微信读书、豆瓣、QQ等网站。(Some interesting examples of python crawlers that are friendly to beginners. )
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
windows-kernel-exploits Windows平台提权漏洞集合
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exc…
Adversary simulation and Red teaming platform with AI
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.