Stars
Impacket is a collection of Python classes for working with network protocols.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles
🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Pre-Built Vulnerable Environments Based on Docker-Compose
A tool to dump the login password from the current linux user
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP po…
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…
A little tool to play with Windows security
Active Directory Integrated DNS dumping by any authenticated user
a minimal, distraction-free chat application
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exc…
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
A plugin for Mac WeChat