Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy serv…
A plugin for Mac WeChat
A little tool to play with Windows security
Pre-Built Vulnerable Environments Based on Docker-Compose
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
GO Simple Tunnel - a simple tunnel written in golang
🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP po…
Impacket is a collection of Python classes for working with network protocols.
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Fast subdomains enumeration tool for penetration testers
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
windows-kernel-exploits Windows平台提权漏洞集合
You Know, For WEB Fuzzing ! 日站用的字典。
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…