SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

DNS Enumeration Script

Fast subdomains enumeration tool for penetration testers

Fast web fuzzer written in Go

汇总了目前可以找到的所有的进程注入的方式，完成了x86/x64下的测试，不断更新中

A container repository for my public web hacks!

🎯 Command Injection Payload List

An HTTP toolkit for security research.

Browser In The Browser (BITB) Templates

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

windows-kernel-exploits Windows平台提权漏洞集合

A Nmap XSL implementation with Bootstrap.

NSE script based on Vulners.com API

This repository contains the scanner component for Greenbone Community Edition.

nessus crack for docker

Awvs Scanner、fahai

整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术，并搜集汇总了一些资料和工具。

Adversary simulation and Red teaming platform with AI

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

将安卓远控Apk附加进普通的App中，运行新生成的App时，普通App正常运行，远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote …

A swiss army knife for pentesting networks

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

::ZheTian / 强大的免杀生成工具，Bypass All.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

c++免杀绕过360,vt爆4个

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

创建隐藏计划任务，权限维持，Bypass AV