中文langchain项目|小必应，Q.Talk，强聊，QiangTalk

SecGPT网络安全大模型

Interesting APT Report Collection And Some Special IOCs

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

A fork and successor of the Sulley Fuzzing Framework

The Security Toolkit for LLM Interactions

Struts2全漏洞扫描利用工具

TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。

pefile is a Python module to read and work with PE (Portable Executable) files

BloodyAD is an Active Directory Privilege Escalation Framework

一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出

Kerberos relaying and unconstrained delegation abuse toolkit

DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。

Chainlit's cookbook repo

上传漏洞fuzz字典生成脚本

这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。

自动化爬取并自动测试所有swagger接口

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

A Domain Name & Email Address Collection Tool

A Python based RAT 🐀 (Remote Access Trojan) for getting reverse shell 🖥️

the Network Protocol Fuzzer that we will want to use.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Hide your payload in DNS

轻量级知识库&POC管理平台

Maximizing BloodHound. Max is a good boy.

利用NTLM Hash读取Exchange邮件

Python codes of my blog.

预览效果