hkwolf Goto Github PK
Type: User
Type: User
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
“冰蝎”动态二进制加密网站管理客户端
**菜刀及其衍生版本的Webshell管理工具收集
总
a little tool help CTFer solve RSA problem
China's first CTFTools framework.**国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
exp of CVE-2018-15982
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
Web path scanner
DZ3.4版本的微信登录漏洞进行垂直越权
Windows Exploits
Use a Fake image.jpg to exploit targets (hide known file extensions)
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A `.git` folder disclosure exploit
A tool to exploit the hash length extension attack in various hashing algorithms
A simple demo for captcha identifying with JavaScript 一个简单的JS验证码识别示例
Expose your local endpoints to the Internet
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Dex to Java decompiler
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
My proof-of-concept exploits for the Linux kernel
大型内网渗透扫描器&Cobalt Strike,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2系列等,密码口令爆破含(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、LDAP、SmbHash、WmiHash)等,可高度自定义插件支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器一键生成Web漏洞POC,可快速扩展扫描或利用能力。支持Cobalt Strike 3.X-4.0
linux-kernel-exploits Linux平台提权漏洞集合
Metasploit Framework
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.