flywithoutwings Goto Github PK
Name: HGW XX/7
Type: User
Name: HGW XX/7
Type: User
MSF moudle jboss invoke deploy getshell Exploit & Jboss jmx-console getshell exploit
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
Telegram 中文群组列表机器人
windows提权工具 A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的下一代web应用防火墙
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
跨平台大型网络端口扫描器(支持批量A段/B段/C段/IP列表(TXT)/端口列表,Banner识别比S扫描器加强版更准)
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Ladon for Linux (Kali), Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password
ubuntu上安装kali工具集Automatically install all Kali linux tools
Kautilya是一个给人机接口设备提供各种payload的工具包,比如可以烧录给teensy,它可以帮助人们进行渗透测试。Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.
ms14068与票据传递工具 A little toolbox to play with Microsoft Kerberos in C
信息搜集与攻击工具合集 Python-Based Pentesting CLI Tool
天涯 kkndme 神贴聊房价
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、Netbios、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
lcx端口转发工具
反向代理工具 Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
Linux kernel source tree
Linux命令大全搜索工具,内容包含Linux命令手册、详解、学习、搜集。https://git.io/linux
Linux提权点检查工具 linuxprivchecker.py -- a Linux Privilege Escalation Check Script
读取登录过本机的登录失败或登录成功的所有计算机信息,在内网渗透中快速定位运维管理人员。
python修改linux日志
LOLBITS:一款基于后台智能传输服务(BITS)的C#反向Shell C# reverse shell using Background Intelligent Transfer Service (BITS) as communication protocol.
Windows / Linux Local Privilege Escalation Workshop
macos-kernel-exploits MacOS平台提权漏洞集合 https://www.sec-wiki.com
MassDNS:一款功能强大的高性能DNS子域名查询枚举侦察工具A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Metasploit Framework
meterssh是一种采取shellcode注入记忆然后隧道无论港口要在SSH来掩盖任何类型的通信作为一个正常的SSH连接。它的工作方式是通过注入shellcode到内存中,然后包口了(meterpeter在这种情况下)的shellcode在SSH回攻击者的机器。然后连接的监听localhost Meterpreter通过SSH代理沟通,受害人通过SSH隧道。所有的通信都是通过SSH隧道传输的,而不是通过网络传输的。使用说明https://www.trustedsec.com/2014/11/meterssh-meterpreter-ssh/ MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned (meterpeter in this case) by the shellcode over SSH back to the attackers machine. Then connecting with meterpreter's listener to localhost will communicate through the SSH proxy, to the victim through the SSH tunnel. All communications are relayed through the SSH tunnel and not through the network.
Gitbook
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.