Glyptho's Projects
一键提取安卓应用中可能存在的敏感信息。
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
CobaltStrike 4.x通用白嫖及汉化加载器
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
My subdomain enumeration script. It's unique in the way it is built upon.
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
Config files for my GitHub profile.
This script will launch the Nuclei for selected severity like (info,low,medium,high,critical) against a subdomain list or ip list for check vulnerability.
goby poc or exp,分享goby最新网络安全漏洞检测或利用代码
goon,集合了fscan和kscan等优秀工具功能的扫描爆破工具。功能包含:ip探活、port扫描、web指纹扫描、title扫描、压缩文件扫描、fofa获取、ms17010、mssql、mysql、postgres、redis、ssh、smb、rdp、telnet、tomcat等爆破以及如netbios探测等功能。
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
This includes the methods of recon and exploit for Bug Bounty.
I have collected different open source tools for my bug-bounty. So in this repo i have organized them in a systematic way. So whenever i need something i can easily find required tools
This includes all the templates of nuclei collected from different sources
支持主动式&被动式Log4j漏洞扫描 Intranet pentesting tool with webui 开源图形化内网渗透工具
A Superfast SMS & Call bomber for Linux And Termux !
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档