mytfx Goto Github PK

jndi-injection-exploit

JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）

jndiexploit-1

一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。

jpegsnoop

JPEGsnoop: JPEG decoder and detailed analysis

jsfinder

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

jsinfo-scan

递归式寻找域名和api。

jsp-webshells

Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

juicy-potato

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

k8cscan

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

k8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

kali-linux-web-pentest-cookbook-zh

:book: [译] Kali Linux Web 渗透测试秘籍 中文版

karkinos

Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

kernel-exploit-factory

Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.

kindeditor

WYSIWYG HTML editor

knockoutlook

A little tool to play with Outlook

kontra

A lightweight JavaScript gaming micro-library, optimized for js13kGames.

koodo-reader

A modern ebook manager and reader with sync and backup capacities for Windows, macOS, Linux and Web

ksubdomain

无状态子域名爆破工具

kunyu

Kunyu, more efficient corporate asset collection

ladon

大型内网渗透扫描器&Cobalt Strike，Ladon7.2内置94个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

ladongo

Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

landrop

Drop any files to any devices on your LAN.

laravel

A PHP framework for web artisans.

layerdomainfinder

Layer子域名挖掘机

lazagne

Credentials recovery project

legado

阅读3.0, 阅读是一款可以自定义来源阅读网络内容的工具，为广大网络文学爱好者提供一种方便、快捷舒适的试读体验。

libqalculate

Qalculate! library and CLI

liferestart

やり直すんだ。そして、次はうまくやる。

limelighter

A tool for generating fake code signing certificates or signing real ones

linux-kernel-exploites

linux-kernel-exploits Linux平台提权漏洞集合 https://www.sec-wiki.com

liqunkit_