Light

coollce Goto Github PK

followers: 5.0 following: 0.0 repos: 52.0 gists: 0.0

Type: User

日常脚本

更新采集中。。。

Baidu_OCR:百度ocr识别api接口

baacloud_singn:vpn签到领流量

linux_sec_check:linux安全检查shell

rad_xray:xray和rad的自动联动

redis_nopassword:redis未授权检测及写入公钥

tools.sign:Tools签到脚本

红队

信息收集

渗透工具: https://github.com/lz520520/railgun
扫描工具Goby:https://github.com/gobysec/Goby
k8gege扫描器 https://github.com/k8gege/K8CScan　　
长亭Xray https://github.com/chaitin/xray　　
Dirsearch（扫目录） https://github.com/maurosoria/dirsearch　　
Dirmap（扫目录） https://github.com/H4ckForJob/dirmap　　
CMS识别 https://github.com/Tuhinshubhra/CMSeeK

超级弱口令检查工具:https://github.com/shack2/SNETCracker　　

https://github.com/shmilylty/OneForAll　　子域收集工具
https://github.com/lijiejie/subDomainsBrute　　subdomainsbtute（子域）

https://github.com/BugScanTeam/GitHack　　Git泄露
https://github.com/BugScanTeam/GitHack　　Git 信息泄露
https://github.com/kost/dvcs-ripper　　常规信息泄露

https://github.com/TheKingOfDuck/fuzzDicts　　fuzzdb

后渗透

https://github.com/BloodHoundAD/BloodHound　　域用户
https://ngrok.com/　　内网穿透1
https://github.com/fatedier/frp　　内网穿透2
https://github.com/sensepost/reDuh　　内网穿透3
https://github.com/SECFORCE/Tunna　　内网穿透4
https://github.com/BeichenDream/Godzilla/ 　　哥斯拉 Webshell
https://github.com/rebeyond/Behinder/　　冰蝎 Webshell
https://github.com/FireFart/dirtycow　　脏牛提权（cve-2016-5159）

View Code
https://github.com/dirtycow/dirtycow.github.io　　脏牛提权1（cve-2016-5159）
https://github.com/gbonacini/CVE-2016-5195　　脏牛提权2（cve-2016-5159）

View Code
https://github.com/abatchy17/WindowsExploits　　提权漏洞（2017.5）
https://github.com/QAX-A-Team/BrowserGhost 浏览器信息收集
https://github.com/SecureAuthCorp/impacket　　Impacket是用于网络协议的Python类的集合
https://github.com/yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD　　disable_function.工具

蓝队

威胁情报

https://www.virustotal.com/　　VirusTotal
https://x.threatbook.cn/　　微步在线
https://ti.qianxin.com/　　奇安信威胁情报
https://ti.360.cn/#/homepage　　360威胁情报中心
https://www.venuseye.com.cn/　　启明星辰威胁情报
https://redqueen.tj-un.com　　REDQUEEN
https://poma.nsfocus.com/　　绿盟的威胁分析中心
https://habo.qq.com/　　腾讯哈勃系统
https://mac-cloud.riskivy.com　　FreeBuf × 漏洞盒子「大圣云沙箱」

漏洞情报

https://www.secshi.com/circle/qingbao　　安全师情报共享
https://www.seebug.org/　　seebug
https://nosec.org/home/index/hole.html　　nosec

webshell查杀

应急响应工具

https://github.com/grayddq/GScan　　Linux主机排查
https://github.com/T0xst/linux　　Linux 安全检查

coollce's Projects

2022-hw-poc

2022 护网行动 POC 整理

ajpy

arl

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

awesome-cobaltstrike

cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources

awesome-hacking

awesome hacking chinese version

awvs14-scan

针对 Acunetix AWVS扫描器开发的批量扫描脚本，支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项，支持联动xray、burp、w13scan等被动批量

awvs_api

python AWVS api

burpbountyplus

BurpBounty 魔改版本

burpsuite-collections

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

catchmail

CatchMail can be used to find some email addresses!

cknife

Cknife

cobaltstrike

CobaltStrike's source code

coollce

一些小脚本，tools.sign:Tools签到脚本;YAPI远程代码执行

cornerstone

Linux命令转发记录

crawlergo

A powerful dynamic crawler for web vulnerability scanners

crawlergo_x_xray

360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能

cve-2018-15473_burte

openssh<7.7 用户名枚举

cve-2021-31166

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

dirtycow

exploits

fatrat

PowerFull Administration Tool For Linux

gscan

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

javaweb-vuln

RASP测试靶场

jndiexploit-1

一款用于JNDI注入利用的工具，大量参考/引用了Rogue JNDI项目的代码，支持直接植入内存shell，并集成了常见的bypass 高版本JDK的方式，适用于与自动化工具配合使用。

k8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

nessus_to_jira

nessus和 AWVS的扫描结果自动筛选之后提交issue到jira上去

octopus

Open source pre-operation C2 server based on python and powershell

password_brute_dictionary

口令爆破字典，有键盘组合字典、拼音字典、字母与数字混合这三种类型

peach_fuzzing

在学习使用peach进行模糊测试时，搜集到的一些不错的资料，以及配套的一些软件或脚本。

peiqi-wiki-poc

鹿不在侧，鲸不予游🐋

1
2

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.