jywah Goto Github PK

nmapbrutes

解析nmap扫描结果，并调用hydra进行暴力破解

nmaptools

Go语言练习，第一个小工具，nmaptools解析xml导出xlsx结果、进行web服务探测、进行socket数据探测等

nodegoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

openbili

opensoc

OpenSOC Apache Hadoop Code

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pcap-analyzer

Python编写的可视化的离线数据包分析器

pcap-analyzer-1

online pcap forensic

pcredz

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

penetration_testing_poc

渗透测试有关的POC、EXP、脚本、提权、小工具等，欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

pentest-notes

记录自己在内网渗透学习中的一些心得和技巧，不定期记录中:)

pentest_study

从零开始内网渗透学习

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

pygame

pygame (the library) is a Free and Open Source python programming language library for making multimedia applications like games built on top of the excellent SDL library. C, Python, Native, OpenGL.

red-team-links

2019年红队资源链接，资源不是本人整理出来，来自互联网，因为流传的少，特意在此做个备份，做个分享。

rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

routersploit

Exploitation Framework for Embedded Devices

satansword

红队综合渗透框架

scanners-box

The toolbox of open source scanners(a.k.a scanbox) - 安全行业从业者自研开源扫描器合辑

scapy

Scapy: the python-based interactive packet manipulation program & library

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

shadow2

渗透 超全面的渗透资料💯 包含：0day，xss，sql注入，提权……

shadowbroker

The Shadow Brokers "Lost In Translation" leak

test

trackray

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

upload-labs

一个想帮你总结所有类型的上传漏洞的靶场

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

watchdog

Watchdog是bayonet修改版，重新优化了数据库及web及扫描程序,加入多节点

web-security-attack

Web安全相关内容