wisdark Goto Github PK

superwordlist

基于实战沉淀下的各种弱口令字典

svnexploit

SvnExploit支持SVN源代码泄露全版本Dump源码

swap_digger

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

sweetpotato

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

syncthing

Open Source Continuous File Synchronization

sysmon-config

Sysmon configuration file template with default high-quality event tracing

syswhispers2bof

Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs

takeover

Sub-Domain TakeOver Vulnerability Scanner

talon

A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

tartarusgate

TartarusGate, Bypassing EDRs

teamfiltration

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

telemetrysourcerer

Enumerate and disable common sources of telemetry used by AV/EDR.

telnet-scanner

telnet服务密码撞库

termux-services

Scripts to handle services in termux.

the-book-of-secret-knowledge

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

thefatrat

Thefatrat a massive exploiting tool revealed >> An easy tool to generate backdoor and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .

threatbox

ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.

tidefinger

TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。

tikitorch

Process Hollowing

tiny-xss-payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

tls-poison

tokenvator

A tool to elevate privilege with Windows Tokens

toolanalysisresultsheet

Tool Analysis Result Sheet

tooldump-v1

Some of my custom "tools".

toolsuite

Security tools

traitor

Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins :arrow_up: :skull_and_crossbones:

trevorc2

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

trevorspray

A featureful round-robin SOCKS proxy and Python O365 sprayer based on MSOLSpray

trojan-go

Go实现的Trojan代理，支持自动证书申请/多路复用/路由功能/CDN中转，多平台，无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW. https://p4gefau1t.github.io/trojan-go/

trufflehog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history