Stars
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A little tool to play with Windows security
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
windows-kernel-exploits Windows平台提权漏洞集合
Nmap script to guess* a GitLab version.
🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等
📡 PoC auto collect from GitHub.
Automatically Collect POC or EXP from GitHub by CVE ID. If you are unable to find the POC/EXP on GitHub, you can also check here: https://pocorexps.nsa.im/
Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。
【Hello-CTF labs】PHP文件包含类靶场,各类协议的讲解以及基于协议的LFI/RFI
一款后渗透免杀工具,助力每一位像我这样的脚本小子快速实现免杀,支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader
Security Guide for Developers (实用性开发人员安全须知)
📦 Make security testing of K8s, Docker, and Containerd easier.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
python安全和代码审计相关资料收集 resource collection of python security and code review
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
List of Awesome Asset Discovery Resources