rakjong Goto Github PK

2019_vul_warning_poc_collect

整理的2019年厂商发布的漏洞预警公开POC集合，不足之处还希望多多补充，完善

2023hvv

2023 HVV情报速递~

31-days-of-api-security-tips

This challenge is Inon Shkedy's 31 days API Security Tips.

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

active-directory-pentest-notes

个人域渗透学习笔记

ad-attack-defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

adrecon

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

advobfuscator

Obfuscation library based on C++11/14 and metaprogramming

anti-av

Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts

argue-like-cobalt-strike

Argue like Cobalt Strike

arjun

Arjun is a python script for finding hidden GET & POST parameters.

aron

Aron is a GO script for finding hidden GET & POST parameters

asset-scan

asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统

atattack

敌后侦察

awesome-cve-poc

✍️ A curated list of CVE PoCs.

awesome-go-cn

Go 资源大全中文版， 内容包括：Web框架、模板引擎、表单、身份认证、数据库、ORM框架、图片处理、文本处理、自然语言处理、机器学习、日志、代码分析、教程和（电子）书等。

awvs-13-scan-plus

This is a companion software based on the Acunetix Web Vulnerability Scanner 13 (AWVS13) scanning engine.

backup-scan

备份目录扫描

baisheyuanqi

《白蛇缘起》小说版，大纲有不小的修改。

bestjavaer

这是一个成为更好的Java程序员的系列教程

biu-brower-ext

brutemachine

A Go library which main purpose is giving an interface to loop over a dictionary and use those words/lines as input for some custom logic such as HTTP file bruteforcing, DNS bruteforcing, etc.

burp-send-to

Adds a customizable "Send to..."-context-menu to your BurpSuite.

burpextenderpractise

burpplugin_shiro

判断是否使用shiro的burp插件

burpsuiteloader

Burp Suite loader version --> ∞

bypasswaf

bypassD盾、安全狗、云锁

caesar

一个全新的敏感文件发现工具

check-localadminhash

Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It's useful if you obtain a password hash for a user and want to see where they are local admin on a network. It is essentially a Frankenstein of two of my favorite tools along with some of my own code. It utilizes Kevin Robertson's (@kevin_robertson) Invoke-TheHash project for the credential checking portion. Additionally, the script utilizes modules from PowerView by Will Schroeder (@harmj0y) and Matt Graeber (@mattifestation) to enumerate domain computers to find targets for testing admin access against.

clamp

Creates Java classes from Jython classes