Name: backlion
Type: User
Company: 渗透测试研究中心公众号【渗透测试研究中心】
Bio: Penetration Testing,WEB Security Research,Red Team, penetration testing and Research Center --->>http://www.cnblogs.com/backlion
Location: **成都
Blog: http://www.cnblogs.com/backlion
backlion's Projects
search and collect windows files from multiple locations on machine and store in one centralized directory
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
安全思维导图集合
信息安全从业者书单推荐
Vulnerability Environment For Java
免杀
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
二次开发过后的CobaltStrike,版本为4.1.在原来CobaltStrike的基础上修改多处特征,解决流量查杀问题.
越权检测工具
Linux distro for intrusion detection, enterprise security monitoring, and log management
大安全各领域各公司各会议分享的PPT
收集厂商安全面经
SecurityManageFramwork是一款适用于企业内网安全管理平台,包含资产管理,漏洞管理,账号管理,知识库管、安全扫描自动化功能模块,可用于企业内部的安全管理。 本平台旨在帮助安全人员少,业务线繁杂,周期巡检困难,自动化程度低的甲方,更好的实现企业内部的安全管理。
分享在建设安全管理体系、ISO27001、等级保护、安全评审过程中的点点滴滴
关于网络安全订阅源的推荐 - 充实你的订阅源,提高信息质量。
Fileless SQL Server CLR-based Custom Stored Procedure Command Execution
A Suricata based IDS/IPS distro
批量发送钓鱼邮箱
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Automates credential skimming from service accounts in Windows Registry
通过NetSessionEnum获取域内机器对应用户
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Perform a MitM attack and extract clear text credentials from RDP connections
Shikata ga nai (仕方がない) encoder ported into go with several improvements
Auto Install Shadowsocks Server for CentOS/Debian/Ubuntu
shadowsocksr
A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
c# implementation of Active Directory Integrated DNS dumping (authenticated user)
提取DC日志,快速获取域用户对应IP地址