ice-001 Goto Github PK
Type: User
Type: User
收集的文章
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2022 护网行动 POC 整理
Ladon for Cobalt Strike & Cracked Download,Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
**蚁剑后渗透框架
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
一个各类漏洞POC知识库
Using the USB protocol vulnerability, by changing the USB internal firmware, after the normal USB interface access, simulate the function of external mouse and keyboard, so as to make the target host to execute the well-constructed command
A beacon generator using Cobalt Strike and a variety of tools.
Blue topaz themes example vault for Obsidian
一款基于BurpSuite的被动式FastJson检测插件
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
Using Socks4/5 proxy to make a multithreading Http-flood/Https-flood (cc) attack.
👩🏿💻👨🏾💻👩🏼💻👨🏽💻👩🏻💻**独立开发者项目列表 -- 分享大家都在做什么
赛博传达室老大爷
A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
A Clash GUI based on tauri. Supports Windows, macOS and Linux.
Source Code Security Audit (源代码安全审计)
Golang-Gin 框架写的免杀平台,内置分离、捆绑等多种BypassAV方式。
计算机自学指南
一款红队专用免杀木马生成器,基于shellcode生成绕过所有杀软的木马。
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Gather and update all available and newest CVEs with their PoC.
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
人人可用的开源数据可视化分析工具。
dddd(带带弟弟),是一款支持多种输入格式,主/被动指纹识别且使用简单的供应链漏洞探测工具。协助红队人员快速收集信息,测绘目标资产,寻找薄弱点。支持从Hunter、Fofa批量拉取目标。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.