kk-hub446 Goto Github PK

pyshell

Multiplatform Python WebShell

pystinger

Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具

qax_vpn_crack

奇安信VPN任意用户密码重置

rauton

Bug Bounty Recon Tool

reconator

Automated Recon for Pentesting & Bug Bounty

red-teaming-toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

redteam-offensivesecurity

Tools & Interesting Things for RedTeam Ops

redteamnotes

红队笔记

redteam_blueteam_hw

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

safeline

长亭科技自研，基于业界领先的语义引擎检测技术，打造的简洁、易用的免费 WAF

scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

scanners-box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

scf-proxy

schtask-bypass

免杀计划任务进行权限维持，过主流杀软。 A schtask tool bypass anti-virus

sec-tools

🍉一款基于Python-Django的多功能Web安全渗透测试工具，包含漏洞扫描，端口扫描，指纹识别，目录扫描，旁站扫描，域名扫描等功能。

secdictionary

实战沉淀字典

secgpt

A Test Project for a Network Security-oriented LLM Tool Emulating AutoGPT

secgpt2

secgpt网络安全大模型

serein

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。

sharpsqltools

SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。

shellcode-downloader-createthread-execution

This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.

shellcode_loader

ShellCode_Loader - Msf&CobaltStrike免杀ShellCode加载器、Shellcode_encryption - 免杀Shellcode加密生成工具，目前测试免杀360&火绒&电脑管家&Windows Defender（其他杀软未测试）。

shennina

Automating Host Exploitation with AI

smsboom

短信轰炸/短信测压/ | 一个健壮免费的python短信轰炸程序，专门炸坏蛋蛋，百万接口，多线程全自动添加有效接口，支持异步协程百万并发，全免费的短信轰炸工具！！hongkonger开发全网首发！！

spark

✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的，网页UI、跨平台以及多功能的远程控制和监控工具，你可以随时随地监控和控制所有设备。

spring4shell-poc

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

spring4shell-poc-1

Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit

springshell-rce-poc

CVE-2022-22965 - CVE-2010-1622 redux