mayter Goto Github PK
Name: mayter
Type: User
Company: ShangHai Network security company
Bio: https://www.shentoushi.top
Name: mayter
Type: User
Company: ShangHai Network security company
Bio: https://www.shentoushi.top
Share Things Related to Java - Java安全漫谈笔记相关内容
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
Framework for Kerberos relaying
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
Ladon一款用于大型网络渗透的多线程插件化综合扫描神器,含端口扫描、服务识别、网络资产、密码爆破、高危漏洞检测以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描。5.5版本内置39个功能模块,通过多种协议以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、数据库等信息,漏洞检测包含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2等,密码爆破11种含数据库(Mysql、Oracle、MSSQL)、FTP、SSH(Linux主机)、VNC、Windows密码(IPC、WMI、SMB)、Weblogic后台、Rar压缩包密码等,Web指纹识别模块可识别75种(Web应用、中间件、脚本类型、页面类型)等,可高度自定义插件POC支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器可一键生成漏洞POC快速扩展扫描能力。Ladon支持Cobalt Strike插件化扫描快速拓展内网进行横向移动。
Study Notes For Web Hacking
metasploit中文wiki
Gitbook
xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作,上传,job等相应操作。
myscan 被动扫描
自己搭建的一个ngrok服务器,可以全球访问
NodeJsScan is a static security code scanner for Node.js applications.
Not PowerShell
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Common php webshells. Do not host the file(s) on your server!
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
blog.
Tools and Techniques for Red Team / Penetration Testing
红方人员作战执行手册
Trying to tame the three-headed dog.
更新了更多的思维导图。
免杀
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
in realtime v35/40 dotnet compiler for your linux Cobalt Strike C2. New fresh compiled and obfuscated binary for each use
内网渗透中常用的c#程序整合成cs脚本,直接内存加载。持续更新~
🎯 PHP / ASP - Shell Backdoor List 🎯
SQLI labs to test error based, Blind boolean based, Time based.
基于实战沉淀下的各种弱口令字典
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.