cn-panda
Follow
Starred repositories
Easy and fast file sharing from the command-line.
Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
📦 Make security testing of K8s, Docker, and Containerd easier.
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Ghostscript command injection vulnerability PoC (CVE-2023-36664)
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有19w+POC,已校验有效性并去重)
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
CLI tool for tracking dependents repositories and sorting result by Stars ⭐
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
Official repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts
Standalone utility for service discovery on open ports!
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。https://github.com/fofapro/Hosts_scan implement in Go
Burp Extension for a passive scanning JS files for endpoint links.
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Log4j2 RCE Passive Scanner plugin for BurpSuite