Singapore / China

z3r0yu

Elite
@zer0yu

BugHunter@OverSpace / RedTeamer@PolarisLab / CTFer@kn0ck

Awesome-CobaltStrike. List of Awesome CobaltStrike Resources

4.4k

CyberSecurityRSS. CyberSecurityRSS: A collection of cybersecurity rss to make you better!

1.9k

Berserker. A list of useful payloads for Web Application Security and Pentest/CTF

312

mac-initialize. 💻 Mac Initial Configuration Guide(V3),macOS M1/M2 Initial for Cyberspace Security Practitioners

95

RedTeam_CheetSheets. RedTeam参考,修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

90

How-to-Hack-Like-a-Pornstar. 《How to Hack Like a Pornstar》中文翻译

86

BugBounty. web fuzzing && bug hunter

61

Open-PoC. PoC for pocsuite3 and nuclei

56

ZEROScan. Multi-Thread Vulnerability Verify Framework

55

xrecon. xrecon is a powerful web fingerprinting tool with CDN detection capabilities

44

ghtracker. CLI tool for tracking dependents repositories and sorting result by Stars ⭐

43

dotfiles. My personal macOS configuration

29

Caesar. 一个全新的敏感文件发现工具

28

CVE-2021-43798. Grafana Arbitrary File Reading Vulnerability

27

anew. A tool for adding new lines to files, skipping duplicates and written in Rust!

21

CVE_Request. only for request cve

18

dfimage. Reverse-engineer a Dockerfile from a Docker image.

17

pocsuite3-goby. pocsuite3 goby plugin

17

Cobra-RE. Cobra-W -> Cobra-RE 将进一步提升漏洞发现的准确性并降低漏报率(弃坑了)

16

CVE-2022-22965. Spring4Shell (CVE-2022-22965)

12

CVE-2021-41277. Go

9

crawlergo. A powerful browser crawler for web vulnerability scanners

8

AggressorScripts. update AggressorScripts to 2020

8

IMC_AutoLogin. 一个用于登陆IMC(网页版锐捷)的python小脚本

6

zer0yu. AboutME

5

Go-Learning-With-Hack. Go-Learning-With-Hacker--go语言HackTools开发教程从入门到入狱

5

SomePoC. Python

5

Pentest_Note. 渗透测试常规操作记录

5

awesome-burp-extensions. A curated list of amazingly awesome Burp Extensions

4

bk_spider. 爬取百度百科上面人物信息的小爬虫

3

POC-T. 渗透测试插件化并发框架

3

CTF_web. CSS

3

SafeBox. Java

3

nuclei. 对nuclei项目源码的阅读和注解

3

CrossC2. generate CobaltStrike's cross-platform payload

2

CTFENV. 为应对CTF比赛而搭建的各种环境

2

checkdomain. 对收集得到的子域名进行有效筛选

2

Pocsuite. More powerfull Pocsuite.

2

subfinder. Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

2

jalangi2. Dynamic analysis framework for JavaScript

2

chromium_for_spider. 为漏扫动态爬虫定制的浏览器

2

linux-80211n-csitool-supplementary. 802.11n CSI Tool based on iwlwifi and Linux-2.6

2

pentestEr_Fully-automatic-scanner. 定向全自动化渗透测试

2

zer0yu.github.io. HTML

2

BurpBounty. Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

2

php-cfg. A Control Flow Graph implementation in PHP

1

unserchain. PHP

1

yaklang. A programming language exclusively designed for cybersecurity

1

JNDIScan. 无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查

1

Gososerial. 参考著名漏扫XRAY的代码,无需Java环境直接从二进制角度构造Ysoserial的Payload

1

fracker. PHP function tracker

1
51
Apply