Awesome-CobaltStrike. List of Awesome CobaltStrike Resources
4.4kCyberSecurityRSS. CyberSecurityRSS: A collection of cybersecurity rss to make you better!
1.9kBerserker. A list of useful payloads for Web Application Security and Pentest/CTF
312mac-initialize. 💻 Mac Initial Configuration Guide(V3),macOS M1/M2 Initial for Cyberspace Security Practitioners
95RedTeam_CheetSheets. RedTeam参考,修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips
90How-to-Hack-Like-a-Pornstar. 《How to Hack Like a Pornstar》中文翻译
86BugBounty. web fuzzing && bug hunter
61Open-PoC. PoC for pocsuite3 and nuclei
56ZEROScan. Multi-Thread Vulnerability Verify Framework
55xrecon. xrecon is a powerful web fingerprinting tool with CDN detection capabilities
44ghtracker. CLI tool for tracking dependents repositories and sorting result by Stars ⭐
43dotfiles. My personal macOS configuration
29Caesar. 一个全新的敏感文件发现工具
28CVE-2021-43798. Grafana Arbitrary File Reading Vulnerability
27anew. A tool for adding new lines to files, skipping duplicates and written in Rust!
21CVE_Request. only for request cve
18dfimage. Reverse-engineer a Dockerfile from a Docker image.
17pocsuite3-goby. pocsuite3 goby plugin
17Cobra-RE. Cobra-W -> Cobra-RE 将进一步提升漏洞发现的准确性并降低漏报率(弃坑了)
16CVE-2022-22965. Spring4Shell (CVE-2022-22965)
12CVE-2021-41277. Go
9crawlergo. A powerful browser crawler for web vulnerability scanners
8AggressorScripts. update AggressorScripts to 2020
8IMC_AutoLogin. 一个用于登陆IMC(网页版锐捷)的python小脚本
6zer0yu. AboutME
5Go-Learning-With-Hack. Go-Learning-With-Hacker--go语言HackTools开发教程从入门到入狱
5SomePoC. Python
5Pentest_Note. 渗透测试常规操作记录
5awesome-burp-extensions. A curated list of amazingly awesome Burp Extensions
4bk_spider. 爬取百度百科上面人物信息的小爬虫
3POC-T. 渗透测试插件化并发框架
3CTF_web. CSS
3SafeBox. Java
3nuclei. 对nuclei项目源码的阅读和注解
3CrossC2. generate CobaltStrike's cross-platform payload
2CTFENV. 为应对CTF比赛而搭建的各种环境
2checkdomain. 对收集得到的子域名进行有效筛选
2Pocsuite. More powerfull Pocsuite.
2subfinder. Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
2jalangi2. Dynamic analysis framework for JavaScript
2chromium_for_spider. 为漏扫动态爬虫定制的浏览器
2linux-80211n-csitool-supplementary. 802.11n CSI Tool based on iwlwifi and Linux-2.6
2pentestEr_Fully-automatic-scanner. 定向全自动化渗透测试
2zer0yu.github.io. HTML
2BurpBounty. Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
2php-cfg. A Control Flow Graph implementation in PHP
1unserchain. PHP
1yaklang. A programming language exclusively designed for cybersecurity
1JNDIScan. 无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
1Gososerial. 参考著名漏扫XRAY的代码,无需Java环境直接从二进制角度构造Ysoserial的Payload
1fracker. PHP function tracker
1