该仓库整理了Web安全相关攻击示例代码和资源
A collection of hacking / penetration testing resources to make you better!
翻译 - 一系列骇客/渗透测试资源,可助您一臂之力!
SecLists 是安全测试员工作伴侣。该仓库整理了大量用于安全测试的清单集合,清单中包括弱口令,常用用户名,敏感数据特征码、模糊测试载荷等。
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
翻译 - 瑞士军刀可用于802.11,BLE和以太网侦察和MITM攻击。
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
翻译 - Nishang-进攻性PowerShell,用于红队,渗透测试和进攻性安全。
articles
翻译 - 该存储库由共享资源和撰写文章的所有社区成员创建和开发,而我唯一要做的@cry__pto就是搜索和上传文件。该存储库的更新将继续进行,直到链接数量达到10000个链接和10000个pdf文件为止。学习道德黑客和渗透测试。数百道德黑客和渗透测试,红队,网络安全和计算机科学资源。
CTF framework and exploit development library
翻译 - CTF框架和漏洞利用开发库
Some setup scripts for security research tools.
Cross-site scripting labs for web application security enthusiasts
翻译 - Web应用程序安全爱好者的跨站点脚本实验室
Guide to securing and improving privacy on macOS
翻译 - 在macOS上保护和改善隐私的指南
A curated list of CTF frameworks, libraries, resources and softwares
翻译 - CTF框架,库,资源和软件的精选清单
Quasar 是一个Windows 远程控制管理工具。用途范围从用户支持到日常管理工作再到员工监控。
Advanced dork Search & Mass Exploit Scanner
OWASP Juice Shop:可能是最不安全的现代化,复杂的网站。用于漏洞学习目的,包含多种热门安全漏洞。
List of Awesome Red Teaming Resources
Google CTF。CTF是一种流行的信息安全竞赛形式,其英文名可直译为“夺得Flag”,也可意译为“夺旗赛”
E-mails, subdomains and names Harvester - OSINT
翻译 - 电子邮件,子域和名称Harvester-OSINT
Collection of CTF Web challenges I made
翻译 - 我提出的CTF Web挑战集
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
翻译 - RSA攻击工具(主要用于ctf)-从弱公钥和/或解密数据中检索私钥
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
翻译 - 此备忘单旨在面向CTF玩家和初学者,以帮助他们通过示例了解权限提升的基础。
Web CTF CheatSheet 🐈
翻译 - Web CTF速查表🐈
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
翻译 - 微小的XSS有效载荷的集合,可以在不同的上下文中使用。
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
A curated list of awesome privilege escalation
This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.
Pwnable|Web Security|Cryptography CTF-style challenges
Everything needed for doing CTFs
翻译 - 执行CTF所需的一切
精选的Unix二进制文件列表,可以用来绕过错误配置系统中的本地安全限制
This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Gophish 是一个网络钓鱼工具,为企业和渗透测试人员而设计
保护安全,你所需要知道的一切
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Repository to index useful online tools for CTF
#安卓# An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
翻译 - 努力为所有有用的android和iOS安全相关的东西建立一个地方。所有参考和工具均属于其各自所有者。我只是维护它。
Red Teaming Tactics and Techniques
翻译 - 红队战术与技巧
The goal of this repository is to document the most common techniques to bypass AppLocker.
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
翻译 - gitGraber:监控GitHub以实时搜索和查找敏感数据,以获取各种在线服务,例如:Google,Amazon,Paypal,Github,Mailgun,Facebook,Twitter,Heroku,Stripe ...
Automation for internal Windows Penetrationtest / AD-Security
sherlock 是一个社工查询工具,能从上百个社交网站中检索指定 username 的账号是否存在
#网络爬虫# Incredibly fast crawler designed for OSINT.
翻译 - 专为OSINT设计的令人难以置信的快速搜寻器。
#Awesome# 😱 A curated list of amazingly awesome OSINT
翻译 - :scream:很棒的OSINT精选列表
fsociety Hacking Tools Pack – A Penetration Testing Framework
翻译 - fsociety Hacking Tools Pack –渗透测试框架
A Workflow Engine for Offensive Security
翻译 - 用于侦察和漏洞扫描的全自动攻击性安全框架
Phishing Campaign Toolkit
swiss army knife for hackers
翻译 - 瑞士军刀黑客
Reverse shell generator written in Python 3.
Challenges source code
#Awesome# 该仓库收集了一堆有用的工具、链接、技术博客、CheatSheet等等
Come and join us, we need you!
翻译 - CTF Wiki在线。快来加入我们,我们需要您!
A tool to analyze the network flow during attack/defence Capture the Flag competitions
翻译 - 分析攻击/防御过程中网络流量的工具,以捕获标志比赛