Hacker101

A terminal based graphical activity monitor inspired by gtop and vtop

PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.

Get the User:Password from Chrome(include version < 80 and version > 80)

7 days golang apps from scratch (web framework Gee, distributed cache GeeCache, object relational mapping ORM framework GeeORM etc) 7天用Go动手写/从零实现系列

A Pythonic framework for threat modeling

Sub-Domain TakeOver Vulnerability Scanner

一键提取安卓应用中可能存在的敏感信息。

Cobalt Strike - Go External C2 Client

Top disclosed reports from HackerOne

一个Mac下信息搜集小脚本 主要用于信息搜集/应急响应/检测挖矿进程/异常进程/异常启动项

Graph platform for Detection and Response

Building powerful interactive prompts in Go, inspired by python-prompt-toolkit.

Automatic Discrepancy Discovery for DPI Elusion

python3 写的一些权限维持脚本

🐈美杜莎扫描器https://www.ascotbe.com/Medusa

Multi-hop Proxy Tool for pentesters

ATTCK-PenTester-Book

Proof of Concepts

Struts2漏洞扫描利用工具 - Golang版. Struts2 Scanner Written in Golang

在内网渗透过程中，对可以出网的机器是十分渴望的。在收集大量弱口令的情况下，一个一个去测试能不能出网太麻烦了。所以就有了这个工具，可配合如wmiexec、psexec等横向工具进行批量检测，该工具可以在dnslog中回显内网ip地址和计算机名，可实现内网中的快速定位可出网机器。

Find domains and subdomains related to a given domain

JSONP Hunter in burpsuite.

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Th…

AV/EDR evasion via direct system calls.

Sample queries for Advanced hunting in Microsoft Defender ATP

Windows Events Samples