Skip to content

History63/tools

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 

Repository files navigation

脚本小子天堂~

0x00 信息收集

移动端信息收集

ApkAnalyser https://github.com/TheKingOfDuck/ApkAnalyser

AppInfoScanner https://github.com/kelvinBen/AppInfoScanner

目录扫描

dirsearch 目录扫描工具 https://github.com/maurosoria/dirsearch

feroxbuster 目录扫描工具 https://github.com/epi052/feroxbuster

指纹识别

ObserverWard 指纹识别工具 https://github.com/0x727/ObserverWard

ObserverWard 指纹识别工具 https://github.com/0x727/ObserverWard

EHole(棱洞)3.0 指纹探测工具 https://github.com/EdgeSecurityTeam/EHole

OneForAll 子域收集工具 https://github.com/shmilylty/OneForAll

端口扫描

Naabu 端口扫描 https://github.com/projectdiscovery/naabu

接口探测

URLFinder https://github.com/pingc0y/URLFinder

敏感文件

.git文件泄露 https://github.com/lijiejie/GitHack

trufflehog敏感信息检测 https://github.com/trufflesecurity/trufflehog

ihoneyBakFileScan 备份文件泄露扫描 https://github.com/VMsec/ihoneyBakFileScan_Modify

CDN绕过

cloudflare绕过查找ip https://github.com/christophetd/CloudFlair

子域名

Payer轻量级快速探测子域名 https://github.com/Pik-sec/Payer

ksubdomain子域名爆破 https://github.com/knownsec/ksubdomain

subDomainsBrute子域名爆破 https://github.com/lijiejie/subDomainsBrute

空间测绘

fofa_viewer fofa图形化查询 https://github.com/wgpsec/fofa_viewer

0x01 web集成化工具

AsamF 资产收集工具 https://github.com/Kento-Sec/AsamF

MYExploit 综合利用工具 https://github.com/achuna33/MYExploit

railgun 渗透集成化工具 https://github.com/lz520520/railgun

ARL 资产侦察灯塔 https://github.com/TophantTechnology/ARL

GOBY网络安全测试工具 https://github.com/gobysec/Goby

YAKIT 网络安全单兵工具 https://github.com/yaklang/yakit

shuize(水泽) 信息收集 https://github.com/0x727/ShuiZe_0x727

0x02 web漏洞利用

Webshell管理 https://github.com/BeichenDream/Godzilla

aliyun-accesskey-Tools https://github.com/mrknow001/aliyun-accesskey-Tools

漏洞扫描

Komo信息收集与漏洞利用 https://github.com/komomon/Komo

afrog快速打点漏洞扫描 https://github.com/zan8in/afrog

AutoPWN-Suite漏洞扫描器 https://github.com/GamehunterKaan/AutoPWN-Suite

scan4all漏洞扫描 https://github.com/hktalent/scan4all

POC-bomber 漏洞扫描器 https://github.com/tr0uble-mAker/POC-bomber

EasyPen 综合利用工具 https://github.com/lijiejie/EasyPen

Exphub 漏洞利用脚本 https://github.com/zhzyker/exphub

nuclei 漏洞扫描器 https://github.com/projectdiscovery/nuclei

一款功能强大的安全评估工具Xray https://github.com/chaitin/xray

afrog 是一款性能卓越、快速稳定、PoC 可定制化的漏洞扫描工具 https://github.com/zan8in/afrog

是一款 web 漏洞扫描和验证工具vulmap https://github.com/zhzyker/vulmap

xss漏洞

dalfox xss漏洞扫描器 https://github.com/hahwul/dalfox

中间件漏洞利用

JNDI-Inject-Exploit注入 https://github.com/exp1orer/JNDI-Inject-Exploit

jndi_tool注入工具 https://github.com/wyzxxz/jndi_tool

JNDIExploit注入工具 https://github.com/0x727/JNDIExploit

Spring系列漏洞利用工具 https://github.com/SummerSec/SpringExploit

SpringBootExploit https://github.com/0x727/SpringBootExploit

Springboot漏洞全家桶 https://github.com/woodpecker-appstore/springboot-vuldb

shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/SummerSec/ShiroAttack2

shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马) https://github.com/j1anFen/shiro_attack

Cloud-Bucket-Leak-Detection-Tools 云储存利用工具 https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools

Log4j2Scan https://github.com/whwlsfb/Log4j2Scan

ShiroExploit https://github.com/feihong-cs/ShiroExploit-Deprecated

ShiroAttack2 https://github.com/SummerSec/ShiroAttack2

thinkphp_gui_tools https://github.com/bewhale/thinkphp_gui_tools

Fastjson-Patrol https://github.com/ce-automne/FastjsonPatrol

cms漏洞

泛微oa综合利用脚本 https://github.com/z1un/weaver_exp

蓝凌OA漏洞利用工具/前台无条件RCE/文件写入 https://github.com/yuanhaiGreg/LandrayExploit

致远OA综合利用工具 https://github.com/Summer177/seeyon_exp

致远OA综合利用工具GUI-V1.0 https://github.com/God-Ok/SeeyonExploit-GUI

通达OA综合利用工具 https://github.com/xinyu2428/TDOA_RCE

0x03 内网信息收集

mscan域内网扫描 https://github.com/ddostest123/mscan

ALLiN 扫描工具 https://github.com/P1-Team/AlliN

SharpHostInfo 内网主机探测 https://github.com/shmilylty/SharpHostInfo

内网扫描fscan https://github.com/shadow1ng/fscan

0x04 内网漏洞利用

钓鱼框架

Goblin 钓鱼演练工具 https://github.com/xiecat/goblin

C2框架

manjusakaC2框架 https://github.com/YDHCUI/manjusaka

c2流量前置 https://github.com/wikiZ/RedGuard/

AtlasC2 C2框架Atlas https://github.com/Gr1mmie/AtlasC2

Malleable C2 Profiles https://github.com/xx0hcd/Malleable-C2-Profiles

提权工具

PEASS-ng 提权套装 https://github.com/carlospolop/PEASS-ng

Traitor 提权工具 https://github.com/liamg/traitor

内网穿透

Stowaway 内网穿透 https://github.com/ph4ntonn/Stowaway

Dog Tunnel(狗洞)端口映射工具 https://github.com/vzex/dog-tunnel

frp 端口映射工具 https://github.com/fatedier/frp

iox 端口转发多层内网 https://github.com/EddieIvan01/iox

0x05 云渗透

CF 云环境利用框架 https://github.com/teamssix/cf

0x06 每日文章收集

https://f5.pm

0x07 在线api调试

https://v7.apipost.cn/apis#/apis/run

0x08 在线木马分析

https://app.any.run/submissions/

0x09 在线工具大全

https://www.toolnb.com/

0x10 DNSlog

http://dnslog.cn/

https://dig.pm/

0x11 匿名上传、下载

https://pan.xj.hk/

https://www.wenshushu.cn/

https://wormhole.app/

https://airportal.cn/

https://transfer.sh/

0x12 在线游戏机

https://www.yikm.net/

0X13 SQL沙箱

MySQL

http://sqlfiddle.com/#!9

http://rextester.com/l/mysql_online_compiler

https://www.tutorialspoint.com/mysql_terminal_online.php

https://www.jdoodle.com/online-mysql-terminal

Oracle

http://sqlfiddle.com/#!4

https://livesql.oracle.com/apex/livesql/file/index.html

https://www.tutorialspoint.com/oracle_terminal_online.php

SQL Server

http://sqlfiddle.com/#!6

https://turbo.net/sql

https://sqlzoo.net/

http://www.headfirstlabs.com/sql_hands_on/

About

脚本小子天堂~

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published