构建优化高效的渗透 fuzz 字典合集

删库

谷歌翻译服务器在中国大陆的IP地址扫描、测速工具。

reverse shell using curl

扫描国内可用的谷歌翻译IP

使用java网络编程实现的内网穿透、端口映射、socks5代理上网，分为服务端和客户端，类似于frp，增加了IP防火墙管理功能，通过web网页方便地添加删除IP白名单

CVE-2020-14882_ALL综合利用工具，支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。

一个基于DNS隧道的简单C2

An Efficient ProxyPool with Getter, Tester and Server

A cheatsheet for exploiting server-side SVG processors.

Python ProxyPool for web spider

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

下架

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

Adversary Emulation Framework

User-space TCP/UDP port forwarding services

n2n support for mobiles

Exploits project Hacking Command Center

Hadoop Yan ResourceManager unauthorized RCE

Fast Application Layer Scanner

You Know, For WEB Fuzzing ! 日站用的字典。

主流供应商的一些攻击性漏洞汇总

红队作战中比较常遇到的一些重点系统漏洞整理。

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

LPE exploit for a UAF in Windows (CVE-2021-40449).