Qftm/Information_Collection_Handbook

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Qftm/Information_Collection_Handbook)

Qftm / Information_Collection_Handbook

Handbook of information collection for penetration testing and src

☆834

Alternatives and similar repositories for Information_Collection_Handbook

Users that are interested in Information_Collection_Handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

timwhitez / crawlergo_x_XRAY
View on GitHub
360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
☆1,185Nov 10, 2021Updated 4 years ago
c0ny1 / chunked-coding-converter
View on GitHub
Burp suite 分块传输辅助插件
☆2,033Feb 23, 2022Updated 4 years ago
r0eXpeR / redteam_vul
View on GitHub
红队作战中比较常遇到的一些重点系统漏洞整理。
☆2,520Jul 17, 2021Updated 4 years ago
CTF-MissFeng / bayonet
View on GitHub
bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
☆1,512Nov 22, 2022Updated 3 years ago
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,123Apr 10, 2026Updated 3 weeks ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
threedr3am / learnjavabug
View on GitHub
Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…
☆2,696Mar 14, 2024Updated 2 years ago
broken5 / WebAliveScan
View on GitHub
对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描
☆914Dec 8, 2022Updated 3 years ago
LangziFun / LangSrcCurise
View on GitHub
SRC子域名资产监控
☆1,298Jan 14, 2021Updated 5 years ago
aleenzz / MYSQL_SQL_BYPASS_WIKI
View on GitHub
mysql注入,bypass的一些心得
☆1,327Jun 25, 2024Updated last year
1120362990 / vulnerability-list
View on GitHub
在渗透测试中快速检测常见中间件、组件的高危漏洞。
☆726Mar 21, 2022Updated 4 years ago
zhzyker / exphub
View on GitHub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、…
☆4,276Apr 4, 2021Updated 5 years ago
Qianlitp / crawlergo
View on GitHub
A powerful browser crawler for web vulnerability scanners
☆3,031Mar 11, 2025Updated last year
boy-hack / wooyun-payload
View on GitHub
从wooyun中提取的payload，以及burp插件
☆839Jun 17, 2022Updated 3 years ago
Threezh1 / JSFinder
View on GitHub
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
☆2,928Nov 24, 2021Updated 4 years ago
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
feihong-cs / ShiroExploit-Deprecated
View on GitHub
Shiro550/Shiro721 一键化利用工具，支持多种回显方式
☆1,957Jun 4, 2021Updated 4 years ago
c0ny1 / passive-scan-client
View on GitHub
Burp被动扫描流量转发插件
☆1,461Jun 17, 2024Updated last year
Adminisme / ServerScan
View on GitHub
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
☆1,638Jun 16, 2024Updated last year
r35tart / Penetration_Testing_Case
View on GitHub
用于记录分享一些有趣的案例
☆866Jan 10, 2022Updated 4 years ago
LandGrey / webshell-detect-bypass
View on GitHub
绕过专业工具检测的Webshell研究文章和免杀的Webshell
☆1,733Nov 15, 2020Updated 5 years ago
TheKingOfDuck / fuzzDicts
View on GitHub
You Know, For WEB Fuzzing !
☆8,286Nov 13, 2023Updated 2 years ago
phith0n / JavaThings
View on GitHub
Share Things Related to Java - Java安全漫谈笔记相关内容
☆2,009Apr 9, 2025Updated last year
fofapro / Hosts_scan
View on GitHub
这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
☆1,194Apr 30, 2019Updated 7 years ago
Tycx2ry / SweetPotato_CS
View on GitHub
修改的SweetPotato，使之可以用于CobaltStrike v4.0
☆246Apr 30, 2020Updated 6 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
threedr3am / JSP-WebShells
View on GitHub
Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
☆1,405Jan 18, 2022Updated 4 years ago
Lucifer1993 / TPscan
View on GitHub
一键ThinkPHP漏洞检测
☆1,163Nov 1, 2023Updated 2 years ago
l3m0n / Bypass_Disable_functions_Shell
View on GitHub
一个各种方式突破Disable_functions达到命令执行的shell
☆1,195Oct 17, 2023Updated 2 years ago
Echocipher / AUTO-EARN
View on GitHub
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
☆739Dec 8, 2022Updated 3 years ago
opensec-cn / vtest
View on GitHub
用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
☆865Jul 21, 2019Updated 6 years ago
knownsec / ksubdomain
View on GitHub
无状态子域名爆破工具
☆2,375Mar 16, 2022Updated 4 years ago
Wh0ale / SRC-experience
View on GitHub
工欲善其事，必先利其器
☆1,616Dec 2, 2021Updated 4 years ago
LandGrey / SpringBootVulExploit
View on GitHub
SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list
☆6,131Mar 10, 2021Updated 5 years ago
lengjibo / RedTeamTools
View on GitHub
记录自己编写、修改的部分工具
☆1,464Oct 19, 2025Updated 6 months ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
QAX-A-Team / BrowserGhost
View on GitHub
这是一个抓取浏览器密码的工具，后续会添加更多功能
☆1,460May 21, 2022Updated 3 years ago
thunderbarca / Caesar
View on GitHub
一个全新的敏感文件发现工具
☆226Jan 10, 2021Updated 5 years ago
hudunkey / Red-Team-links
View on GitHub
2019年红队资源链接，资源不是本人整理出来，来自互联网，因为流传的少，特意在此做个备份，做个分享。
☆837Aug 24, 2019Updated 6 years ago
inbug-team / InScan
View on GitHub
边界打点后的自动化渗透工具
☆1,892Jul 19, 2021Updated 4 years ago
wyzxxz / jndi_tool
View on GitHub
JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行漏洞检测辅助工具
☆2,020May 21, 2024Updated last year
shmilylty / OneForAll
View on GitHub
OneForAll是一款功能强大的子域收集工具
☆9,747Sep 12, 2025Updated 7 months ago
c0ny1 / upload-fuzz-dic-builder
View on GitHub
上传漏洞fuzz字典生成脚本
☆1,276Apr 1, 2021Updated 5 years ago