PentestNotes
☆842Jul 9, 2022Updated 3 years ago
Alternatives and similar repositories for blogs
Users that are interested in blogs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 红队笔记☆2,124Mar 16, 2026Updated last week
- Linux权限维持☆986Dec 29, 2025Updated 2 months ago
- 远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。☆5,037Sep 14, 2024Updated last year
- 一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.☆4,866Mar 18, 2026Updated last week
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,203Jul 25, 2023Updated 2 years ago
- 一个攻防知识库。A knowledge base for red teaming and offensive security.☆4,093Updated this week
- 《Linux提权方法论》☆805Feb 22, 2023Updated 3 years ago
- awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员☆2,071Oct 28, 2024Updated last year
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,396Apr 10, 2024Updated last year
- 本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。☆7,414Mar 16, 2026Updated last week
- 高危漏洞利用工具☆1,828Feb 12, 2025Updated last year
- EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具☆3,445Apr 2, 2024Updated last year
- You Know, For WEB Fuzzing !☆8,273Nov 13, 2023Updated 2 years ago
- Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell☆1,777Sep 26, 2023Updated 2 years ago
- 一款完全被动监听的谷歌插件,用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗☆1,656Jan 19, 2023Updated 3 years ago
- 从零学习Webshell免杀手册☆1,817May 24, 2025Updated 10 months ago
- ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗�透、Linux安全、各类靶机writup☆5,651Jun 6, 2024Updated last year
- a rep for documenting my study, may be from 0 to 0.1☆2,254Nov 10, 2025Updated 4 months ago
- 高性能 HTTP 正向代理工具 | A high-performance http tunneling tool☆2,683Feb 2, 2026Updated last month
- 一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入☆4,264Jan 5, 2026Updated 2 months ago
- FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用☆1,188Jul 12, 2024Updated last year
- Redis 漏洞利用工具☆939Jan 26, 2025Updated last year
- 域控安全one for all☆736Sep 9, 2024Updated last year
- 渗透测试常规操作记录☆4,057May 22, 2023Updated 2 years ago
- 一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.☆2,166Aug 21, 2025Updated 7 months ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,470Apr 25, 2024Updated last year
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,313Jun 29, 2024Updated last year
- 404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目☆10,473Mar 11, 2026Updated 2 weeks ago
- 2023 HVV情报速递~☆1,492Aug 24, 2023Updated 2 years ago
- 面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams☆2,028Feb 3, 2026Updated last month
- generate CobaltStrike's cross-platform payload☆2,547Nov 20, 2023Updated 2 years ago
- HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.☆4,111Mar 13, 2026Updated last week
- 实战沉淀字典☆1,532Mar 17, 2026Updated last week
- 微信收藏的文章☆797Aug 2, 2025Updated 7 months ago
- 一款快速、全面、易用的页面信息提取工具,可快速发现和提取页面中的JS、URL和敏感信息。☆3,107Jan 5, 2024Updated 2 years ago
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- macOS上的小而美��【Fofa、Shodan、Hunter、Zoomeye、Quake网络空间搜索引擎】闪电搜索器;GUI图形化(Mac/Windows)渗透测试信息搜集工具;资产搜集引擎;hw红队工具hvv☆665Dec 6, 2024Updated last year
- ☆29Feb 2, 2024Updated 2 years ago
- List of Awesome CobaltStrike Resources☆4,395Sep 20, 2023Updated 2 years ago