cwkiller/Pentest_Dic external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cwkiller/Pentest_Dic

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cwkiller/Pentest_Dic)

Close

cwkiller / Pentest_DicView on GitHubMore

• External links
• Readme badge

自己收集整理自用的字典

☆238Jun 9, 2023Updated 2 years ago

Alternatives and similar repositories for Pentest_Dic

Users that are interested in Pentest_Dic are comparing it to the libraries listed below

• 7hang / Fuzz_dic

  View on GitHub
  参数 | 字典 collections
  ☆671Apr 20, 2021Updated 4 years ago
• broken5 / WebAliveScan

  View on GitHub
  对目标域名进行快速的存活扫描、简单的指纹识别、目录扫描
  ☆915Dec 8, 2022Updated 3 years ago
• p1g3 / JSINFO-SCAN

  View on GitHub
  递归式寻找域名和api。
  ☆723Aug 3, 2023Updated 2 years ago
• evilc0deooo / PentesterSpecialDict

  View on GitHub
  构建优化高效的渗透 fuzz 字典合集
  ☆1,887Jun 17, 2025Updated 8 months ago
• xinyu2428 / TDOA_RCE

  View on GitHub
  通达OA综合利用工具
  ☆517Mar 17, 2021Updated 4 years ago
• wyzxxz / jndi_tool

  View on GitHub
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆2,011May 21, 2024Updated last year
• FunnyWolf / pystinger

  View on GitHub
  Bypass firewall for traffic forwarding using webshell
  ☆1,430Sep 29, 2021Updated 4 years ago
• cwkiller / unauthorized-check

  View on GitHub
  扫描常见未授权访问（redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop）
  ☆191Apr 24, 2020Updated 5 years ago
• wafinfo / Sunflower_get_Password

  View on GitHub
  一款针对向日葵的识别码和验证码提取工具
  ☆922Nov 1, 2021Updated 4 years ago
• CTF-MissFeng / GoScan

  View on GitHub
  GoScan是采用Golang语言编写的一款分布式综合资产管理系统，适合红队、SRC等使用
  ☆717May 6, 2021Updated 4 years ago
• threedr3am / JSP-WebShells

  View on GitHub
  Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
  ☆1,404Jan 18, 2022Updated 4 years ago
• zilong3033 / fastjsonScan

  View on GitHub
  fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
  ☆124May 14, 2021Updated 4 years ago
• Power7089 / PenetrationTest-Tips

  View on GitHub
  渗透测试，渗透测试小技巧，渗透测试Tips，师傅们跟我一起维护更新吧~
  ☆876Jun 8, 2021Updated 4 years ago
• uknowsec / SharpDecryptPwd

  View on GitHub
  对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。源码：https://github.com/RowTeam/SharpDecrypt…
  ☆1,260Mar 16, 2022Updated 3 years ago
• Daybr4ak / C2ReverseProxy

  View on GitHub
  一款可以在不出网的环境下进行反向代理及cs上线的工具
  ☆491Apr 26, 2023Updated 2 years ago
• gh0stkey / Web-Fuzzing-Box

  View on GitHub
  Web Fuzzing Box - Web 模糊测试字典与一些Payloads
  ☆2,448May 28, 2025Updated 9 months ago
• zer0yu / Caesar

  View on GitHub
  一个全新的敏感文件发现工具
  ☆28Jan 7, 2021Updated 5 years ago
• insightglacier / Dictionary-Of-Pentesting

  View on GitHub
  Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
  ☆2,030Jul 21, 2023Updated 2 years ago
• canc3s / cIPR

  View on GitHub
  将域名转为ip段权重
  ☆215Mar 14, 2023Updated 2 years ago
• c0ny1 / upload-fuzz-dic-builder

  View on GitHub
  上传漏洞fuzz字典生成脚本
  ☆1,270Apr 1, 2021Updated 4 years ago
• LandGrey / domainNamePredictor

  View on GitHub
  一个简单的现代化公司域名使用规律预测及生成工具
  ☆388Feb 24, 2022Updated 4 years ago
• sv3nbeast / ShiroScan

  View on GitHub
  Shiro<=1.2.4反序列化，一键检测工具
  ☆987Mar 4, 2021Updated 5 years ago
• TeraSecTeam / ary

  View on GitHub
  Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。
  ☆340Feb 15, 2021Updated 5 years ago
• DeEpinGh0st / Erebus

  View on GitHub
  CobaltStrike后渗透测试插件
  ☆1,554Oct 28, 2021Updated 4 years ago
• fofapro / Hosts_scan

  View on GitHub
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆1,189Apr 30, 2019Updated 6 years ago
• bit4woo / domain_hunter_pro

  View on GitHub
  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
  ☆2,116Jan 23, 2026Updated last month
• wyzxxz / aksk_tool

  View on GitHub
  AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储/火山引擎 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS…
  ☆779Feb 13, 2025Updated last year
• lijiejie / swagger-exp

  View on GitHub
  A Swagger API Exploit
  ☆1,370Jun 7, 2024Updated last year
• Lucifer1993 / SatanSword

  View on GitHub
  红队综合渗透框架
  ☆1,178May 11, 2023Updated 2 years ago
• TheKingOfDuck / burpFakeIP

  View on GitHub
  服务端配置错误情况下用于伪造ip地址进行测试的Burp Suite插件
  ☆1,643Sep 29, 2022Updated 3 years ago
• Summer177 / seeyon_exp

  View on GitHub
  致远OA综合利用工具
  ☆418Jun 3, 2021Updated 4 years ago
• An0nySec / ShadowUser

  View on GitHub
  影子用户 克隆
  ☆233Dec 30, 2021Updated 4 years ago
• ggg4566 / BurpBountyPlus

  View on GitHub
  BurpBounty 魔改版本
  ☆418Mar 21, 2022Updated 3 years ago
• Stardustsky / SaiDict

  View on GitHub
  弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
  ☆1,203Dec 16, 2021Updated 4 years ago
• lengjibo / RedTeamTools

  View on GitHub
  记录自己编写、修改的部分工具
  ☆1,461Oct 19, 2025Updated 4 months ago
• Tycx2ry / SweetPotato_CS

  View on GitHub
  修改的SweetPotato，使之可以用于CobaltStrike v4.0
  ☆246Apr 30, 2020Updated 5 years ago
• LandGrey / webshell-detect-bypass

  View on GitHub
  绕过专业工具检测的Webshell研究文章和免杀的Webshell
  ☆1,733Nov 15, 2020Updated 5 years ago
• lengjibo / NetUser

  View on GitHub
  使用windows api添加用户，可用于net无法使用时.分为nim版，c++版本，RDI版，BOF版。
  ☆421Sep 29, 2021Updated 4 years ago
• r0eXpeR / redteam_vul

  View on GitHub
  红队作战中比较常遇到的一些重点系统漏洞整理。
  ☆2,521Jul 17, 2021Updated 4 years ago