reidmu/sec-note

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/reidmu/sec-note)

reidmu / sec-note

记录安全方面的笔记/工具/漏洞合集

☆439

Alternatives and similar repositories for sec-note

Users that are interested in sec-note are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

safe6Sec / PentestDB
View on GitHub
各种数据库的利用姿势
☆1,033Jan 3, 2025Updated last year
pwntester / 0day
View on GitHub
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
☆268Mar 30, 2022Updated 3 years ago
ReAbout / web-sec
View on GitHub
WEB安全手册(红队安全技能栈)，漏洞理解，漏洞利用，代码审计和渗透测试总结。【持续更新】
☆1,901Nov 7, 2025Updated 4 months ago
lcvvvv / appfinger
View on GitHub
appfinger(和风)是一款Http指纹管理工具~~~
☆101Nov 7, 2022Updated 3 years ago
White-hua / Apt_t00ls
View on GitHub
高危漏洞利用工具
☆1,830Feb 12, 2025Updated last year
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
cckuailong / vulbase
View on GitHub
各大漏洞文库合集
☆757Oct 5, 2021Updated 4 years ago
DawnFlame / POChouse
View on GitHub
POC&EXP仓库、hvv弹药库、Nday、1day
☆1,103Nov 11, 2022Updated 3 years ago
Bouquets-ai / BUG-Pocket
View on GitHub
小型漏洞库，提供FOFA语法及批量脚本，具体利用法请参考别的漏洞库，共4种类型47项
☆97Jul 31, 2021Updated 4 years ago
tr0uble-mAker / POC-bomber
View on GitHub
利用大量高威胁poc/exp快速获取目标权限，用于渗透和红队快速打点
☆2,357Jun 9, 2023Updated 2 years ago
EASY233 / BpScan
View on GitHub
一款用于辅助渗透测试工程师日常渗透测试的Burp被动漏扫插件
☆242Nov 25, 2022Updated 3 years ago
0x727 / BypassPro
View on GitHub
对Auth/Waf 自动化bypass的burpsuite插件
☆1,110Feb 28, 2026Updated 3 weeks ago
Threekiii / Vulnerability-Wiki
View on GitHub
一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.
☆2,035Mar 18, 2026Updated last week
SummerSec / SpringExploit
View on GitHub
🚀 一款为了学习go而诞生的漏洞利用工具
☆451Jun 14, 2022Updated 3 years ago
givemefivw / SecurityServiceBox
View on GitHub
一个既可以满足安服仔日常渗透工作也可以批量刷洞的工具盒子。集合了常见的域名收集、目录扫描、ip扫描、指纹扫描、PoC验证等常用工具，方便安服仔快速展开渗透测试
☆539May 5, 2023Updated 2 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
biggerduck / RedTeamNotes
View on GitHub
红队笔记
☆2,124Mar 16, 2026Updated last week
bit4woo / domain_hunter_pro
View on GitHub
domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
☆2,118Mar 3, 2026Updated 3 weeks ago
HackingCost / AD_Pentest
View on GitHub
红队|域渗透重要漏洞汇总(持续更新)
☆290Dec 23, 2022Updated 3 years ago
LittleBear4 / OA-EXPTOOL
View on GitHub
OA综合利用工具，集合将近20款OA漏洞批量扫描
☆1,339Oct 28, 2023Updated 2 years ago
safe6Sec / command
View on GitHub
红队常用命令速查
☆1,016Mar 17, 2026Updated last week
SummerSec / ShiroAttack2
View on GitHub
shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
☆2,396Apr 10, 2024Updated last year
EdgeSecurityTeam / EHole
View on GitHub
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
☆3,448Apr 2, 2024Updated last year
a1phaboy / FastjsonScan
View on GitHub
Fastjson扫描器，可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
☆1,050Oct 7, 2022Updated 3 years ago
Ryze-T / Sylas
View on GitHub
数据库综合利用工具
☆543Feb 16, 2022Updated 4 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
0range-x / Domain-penetration_one-stop
View on GitHub
域渗透一条龙
☆739Feb 16, 2022Updated 4 years ago
helloexp / 0day
View on GitHub
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
☆2,351Sep 12, 2023Updated 2 years ago
woodpecker-framework / woodpecker-framework-release
View on GitHub
高危漏洞精准检测与深度利用框架
☆1,458Jan 8, 2023Updated 3 years ago
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,470Apr 25, 2024Updated last year
bit4woo / Fiora
View on GitHub
Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。
☆1,276Jul 2, 2025Updated 8 months ago
1n7erface / Template
View on GitHub
Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描
☆1,115Sep 16, 2023Updated 2 years ago
ybdt / exp-hub
View on GitHub
Poc and Exp
☆1,237Dec 8, 2025Updated 3 months ago
xzajyjs / ThunderSearch
View on GitHub
macOS上的小而美【Fofa、Shodan、Hunter、Zoomeye、Quake网络空间搜索引擎】闪电搜索器；GUI图形化(Mac/Windows)渗透测试信息搜集工具；资产搜集引擎；hw红队工具hvv
☆665Dec 6, 2024Updated last year
Threekiii / Awesome-Redteam
View on GitHub
一个攻防知识库。A knowledge base for red teaming and offensive security.
☆4,093Updated this week
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
achuna33 / MYExploit
View on GitHub
OAExploit一款基于产品的一键扫描工具。
☆1,480Sep 20, 2022Updated 3 years ago
novysodope / RMI_Inj_MemShell
View on GitHub
rmi打内存马工具，适用于目标用不了ldap的情况
☆253Jul 12, 2023Updated 2 years ago
Junehck / SQL-injection-bypass
View on GitHub
记录实战中的各种sql注入绕过姿势
☆663Sep 7, 2022Updated 3 years ago
KimJun1010 / WeblogicTool
View on GitHub
WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
☆1,777Nov 1, 2023Updated 2 years ago
b0bac / ApolloScanner
View on GitHub
自动化巡航扫描框架（可用于红队打点评估）
☆724Feb 5, 2026Updated last month
pykiller / API-T00L
View on GitHub
互联网厂商API利用工具。
☆567Sep 13, 2024Updated last year
f0ng / poc2jar
View on GitHub
Java编写，Python作为辅助依赖的漏洞验证、利用工具，添加了进程查找模块、编码模块、命令模块、常见漏洞利用GUI模块、shiro rememberMe解密模块，加快测试效率
☆761Feb 25, 2024Updated 2 years ago