A curated collection of top-tier penetration testing tools and productivity utilities across multiple domains. Join us to explore, contribute, and enhance your hacking toolkit!
☆1,314Dec 4, 2025Updated 4 months ago
Alternatives and similar repositories for awesome-hacking-lists
Users that are interested in awesome-hacking-lists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,636Jun 16, 2024Updated last year
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,521Jul 17, 2021Updated 4 years ago
- 日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种☆1,418Aug 18, 2024Updated last year
- 挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。☆423Nov 17, 2020Updated 5 years ago
- Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。☆2,040Jul 21, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- 内网域渗透小工具☆732Apr 20, 2021Updated 4 years ago
- 个人域渗透学习笔记☆1,804Feb 7, 2020Updated 6 years ago
- Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.☆1,109Updated this week
- 用于记录内网渗透(域渗透)学习 :-)☆1,240Nov 9, 2020Updated 5 years ago
- 剑指钓鱼基建快速部署自动化☆305Mar 29, 2021Updated 5 years ago
- 渗透测试常规操作记录☆4,065May 22, 2023Updated 2 years ago
- 边界打点后的自动化渗透工具☆1,894Jul 19, 2021Updated 4 years ago
- Shiro-550 不依赖CC链利用工具☆451Jun 19, 2024Updated last year
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,406Jan 18, 2022Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 记录自己编写、修改的部分工具☆1,465Oct 19, 2025Updated 5 months ago
- 红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。☆367Jun 19, 2024Updated last year
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,016May 21, 2024Updated last year
- 免杀技术大杂烩---乱拳也打不死老师傅☆1,097Mar 29, 2021Updated 5 years ago
- Medusa是一个红队�武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中☆2,226Mar 3, 2024Updated 2 years ago
- 渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell co…☆7,295Apr 3, 2026Updated last week
- 绕过专业工具检测的Webshell研究文章和免杀的Webshell☆1,733Nov 15, 2020Updated 5 years ago
- ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup☆5,660Jun 6, 2024Updated last year
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,121Apr 1, 2026Updated last week
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Bypass firewall for traffic forwarding using webshell☆1,432Sep 29, 2021Updated 4 years ago
- 信息收集 OR 信息搜集☆929Mar 13, 2024Updated 2 years ago
- Burp被动扫描流量转发插件☆1,461Jun 17, 2024Updated last year
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,538May 30, 2023Updated 2 years ago
- 红队综合渗透框架☆1,180May 11, 2023Updated 2 years ago
- 一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具☆739Dec 8, 2022Updated 3 years ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,214Jul 25, 2023Updated 2 years ago
- Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security…☆2,697Mar 14, 2024Updated 2 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红��队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆638Apr 4, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- 构建优化高效的渗透 fuzz 字典合集�☆1,890Jun 17, 2025Updated 9 months ago
- 主流供应商的一些攻击性漏洞汇总☆809Nov 8, 2021Updated 4 years ago
- List of Awesome CobaltStrike Resources☆4,403Sep 20, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year
- 这是一个抓取浏览器密码的工具,后续会添加更多功能☆1,458May 21, 2022Updated 3 years ago
- Fastjson姿势技巧集合☆1,837Oct 20, 2023Updated 2 years ago
- 有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips…☆3,861Dec 26, 2025Updated 3 months ago