xgit01/sgkrank

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xgit01/sgkrank)

xgit01 / sgkrank

2026最新免费社工库排行

☆2,618

Alternatives and similar repositories for sgkrank

Users that are interested in sgkrank are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

wwwwho / SGK_Sites_and_Bots
View on GitHub
免费在线社工库、Telegram社工库合集
☆77Feb 19, 2026Updated last month
Conan924 / GodInfo
View on GitHub
GodInfo 是一个功能全面的后渗透信息和凭据收集工具，旨在帮助安全测试人员在获得授权访问权限后，快速收集目标系统的信息和凭据。
☆245Apr 29, 2025Updated 11 months ago
eeeeeeeeee-code / e0e1-config
View on GitHub
综合后渗透方面的杂烩
☆575Mar 1, 2026Updated 3 weeks ago
T3nk0 / Upload_Auto_Fuzz
View on GitHub
一个用于测试文件上传功能安全性的 Burp Suite 插件。通过 Intruder 模块自动生成各类绕过 payload，覆盖常见的文件上传限制场景。共1000+条payload
☆578Dec 24, 2025Updated 3 months ago
ekkoo-z / Z-Godzilla_ekp
View on GitHub
哥斯拉webshell管理工具二次开发规避流量检测设备
☆1,057Dec 2, 2025Updated 3 months ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
abc123info / EquationToolsGUI
View on GitHub
本程序为美国NSA的方程式工具包图形界面版，由ABC_123于2017年开始编写，仅用来扫描和验证MS17-010、MS09-050、MS08-067漏洞，并可协助管理员修复系统漏洞。
☆546Jul 12, 2025Updated 8 months ago
eeeeeeeeee-code / POC
View on GitHub
备份的漏洞库，3月开始我们来维护
☆1,849Mar 12, 2026Updated 2 weeks ago
Wileysec / nacos_derby_rce
View on GitHub
Nacos Derby命令执行漏洞利用脚本
☆150Apr 7, 2025Updated 11 months ago
xiaogang000 / XG_NTAI
View on GitHub
用于Webshell木马免杀、流量加密传输，多多支持star
☆1,037Jun 27, 2025Updated 9 months ago
SleepingBag945 / dddd
View on GitHub
dddd是一款使用简单的批量信息收集,供应链漏洞探测工具，旨在优化红队工作流，减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标
☆1,824Aug 2, 2024Updated last year
ReaJason / MemShellParty
View on GitHub
一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率
☆1,375Mar 21, 2026Updated last week
wh1t3zer / SpringBootVul-GUI
View on GitHub
一个半自动化springboot打点工具，内置目前springboot所有漏洞
☆778Sep 30, 2025Updated 6 months ago
shuanx / BurpAPIFinder
View on GitHub
攻防演练过程中，我们通常会用浏览器访问一些资产，但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等，该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
☆1,383Oct 3, 2024Updated last year
pureqh / Hyacinth
View on GitHub
一款java漏洞集合工具
☆1,109Jan 13, 2026Updated 2 months ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
SexyBeast233 / SecDictionary
View on GitHub
实战沉淀字典
☆1,532Mar 17, 2026Updated last week
whwlsfb / ViewState-Cracker
View on GitHub
ASP.net ViewState密钥被动扫描爆破BurpSuite插件
☆220Nov 14, 2025Updated 4 months ago
pen4uin / java-memshell-generator
View on GitHub
一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
☆2,166Aug 21, 2025Updated 7 months ago
wafinfo / DecryptTools
View on GitHub
DecryptTools-综合解密
☆1,314Mar 2, 2025Updated last year
howmp / reality
View on GitHub
grs内网穿透工具通过reality协议隐藏特征
☆612Dec 4, 2025Updated 3 months ago
0ofo / Deswing
View on GitHub
图形化Java反序列化利用工具，集成Ysoserial
☆352May 8, 2024Updated last year
wgpsec / lc
View on GitHub
LC（List Cloud）是一个多云攻击面资产梳理工具
☆639Oct 6, 2024Updated last year
SwagXz / encrypt-labs
View on GitHub
前端加密对抗练习靶场，包含非对称加密、对称加密、加签以及禁止重放的测试场景，比如AES、DES、RSA，用于渗透测试练习
☆553Jun 17, 2025Updated 9 months ago
outlaws-bai / Galaxy
View on GitHub
一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.
☆1,060Updated this week
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
DeEpinGh0st / MDUT-Extend-Release
View on GitHub
MDUT-Extend(扩展版本)
☆849Mar 17, 2026Updated last week
Schira4396 / VcenterKiller
View on GitHub
一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
☆1,470Apr 25, 2024Updated last year
wgpsec / cloudsword
View on GitHub
一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具
☆600Feb 3, 2026Updated last month
R4gd0ll / I-Wanna-Get-All
View on GitHub
综合漏洞后渗透利用工具
☆1,699Dec 11, 2025Updated 3 months ago
whwlsfb / JDumpSpider
View on GitHub
HeapDump敏感信息提取工具
☆1,641Dec 15, 2025Updated 3 months ago
0x727 / BypassPro
View on GitHub
对Auth/Waf 自动化bypass的burpsuite插件
☆1,115Feb 28, 2026Updated last month
chainreactors / gogo
View on GitHub
面向红队的, 高性能高度自由可拓展的自动化扫描引擎 | A highly controllable and extensionable automated scanning engine for red teams
☆2,035Feb 3, 2026Updated last month
KimJun1010 / WeblogicTool
View on GitHub
WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
☆1,779Nov 1, 2023Updated 2 years ago
Lotus6 / JavaGadgetGenerator
View on GitHub
JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
☆553Dec 7, 2025Updated 3 months ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
TFour123 / Webpack_Insight
View on GitHub
用于提取Webpack打包的未加载的JavaScript文件，并扫描这些文件以查找敏感信息。
☆39Sep 17, 2025Updated 6 months ago
DeEpinGh0st / JDumpSpiderGUI
View on GitHub
JDumpSpiderGUI 是一个用于 Java 堆转储文件分析的工具，支持命令行和 JavaFX 图形界面两种模式。该工具主要是在原工具上添加了图形化的界面
☆154May 5, 2025Updated 10 months ago
whgojp / JavaSecLab
View on GitHub
JavaSecLab is a comprehensive Java vulnerability platform｜ JavaSecLab是一款综合型Java漏洞平台，提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范，覆盖多种漏洞场景，友好用户交互U…
☆826Mar 23, 2025Updated last year
cseroad / Exp-Tools
View on GitHub
一款集成高危漏洞exp的实用性工具
☆1,296Nov 6, 2024Updated last year
wgpsec / ENScan_GO
View on GitHub
一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。支持MCP接入
☆4,264Jan 5, 2026Updated 2 months ago
SickleSec / SnowEyes
View on GitHub
一款用于网页敏感信息检测，指纹识别的chrome插件
☆775Jan 13, 2026Updated 2 months ago
f0ng / autoDecoder
View on GitHub
Burp插件，根据自定义来达到对数据包的处理（适用于加解密、爆破等），类似mitmproxy，不同点在于经过了burp中转，在自动加解密的基础上，不影响APP、网站加解密正常逻辑等。
☆1,350Mar 20, 2026Updated last week