pentest

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A collection of hacking tools, resources and references to practice ethical hacking.

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A list of resources for those interested in getting started in bug bounties

windows-kernel-exploits Windows平台提权漏洞集合

hydra

📱 objection - runtime mobile exploration

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

linux-kernel-exploits Linux平台提权漏洞集合

A curated list of awesome infosec courses and training resources.

Next generation web scanner

Cyber Security ALL-IN-ONE Platform

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

大型内网渗透扫描器&Cobalt Strike，Ladon9.1.8内置160个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Git All the Payloads! A collection of web attack payloads.

A fast, simple, recursive content discovery tool written in Rust.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Phishing Tool & Information Collector