GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

腾讯云官方文档

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.

A Nmap XSL implementation with Bootstrap.

Java漏洞学习笔记 Deserialization Vulnerability

学习安全运营的记录 | The knowledge base of security operation

Golang-Gin 框架写的免杀平台，内置分离、捆绑等多种BypassAV方式。

Flash钓鱼弹窗优化版

An open source analysis web log tool

A library of pretexts to use on offensive phishing engagements.

Web版webshell

一个简单的抽奖程序

简单的HTTP WEB静态文件服务，无依赖，一个命令启动。