Deriving RSA public keys from message-signature pairs

JWT brute force cracker written in C

Proof-of-Concept for CVE-2024-5932

一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool

Fast passive subdomain enumeration tool.

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

shellcodeloader

PrintNotifyPotato

netspy是一款快速探测内网可达网段工具（深信服深蓝实验室天威战队强力驱动）

🍯 Fake SSH Server | 一个假的 SSH Server

云资产管理工具 目前工具定位是云安全相关工具，目前是两个模块 云存储工具、云服务工具， 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务工具主要是针对rds、服务器的管理，查看、执行命令、接管等等

WebCrack是一款web后台弱口令/万能密码批量检测工具，在工具中导入后台地址即可进行自动化检测。

Fast subdomains enumeration tool for penetration testers

弱口令检测、 漏洞扫描、端口扫描（协议识别，组件识别）、web目录扫描、等保模拟定级、自动化运维、等保工具（网络安全等级保护现场测评工具）内置3级等保核查命令、基线核查工具、键盘记录器

Attack and defend active directory using modern post exploitation adversary tradecraft activity

TCP Port Redirection Utility

The goal of this repository is to document the most common techniques to bypass AppLocker.

Identifies the bytes that Microsoft Defender flags on.

This repo contains some Amsi Bypass methods i found on different Blog Posts.

Issues with WebSocket reverse proxying allowing to smuggle HTTP requests

A Linux version of the ProcDump Sysinternals tool

Search for potential frontable domains

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

This tool is for letting you know how strong your disable_functions is and how you can bypass that.

PyInstaller Extractor