GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

Web-Security-Learning

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

Dirty COW

CVE-2021-40444 PoC

Sreg可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.

A wiki focusing on aggregating and documenting various SQL injection methods

Flash钓鱼弹窗优化版

一些实用的python脚本

python-pentesting-tool

TWINT Graph Visualizer

python 邮件钓鱼

How to Guess Accurately 3 Lottery Numbers Out of 6

Ultimate phishing tool. Socialize with the credentials.终极网络钓鱼工具。与凭证进行社交。https://github.com/UndeadSec

QQ空间的一个钓鱼链接，可在后台查询上当的用户名和密码

NOTTHING

Exploits for some of the vulnerabilities I have discovered

最完整的网络钓鱼工具，可自定义32个模板+1

Ansible module for OWASP ZAP using Python API to scan web targets for security issues

一个fuzzdb扩展库 弱密码和各语言网站后台/漏洞/备份文件路径

字典、payload

钓鱼网站mofiu.cn