forked from 20142995/sectool
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdata.json
More file actions
4635 lines (4635 loc) · 315 KB
/
data.json
File metadata and controls
4635 lines (4635 loc) · 315 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"https://github.com/c0ny1/FastjsonExploit": {
"created_at": "2019-07-20 04:55:57",
"description": "Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)",
"commit_date": "2020-03-06 07:48:16",
"commit_message": "Merge pull request #7 from HelloCoCooo/master\n\nFix dependency conflict issue",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wjl110/CVE-Master": {
"created_at": "2022-09-17 02:49:35",
"description": "收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.",
"commit_date": "2022-09-18 14:43:11",
"commit_message": "Create CNAME",
"release_tag": "v1.0.1",
"release_date": "2022-09-23 05:29:35",
"release_message": "Kali Windows Res包括了常见的shell ,木马 , jsp , php , 后台 , fuzz , 弱口令 , 爆破密码 , 和一些小工具"
},
"https://github.com/FiveAourThe/RedTeamTools": {
"created_at": "2021-06-10 08:39:24",
"description": "分享红队常用的工具",
"commit_date": "2021-06-10 08:39:46",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/RsaCtfTool/RsaCtfTool": {
"created_at": "2015-03-07 17:29:33",
"description": "RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data",
"commit_date": "2023-05-04 20:18:18",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/admintony/svnExploit": {
"created_at": "2018-02-06 09:43:26",
"description": "SvnExploit支持SVN源代码泄露全版本Dump源码",
"commit_date": "2022-12-20 09:22:50",
"commit_message": "Do not verify the certificate\n\n取消对https证书的校验,防止一些https自签名证书dump失败",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wpscanteam/wpscan": {
"created_at": "2012-07-11 20:27:47",
"description": "WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com",
"commit_date": "2023-05-28 03:25:01",
"commit_message": "Update README.md",
"release_tag": "v3.8.22",
"release_date": "2022-04-04 14:04:28",
"release_message": "See https://github.com/wpscanteam/CMSScanner/releases/tag/v0.13.8\r\n\r\n- Minor:\r\n - Better handling of redirection, ie when target http->https (or the opposite), the target URL will be changed to the new one automatically to avoid scanning the http version and getting 301 which could result in items being missed\r\n - Better handling of unsupported HEAD method by checking for 501 and timeout as well"
},
"https://github.com/zzzskd/CORSScanner": {
"created_at": "2021-11-24 09:04:08",
"description": "CORS 跨域漏洞 burp 插件",
"commit_date": "2021-11-24 09:23:41",
"commit_message": "[UPDATE] 更新错误的 Nginx 错误配置",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/pppscn/SmsForwarder": {
"created_at": "2021-02-10 02:23:07",
"description": "短信转发器——监控Android手机短信、来电、APP通知,并根据指定规则转发到其他手机:钉钉群自定义机器人、钉钉企业内机器人、企业微信群机器人、飞书机器人、企业微信应用消息、邮箱、bark、webhook、Telegram机器人、Server酱、PushPlus、手机短信等。包括主动控制服务端与客户端,让你轻松远程发短信、查短信、查通话、查话簿、查电量等。(V3.0 新增)PS.这个APK主要是学习与自用,如有BUG请提ISSUE,同时欢迎大家提PR指正",
"commit_date": "2023-05-13 15:32:04",
"commit_message": "新增:支持Bark推送加密 #273 (详见:https://bark.day.app/#/encryption)",
"release_tag": "v3.2.0",
"release_date": "2023-02-14 09:25:00",
"release_message": "PS. 距离上一次1024发版,已经过去快5个月了,期间发生不少事,一直没更新这个项目,不管如何,魔幻的2022年都过去了!\r\n\r\n感谢大家这2年来的陪伴与支持,祝大家有情人终成眷属,情人节快乐!\r\n\r\n---\r\n\r\n### 【注意】\r\n\r\n* v3.x版本是全新重构开发,可能一开始并不稳定,建议升级前先做好数据备份!(客户端>一键换新机>离线模式>导出)\r\n\r\n* `v3.2.0` 去除了 `mmkv` 依赖,采用 `SharedPreferences` 来保存配置,升级之后通用设置中的配置请重新配置,具体原因参见 [Issue #245](https://github.com/pppscn/SmsForwarder/issues/245)\r\n\r\n* 升级完毕后,建议离线导出配置,完全卸载干净全新安装后再导入配置(可以避免一些莫名其妙的玄学问题,例如:耗电异常)\r\n\r\n---\r\n\r\n### 更新日志\r\n\r\n* 新增:短信指令(根据短信指令开关对应功能) #I5YX3F\r\n* 新增:监听网络状态变化提醒(APP通知转发,包名:77777777) #259\r\n* 新增:远程改话簿(方便给老人家添加联系人) #256\r\n* 新增:远程查询手机定位(方便找回手机/防止老少走丢) #256\r\n* 新增:Socket发送通道(支持MQTT/TCP/UDP协议) #252\r\n* 新增:发送通道 URL Scheme(支持跨应用数据传递)#250\r\n* 新增:自动消除额外APP通知 #232 #248\r\n\r\n* 优化:短信/通话转发获取卡槽信息机制(自行备注卡槽SubId对应)#228 #235\r\n* 优化:来电转发逻辑 & 新增提醒类型(1.来电挂机 2.去电挂机 3.未接来电 4.来电提醒 5.来电接通 6.去电拨出)\r\n* 优化:单个转发规则支持绑定多个发送通道,且支持执行逻辑(全部执行/失败即止/成功即止) #247\r\n* 优化:转发日志列表以原始信息为主,聚合展示转发日志(一对多)\r\n* 优化:已安装App信息列表异步加载机制\r\n* 优化:电池状态监听/网络状态监控 在未开启去重时默认开启1秒去重\r\n* 优化:利用BatteryReceiver守护自启动的Frpc (试验) #254\r\n\r\n* 修复:Android 13 无法授予通知权限 #255\r\n* 修复:重启手机自动启动APP时加载配置失败 #233 #245\r\n* 修复:转发消息遍历发送通道时未跳过已禁用的通道\r\n* 修复:降级Android Gradle插件版本以兼容4.4 (#249 by NyaMisty)\r\n\r\n* 升级:andserver到2.1.12(加快web端上下行速度等)\r\n* 升级:frpclib 到 v0.47.0\r\n* 升级:androidx组件和kotlin版本\r\n\r\n还有一些细微调整参见`github`提交记录\r\n\r\n---\r\n\r\n### APK版本说明:\r\n* universal(10XXXX): 通用版(不在乎安装包大小/懒得选就用这个版本,包含以下4种CPU架构so)\r\n* armeabi-v7a(20XXXX): 32位ARM设备(备用机首选)\r\n* arm64-v8a(30XXXX): 64位ARM设备(主流旗舰机)\r\n* x86(40XXXX): 32位Intel设备\r\n* x86_64(50XXXX): 64/32位Intel设备"
},
"https://github.com/We5ter/Scanners-Box": {
"created_at": "2016-12-24 16:07:50",
"description": "A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑",
"commit_date": "2023-04-20 11:28:35",
"commit_message": "[+]lijiejie/MisConfig_HTTP_Proxy_Scanner",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/SleepingBag945/IPSearch": {
"created_at": "2022-12-29 08:25:55",
"description": "离线IP Whois查询工具。可根据IP查询所属IP段信息、根据关键词查询IP段信息",
"commit_date": "2023-03-25 04:02:31",
"commit_message": "Merge pull request #2 from SleepingBag945/add-license-1\n\nCreate LICENSE",
"release_tag": "v0.1",
"release_date": "2022-12-29 08:57:11",
"release_message": ""
},
"https://github.com/zhzyker/dismap": {
"created_at": "2021-07-24 12:37:45",
"description": "Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点",
"commit_date": "2023-05-25 03:32:07",
"commit_message": "Merge pull request #36 from sockx/fix_https\n\nFix possible problems with https detection",
"release_tag": "v0.4",
"release_date": "2022-06-16 10:13:59",
"release_message": "* Optimize concurrency strategy to improve speed (https://github.com/zhzyker/dismap/commit/a2a779f512fc02984a909f359b644154b8855d64)\r\n* Optimize json output (https://github.com/zhzyker/dismap/commit/a2a779f512fc02984a909f359b644154b8855d64) https://github.com/zhzyker/dismap/issues/19\r\n* Added giop protocol identification rules (https://github.com/zhzyker/dismap/commit/edcf125ffac50c0555ead1791d8688b3477d10ce)\r\n* Added web fingerprinting rules\r\n\r\n***\r\n\r\n* 优化并发策略,理论上扫描速度+50% (https://github.com/zhzyker/dismap/commit/a2a779f512fc02984a909f359b644154b8855d64)\r\n* 优化 json 输出 (https://github.com/zhzyker/dismap/commit/a2a779f512fc02984a909f359b644154b8855d64) https://github.com/zhzyker/dismap/issues/19\r\n* 新增 giop 协议识别 (https://github.com/zhzyker/dismap/commit/edcf125ffac50c0555ead1791d8688b3477d10ce)\r\n* 新增 web 指纹识别规则\r\n\r\n```BASH\r\n#MD5SUM \r\ned45058d0b4b1a488908003d11566d3f dismap-0.4-darwin-amd64\r\nd5d8662a35b9d02cd60edbcb6a4d832a dismap-0.4-darwin-arm64\r\ne62e4e4f17fc14316ff78de7735c1cbc dismap-0.4-linux-amd64\r\n33ac2c467e3efede0d883f3d5a08281e dismap-0.4-linux-arm64\r\nd759431d0fcb55881fc3e2afbb1f55d6 dismap-0.4-windows-amd64.exe\r\n545704128fb9faef774037b143d80f0a dismap-0.4-windows-x86.exe\r\n```"
},
"https://github.com/Aabyss-Team/CTF-Tools": {
"created_at": "2023-01-26 03:55:16",
"description": "渊龙Sec安全团队CTF&AWD工具箱",
"commit_date": "2023-01-26 05:21:12",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/SpenserCai/GoWxDump": {
"created_at": "2023-02-17 10:10:37",
"description": "SharpWxDump的Go语言版。微信客户端取证,获取信息(微信号、手机号、昵称),微信聊天记录分析(Top N聊天的人、统计聊天最频繁的好友排行、关键词列表搜索等)",
"commit_date": "2023-05-09 01:46:33",
"commit_message": "fix #19 支持 3.9.2.26",
"release_tag": "v1.0.11",
"release_date": "2023-05-09 01:48:08",
"release_message": "fix #19 支持了3.9.2.26 版本"
},
"https://github.com/Moxin1044/qsnctf-python": {
"created_at": "2023-01-01 01:56:43",
"description": "青少年CTF的Python包,方便大家调用一些CTF常用功能。",
"commit_date": "2023-04-02 17:16:18",
"commit_message": "增加求等差数列第n项和n项和",
"release_tag": "0.0.8.9",
"release_date": "2023-02-26 00:35:49",
"release_message": "更新了之前版本不存在的Web请求timeout导致扫描时间过长,在0.0.8.9版本已修复此问题。\r\n您甚至可以指定timeout,感谢问题反馈!"
},
"https://github.com/jdr2021/wxapkgUnpack": {
"created_at": "2023-02-19 17:30:27",
"description": "wxapkg解密解包工具,提供C#和wxappUnpacker两个版本的解包,并提取JS中的URL和IP。",
"commit_date": "2023-02-19 18:06:05",
"commit_message": "Update README.md",
"release_tag": "1.0",
"release_date": "2023-02-19 17:36:35",
"release_message": ""
},
"https://github.com/euphrat1ca/LayerDomainFinder": {
"created_at": "2019-07-17 07:34:49",
"description": "Layer子域名挖掘机",
"commit_date": "2019-07-17 07:46:03",
"commit_message": "1\n\n1",
"release_tag": "3",
"release_date": "2019-07-17 07:56:26",
"release_message": "Layer5.0 SAINTSEC"
},
"https://github.com/lijiejie/EasyPen": {
"created_at": "2022-08-22 12:54:41",
"description": "EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation",
"commit_date": "2022-10-19 08:46:57",
"commit_message": "fix missing cmd",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/whwlsfb/JDumpSpider": {
"created_at": "2022-01-05 07:30:39",
"description": "HeapDump敏感信息提取工具",
"commit_date": "2023-04-06 03:11:35",
"commit_message": "add export path arg.\nadd all string export spider.",
"release_tag": "dev-20230406T031230",
"release_date": "2023-04-06 03:12:32",
"release_message": ""
},
"https://github.com/XTeam-Wing/Vulcan": {
"created_at": "2020-02-03 07:40:50",
"description": "VulCan资产管理系统|漏洞扫描|资产探测|定时扫描",
"commit_date": "2021-06-19 14:36:47",
"commit_message": "Merge pull request #8 from RedTeamWing/dependabot/pip/urllib3-1.26.5\n\nBump urllib3 from 1.25.3 to 1.26.5",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wuba/Antenna": {
"created_at": "2022-06-15 06:42:25",
"description": "Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。",
"commit_date": "2023-05-17 09:57:12",
"commit_message": "Merge pull request #121 from wuba/develop\n\nDevelop",
"release_tag": "v1.3.5",
"release_date": "2023-04-21 09:45:23",
"release_message": "1. 修复HTTPS分块传输请求导致处理逻辑错误(#105)的问题\r\n2. 废弃domain_in查询方式(#106),后续多个域名查询可使用多个domain参数查询,详情可看http://blog.antenna.cool/docs/api_back\r\n3. 新增api查询用户token以及查询当前项目使用版本接口,为下个版本SDK与自动更新功能做准备\r\n\r\n"
},
"https://github.com/lanyi1998/DNSlog-GO": {
"created_at": "2020-09-05 16:18:57",
"description": "DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具,自带WEB界面",
"commit_date": "2023-05-21 14:50:25",
"commit_message": "fix:空切片的bug",
"release_tag": "20230521",
"release_date": "2023-05-21 14:52:26",
"release_message": ""
},
"https://github.com/Mr-xn/JNDIExploit-1": {
"created_at": "2021-12-13 14:07:50",
"description": "一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)",
"commit_date": "2021-12-15 12:09:05",
"commit_message": "Fix JNDIEXPLOIT_URL, fixes #1\n\nFix JNDIEXPLOIT_URL, fixes #1",
"release_tag": "v1.2",
"release_date": "2021-12-13 14:50:52",
"release_message": "JNDIExploit.v1.2 backup"
},
"https://github.com/ycdxsb/PocOrExp_in_Github": {
"created_at": "2021-04-13 05:46:16",
"description": "聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.",
"commit_date": "2023-05-29 22:24:51",
"commit_message": "update 2023-05-30 06:24:51",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/1n7erface/RequestTemplate": {
"created_at": "2022-04-01 17:26:22",
"description": "双语双端内网扫描以及验证工具",
"commit_date": "2023-04-07 07:26:03",
"commit_message": "Update README.md",
"release_tag": "v1.1.5",
"release_date": "2023-04-12 07:54:54",
"release_message": "2023.4.12 16:00\r\n1.解决了一个并发时线程抢锁问题\r\n2.添加指纹,目前指纹900+\r\n3.添加ps,us参数\r\n"
},
"https://github.com/Threekiii/Vulhub-Reproduce": {
"created_at": "2022-03-03 08:38:29",
"description": "一个Vulhub漏洞复现知识库",
"commit_date": "2023-05-04 06:05:40",
"commit_message": "更新漏洞",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/akkuman/rotateproxy": {
"created_at": "2021-10-18 02:10:27",
"description": "利用fofa搜索socks5开放代理进行代理池轮切的工具",
"commit_date": "2023-02-13 06:04:33",
"commit_message": "fix: modernc.org/sqlite 不支持 win 386",
"release_tag": "v0.7.2",
"release_date": "2023-02-13 06:07:53",
"release_message": "## Changelog\n* 10ddfd1 fix: modernc.org/sqlite 不支持 win 386\n\n"
},
"https://github.com/gh0stkey/HaE": {
"created_at": "2020-03-24 10:12:50",
"description": "HaE - Highlighter and Extractor, 赋能白帽 高效作战",
"commit_date": "2023-02-22 09:36:50",
"commit_message": "Version: 2.4.6 Update",
"release_tag": "2.4.6",
"release_date": "2023-02-22 09:37:42",
"release_message": "HaE 2.4.6 更新内容:\r\n1. 加入多线程对数据进行匹配和提取,减少卡顿现象;\r\n2. 变更配置文件更新地址为`jsdelivr`的CDN节点地址,优化国内用户体验。"
},
"https://github.com/kelvinBen/AppInfoScanner": {
"created_at": "2020-07-22 01:19:17",
"description": "一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。",
"commit_date": "2022-12-18 11:33:34",
"commit_message": "Merge pull request #30 from kelvinBen/v1.0.9.1\n\nadd \"识别到壳后自动进行脱壳处理\"",
"release_tag": "V1.0.9_Releases",
"release_date": "2022-10-23 08:52:36",
"release_message": "### V1.0.9_Releases\r\n- 更新apktool为最新版本\r\n- 优化部分环节流程\r\n- 修复excle文件导出时超时行数限制\r\n- 修复脚本执行时卡顿的问题\r\n- 修复Mac下Playload文件权限不足的问题"
},
"https://github.com/Ares-X/VulWiki": {
"created_at": "2020-10-13 04:00:43",
"description": "VulWiki",
"commit_date": "2021-03-09 08:16:32",
"commit_message": "add sangfor",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/StarCrossPortal/QingTing": {
"created_at": "2022-04-29 02:33:43",
"description": "蜻蜓安全一个安全工具编排平台,可以自由编排你的工具流,集成108款工具,包括xray、nmap、awvs等;你可以将喜欢的工具编排成一个场景,快速打造适合自己的安全工作台~",
"commit_date": "2023-03-21 08:07:56",
"commit_message": "reset readme.md",
"release_tag": "v0.3",
"release_date": "2022-05-12 09:45:43",
"release_message": "## 新增\r\n1. 新增傻瓜式提交插件,轻松把自己喜欢的工具接入进来\r\n2. 新增nmap、识别目标主机组件信息\r\n3. 新增masscan、快速扫描目标端口信息\r\n4. 新增knock、子域名扫描\r\n5. 新增webcrack、登录页面爆破\r\n\r\n## 改进\r\n1. 新增数据统计图表\r\n2. 用户ID展现为用户昵称\r\n3. 扫描详情增加工具扫描日志展示"
},
"https://github.com/TheKingOfDuck/ApkAnalyser": {
"created_at": "2020-02-21 13:42:23",
"description": "一键提取安卓应用中可能存在的敏感信息。",
"commit_date": "2021-10-21 02:33:58",
"commit_message": "Merge pull request #8 from 0x24bin/master\n\nUpdate apkAnalyser.py",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wh1t3p1g/ysomap": {
"created_at": "2020-02-08 12:59:32",
"description": "A helpful Java Deserialization exploit framework.",
"commit_date": "2023-05-04 03:08:55",
"commit_message": "update",
"release_tag": "v0.1.3",
"release_date": "2022-04-15 14:25:17",
"release_message": "Update:\r\n- 新增若干payloads、bullets,目前共计 `[+] exploits(12) payloads(31) bullets(36)`\r\n- 支持设置编码器、输出方式、serialVersionUid、序列器类型,具体方法见wiki\r\n\r\nMD5 (cli/target/ysomap.jar) = d4e72def5bfd8ab1d341a6b71caf16c0\r\n\r\n感谢如下小伙伴的提交 XD\r\n[@orleven](https://github.com/orleven)、[@G0doot](https://github.com/G0doot)、[@BeichenDream](https://github.com/BeichenDream)、[@sf197](https://github.com/sf197)"
},
"https://github.com/SummerSec/ShiroAttack2": {
"created_at": "2021-06-13 03:44:13",
"description": "shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack",
"commit_date": "2022-08-31 15:54:01",
"commit_message": ":zap: 感谢 @fuzz7j 提交pr,增加headers方式",
"release_tag": "4.5.6",
"release_date": "2022-08-31 15:54:15",
"release_message": "详情参考 https://github.com/SummerSec/ShiroAttack2/pull/36\r\n感谢 @fuzz7j 提交pr"
},
"https://github.com/light-Life/BUG-Pocket": {
"created_at": "2021-07-06 11:23:54",
"description": "小型漏洞库,提供FOFA语法及批量脚本,具体利用法请参考别的漏洞库,共4种类型47项",
"commit_date": "2021-07-31 02:01:39",
"commit_message": "Update ShopNC.py",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Lengso/iplookup": {
"created_at": "2021-07-19 04:55:39",
"description": "IP反查域名",
"commit_date": "2021-08-06 16:11:39",
"commit_message": "更新版本v1.1",
"release_tag": "v1.1",
"release_date": "2021-08-06 16:08:16",
"release_message": "接口增加fofa,shodan"
},
"https://github.com/WangYihang/UsbKeyboardDataHacker": {
"created_at": "2017-04-04 19:13:45",
"description": "USB键盘流量包取证工具 , 用于恢复用户的击键信息",
"commit_date": "2022-09-29 09:14:56",
"commit_message": "Merge pull request #6 from hurricane618/patch-2\n\nUpdate UsbKeyboardDataHacker.py",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/guchangan1/All-Defense-Tool": {
"created_at": "2022-04-25 11:45:06",
"description": "本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。",
"commit_date": "2023-05-27 13:42:33",
"commit_message": "更新v2.3",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/OrangeWatermelon/ctf-wscan": {
"created_at": "2020-11-07 06:56:46",
"description": "在kingkaki的项目上进行了修改,改为单线程,可以在任意目录下执行,对重复的请求进行了过滤",
"commit_date": "2020-11-07 06:57:22",
"commit_message": "Create README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/xinyu2428/TDOA_RCE": {
"created_at": "2021-03-01 07:18:29",
"description": "通达OA综合利用工具",
"commit_date": "2021-03-17 08:51:32",
"commit_message": "更新v11.7版本另一条利用链",
"release_tag": "v1.0",
"release_date": "2021-03-01 08:16:20",
"release_message": "-工具内集成POC如下\r\n\r\n任意用户登录POC: 4个\r\nSQL注入POC: 2个\r\n后台文件上传POC: 3个\r\n本地文件包含POC: 2个\r\n前台文件上传POC(非WEB目录): 1个\r\n任意文件删除POC: 1个"
},
"https://github.com/Ifory885/fshzqSearch": {
"created_at": "2023-01-14 09:14:41",
"description": "fofa、shodan、hunter、zoomeye、quake网络空间搜索引擎及github聚合搜索,并对结果进行finger指纹识别。",
"commit_date": "2023-05-05 09:15:19",
"commit_message": "修复保存文件夹不存在报错问题",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/InitRoot/BurpJSLinkFinder": {
"created_at": "2019-06-10 20:25:07",
"description": "Burp Extension for a passive scanning JS files for endpoint links.",
"commit_date": "2022-10-17 09:27:42",
"commit_message": "Merge pull request #8 from Bort-Millipede/masterv2\n\nBugfix and Updates",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wyzxxz/heapdump_tool": {
"created_at": "2021-08-06 02:48:31",
"description": "heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等",
"commit_date": "2023-04-25 06:23:58",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/lal0ne/vulnerability": {
"created_at": "2022-01-20 02:48:42",
"description": "收集、整理、修改互联网上公开的漏洞POC",
"commit_date": "2023-05-29 03:23:40",
"commit_message": "E-Cology CheckServer.jsp SQL注入",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/CTF-MissFeng/GoScan": {
"created_at": "2020-12-13 11:08:12",
"description": "GoScan是采用Golang语言编写的一款分布式综合资产管理系统,适合红队、SRC等使用",
"commit_date": "2021-05-06 07:29:26",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/boy-hack/ksubdomain": {
"created_at": "2021-10-24 14:37:09",
"description": "Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second",
"commit_date": "2022-06-15 09:27:52",
"commit_message": "Merge branch 'main' of https://github.com/boy-hack/ksubdomain",
"release_tag": "v1.9.5",
"release_date": "2022-03-31 05:47:14",
"release_message": ""
},
"https://github.com/TideSec/Tide": {
"created_at": "2019-01-21 07:03:51",
"description": "目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~",
"commit_date": "2020-06-22 05:22:45",
"commit_message": "Update",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/vsec7/BurpSuite-Xkeys": {
"created_at": "2020-06-15 09:46:58",
"description": "A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.",
"commit_date": "2020-06-19 15:46:17",
"commit_message": "Updated",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/obheda12/GitDorker": {
"created_at": "2020-07-13 01:11:46",
"description": "A Python program to scrape secrets from GitHub through usage of a large repository of dorks.",
"commit_date": "2021-05-07 06:11:57",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/xiao-zhu-zhu/noterce": {
"created_at": "2023-01-31 07:56:29",
"description": "一种另辟蹊径的免杀执行系统命令的木马",
"commit_date": "2023-05-10 10:30:39",
"commit_message": "Update README.md",
"release_tag": "1.3",
"release_date": "2023-05-10 06:48:26",
"release_message": "重构为web版\r\n\r\n添加功能:\r\n1. 多行执行命令\r\n2. 上线CS"
},
"https://github.com/synacktiv/HopLa": {
"created_at": "2021-05-06 11:01:23",
"description": " HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite",
"commit_date": "2021-05-12 16:21:29",
"commit_message": "Some fixes on side effects & completion more in bash style",
"release_tag": "1.2",
"release_date": "2021-05-12 16:24:50",
"release_message": "Fix some side effects & completion more in bash style\r\n"
},
"https://github.com/Mustard404/Savior": {
"created_at": "2021-11-10 18:41:40",
"description": "渗透测试报告自动生成工具!",
"commit_date": "2022-05-09 08:03:18",
"commit_message": "Update index.jsx",
"release_tag": "new",
"release_date": "2021-11-17 16:41:37",
"release_message": "**Bug**\r\n\r\n- [✓] - 修复了项目设置、整改设置数据超过20条无法显示的问题\r\n\r\n**优化**\r\n\r\n- [✓] - 增加模板过滤器,可以对高中低漏洞分别统计\r\n- [✓] - 增加漏洞删除功能\r\n- [✓] - 提供历史漏洞下载功能\r\n- [✓] - 优化了报告中图片显示过大的问题\r\n\r\n**待处理**\r\n\r\n- [✗] - 重启容器后用户清空,目前解决方案为手动注释/Savior/docker/run.sh中Python3开头代码。暂无自动化解决方案。"
},
"https://github.com/ExpLangcn/NucleiTP": {
"created_at": "2022-11-08 13:16:56",
"description": "自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!",
"commit_date": "2023-05-30 00:30:20",
"commit_message": "更新啦❤️",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/opensec-cn/kunpeng": {
"created_at": "2019-01-08 12:50:42",
"description": "kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。",
"commit_date": "2020-11-20 07:23:06",
"commit_message": "Update README.md\n\n404StarLink 2.0",
"release_tag": "20190527",
"release_date": "2019-05-26 16:30:18",
"release_message": "### 插件更新\r\n增加 Atlassian Confluence Widget Connector macro RCE漏洞检测插件 CVE-2019-3396 @ywolf \r\n增加 Microsoft Remote Desktop RCE漏洞检测插件 CVE-2019-0708 @Medicean \r\n\r\n### 代码更新\r\n修复 go并发调用时出现goroutine leak问题 @l3m0n \r\n修复 加载json插件内存未释放问题 @l3m0n \r\n\r\n### 其他\r\n无"
},
"https://github.com/k8gege/K8tools": {
"created_at": "2019-02-23 14:04:52",
"description": "K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)",
"commit_date": "2023-05-28 16:06:02",
"commit_message": "Add files via upload",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/redtoolskobe/scaninfo": {
"created_at": "2021-11-05 04:59:07",
"description": "fast scan for redtools",
"commit_date": "2022-03-23 12:57:09",
"commit_message": "Update README.md",
"release_tag": "v1.1.0",
"release_date": "2021-11-05 06:46:58",
"release_message": "## scaninfo \r\nscaninfo_v1.1.0"
},
"https://github.com/Tas9er/EgGateWayGetShell": {
"created_at": "2021-01-14 01:04:48",
"description": "Code By:Tas9er",
"commit_date": "2021-01-14 01:05:29",
"commit_message": "Code By:Tas9er",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/bit4woo/reCAPTCHA/blob": {
"created_at": "",
"description": "",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/DVPNET/Report_Public": {
"created_at": "2021-01-12 05:52:07",
"description": " DVPNET 公开漏洞知识库",
"commit_date": "2021-06-10 06:26:03",
"commit_message": "Add files via upload",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/pmiaowu/BurpShiroPassiveScan": {
"created_at": "2020-07-15 07:12:16",
"description": "一款基于BurpSuite的被动式shiro检测插件",
"commit_date": "2022-06-30 02:35:20",
"commit_message": "2.0.0版本上线,key可自定义,上线多线程,代码优化",
"release_tag": "BurpShiroPassiveScan-2.0.0",
"release_date": "2022-06-30 02:52:30",
"release_message": "1. 默认多线程,解决扫描过慢的问题\r\n2. key可在config.yml自定义,解决有些用户觉得key太少的问题\r\n3. 性能优化,代码优化\r\n4. 添加各种配置项在config.yml自定义\r\n\r\n这个版本建议更新,对比旧版本性能更好!!!!\r\n\r\n最后面感谢大佬们一直以来的厚爱"
},
"https://github.com/knownsec/404StarLink": {
"created_at": "2020-11-17 08:10:18",
"description": "404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目",
"commit_date": "2023-05-29 03:02:14",
"commit_message": "weekly update at 2023-05-29",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/gwen001/github-subdomains": {
"created_at": "2020-07-24 06:54:29",
"description": "Find subdomains on GitHub.",
"commit_date": "2023-03-28 15:47:04",
"commit_message": "readme",
"release_tag": "v1.2.2",
"release_date": "2023-02-09 13:53:05",
"release_message": ""
},
"https://github.com/portswigger/http-request-smuggler": {
"created_at": "2019-07-30 14:41:18",
"description": "",
"commit_date": "2023-01-10 10:59:45",
"commit_message": "Merge pull request #58 from Hannah-PortSwigger/master\n\nUpdate case statement to state technique.",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/pandasec888/taowu-cobalt-strike": {
"created_at": "2020-07-05 10:13:00",
"description": "",
"commit_date": "2022-06-13 08:56:55",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Dliv3/redis-rogue-server": {
"created_at": "2019-07-08 08:54:11",
"description": "Redis 4.x/5.x RCE",
"commit_date": "2020-12-06 07:02:12",
"commit_message": "Merge pull request #2 from HenryzhaoH/master\n\nAdded support for syncing AUTHed slaves.",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/minhangxiaohui/DecodeSomeJSPWebshell": {
"created_at": "2022-02-12 02:05:07",
"description": "冰蝎、哥斯拉 jsp webshell通信流量解密器",
"commit_date": "2023-04-18 10:06:15",
"commit_message": "Update README.md\n\n哥斯拉解密的时候的具体使用方法没有描述清除,导致我自己很久没用这个工具之后也忘记使用方法了,所以这里更新下描述文件,添加了哥斯拉的解密case样例",
"release_tag": "v1.2",
"release_date": "2022-02-12 02:41:09",
"release_message": "v1.2 打包"
},
"https://github.com/Ppsoft1991/CodeReviewTools": {
"created_at": "2021-01-06 08:04:15",
"description": "通过正则搜索、批量反编译特定Jar包中的class名称",
"commit_date": "2021-12-06 16:48:04",
"commit_message": "修复fernflower引擎复制文件的bug",
"release_tag": "v1.31",
"release_date": "2021-12-09 05:45:27",
"release_message": "修复fernflow引擎的一些bug"
},
"https://github.com/shadow1ng/fscan": {
"created_at": "2020-11-13 16:35:20",
"description": "一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。",
"commit_date": "2023-05-10 03:18:53",
"commit_message": "Merge pull request #272 from wgpsec/main\n\n修复自动化编译问题",
"release_tag": "1.8.2",
"release_date": "2022-11-19 09:14:24",
"release_message": "加入hash碰撞、wmiiexec无回显命令执行 "
},
"https://github.com/yzddmr6/WebCrack": {
"created_at": "2019-08-20 03:39:16",
"description": "WebCrack是一款web后台弱口令/万能密码批量检测工具,在工具中导入后台地址即可进行自动化检测。",
"commit_date": "2021-09-07 12:19:54",
"commit_message": "bug fix\n\nadd __init__.py",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/ht0Ruial/TomatoTools": {
"created_at": "2021-05-10 09:40:20",
"description": "TomatoTools 一款CTF杂项利器,支持36种常见编码和密码算法的加密和解密,31种密文的分析和识别,支持自动提取flag,自定义插件等。",
"commit_date": "2022-12-02 06:41:15",
"commit_message": "fix #7",
"release_tag": "v1.0.2",
"release_date": "2021-11-15 12:53:20",
"release_message": "版本说明:\r\n- **自动提flag** 支持设定深度\r\n- **关于** 里增加三个功能开关\r\n- 插件dicts新增replace替换参数\r\n- 新增解密插件 *斜杠ASCII码转换*、*HTML实体编码*\r\n- 修复bug"
},
"https://github.com/Dionach/CMSmap": {
"created_at": "2018-09-20 06:55:41",
"description": "CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. ",
"commit_date": "2018-10-26 18:45:03",
"commit_message": "Fixes #3",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/wgpsec/ENScan_GO": {
"created_at": "2022-01-04 14:07:28",
"description": "一款基于各大企业信息API的工具,解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。",
"commit_date": "2023-05-17 03:16:02",
"commit_message": "修正提示",
"release_tag": "0.0.11",
"release_date": "2023-05-17 03:26:56",
"release_message": "修复企查查签名错误提示"
},
"https://github.com/jackfrued/Python-100-Days": {
"created_at": "2018-03-01 16:05:52",
"description": "Python - 100天从新手到大师",
"commit_date": "2023-02-05 16:59:39",
"commit_message": "更新了README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/helloexp/0day": {
"created_at": "2022-04-07 04:28:29",
"description": "各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新",
"commit_date": "2023-04-19 05:37:56",
"commit_message": "add CVE-2023-23397 exp",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/ph4ntonn/Stowaway": {
"created_at": "2019-11-15 03:25:50",
"description": "👻Stowaway -- Multi-hop Proxy Tool for pentesters",
"commit_date": "2023-04-25 19:16:43",
"commit_message": "Update README",
"release_tag": "v2.1",
"release_date": "2022-04-08 15:53:34",
"release_message": "👻 v2.1 is released~ v2.1 is an upgraded version of v2.0\r\n\r\n## BE AWARE\r\n- If you are trying to use admin on windows,plz make sure you have installed [ansicon](https://github.com/adoxa/ansicon/releases)\r\n- And if you have any problems when using command ```shell```,plz check the [shell.go](https://github.com/ph4ntonn/Stowaway/blob/master/agent/handler/shell.go) and read the annotation first!!! Maybe it can solve ur problems.\r\n\r\n## Update\r\n- 2021.10.1 \r\n - Switch AES-CBC to AES-GCM.Thanks to @SignorMercurio \r\n - Fix bugs. Thanks to @SignorMercurio \r\n- 2022.1.23\r\n - Fix shell&topo bugs.Thanks to @lz520520\r\n- 2022.4.8 \r\n - Fix data loss bug when closing a short connection.Thanks to @lz520520\r\n - Add gzip function.Thanks to @lz520520 \r\n - Optimize the key code\r\n - Fix some bugs\r\n- 2022.7.19\r\n - Fix nil pointer bug #41.Thanks to @zyylhn"
},
"https://github.com/uknowsec/BurpSuite-Extender-fastjson": {
"created_at": "2020-03-07 13:17:08",
"description": "Reference:https://www.w2n1ck.com/article/44/",
"commit_date": "2020-03-07 13:23:21",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/jeffzh3ng/fuxi": {
"created_at": "2018-06-13 07:32:07",
"description": "Penetration Testing Platform",
"commit_date": "2020-05-10 05:34:11",
"commit_message": "docs: update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/jweny/pocassist": {
"created_at": "2021-05-12 10:05:09",
"description": "傻瓜式漏洞PoC测试框架",
"commit_date": "2022-06-21 03:43:47",
"commit_message": "Update README.md",
"release_tag": "1.0.5",
"release_date": "2021-08-11 08:25:44",
"release_message": "下载链接:https://github.com/jweny/pocassist/releases\r\n使用文档/开发文档:https://pocassist.jweny.top/\r\n漏洞库:https://github.com/jweny/pocassistdb\r\n前端:https://github.com/jweny/pocassistweb\r\n\r\nBugFix\r\n\r\n修复target校验逻辑\r\nhttp压缩响应解包\r\n下一版本将新增关键功能:子域名探测、爬虫、自建dnslog、扫描结果导出、MarkDown报告生成。\r\n敬请期待。"
},
"https://github.com/starjun/openstar": {
"created_at": "2016-05-18 15:11:53",
"description": "lua waf,nginx+lua,openresty,luajit,waf+,cdn,nginx",
"commit_date": "2021-10-10 12:38:04",
"commit_message": "更新readme.md...",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Ridter/Intranet_Penetration_Tips": {
"created_at": "2019-01-29 12:23:51",
"description": "2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~",
"commit_date": "2023-02-24 06:58:54",
"commit_message": "增加Exchange利用",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/ybdt/poc-hub": {
"created_at": "",
"description": "",
"commit_date": "2023-04-04 03:20:05",
"commit_message": "整理",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/pmiaowu/BurpFastJsonScan": {
"created_at": "2020-12-15 02:22:42",
"description": "一款基于BurpSuite的被动式FastJson检测插件",
"commit_date": "2022-06-26 17:02:17",
"commit_message": "删除无用文件,修改.gitignore一处错误",
"release_tag": "BurpFastJsonScan-2.2.2",
"release_date": "2022-06-22 15:57:09",
"release_message": "修复了一处dnslog.cn超时过短,导致使用者网卡时老是显示dnslog超时的错误\r\n\r\n建议更新!!!!"
},
"https://github.com/AngelKitty/stegosaurus": {
"created_at": "2018-11-05 05:27:13",
"description": "A steganography tool for embedding payloads within Python bytecode.",
"commit_date": "2019-10-07 13:15:43",
"commit_message": "build && create binary file",
"release_tag": "1.0",
"release_date": "2019-12-02 09:47:12",
"release_message": ""
},
"https://github.com/CTF-MissFeng/report": {
"created_at": "2021-06-27 15:03:37",
"description": "乙方渗透测试漏洞报告管理系统",
"commit_date": "2021-06-30 05:46:36",
"commit_message": "Delete .DS_Store",
"release_tag": "v1.0.1",
"release_date": "2021-06-30 05:51:44",
"release_message": "首页增加每月统计\r\n业务系统增加高中低统计\r\n修复相关bug"
},
"https://github.com/0x48piraj/Jiraffe": {
"created_at": "2020-02-07 13:26:33",
"description": "One stop place for exploiting Jira instances in your proximity",
"commit_date": "2021-05-08 12:37:38",
"commit_message": "patch+bump: refactored exploits, recon-utils; generated code-coverage metrics",
"release_tag": "v2.0.6",
"release_date": "2021-05-08 12:44:46",
"release_message": "- Generated code coverage metrics\r\n- Added and excluded local `build-scripts` via `.gitignore`\r\n- Formatted recon info/error messages\r\n- Improved the target URL parser\r\n- Refined `isaws()` function"
},
"https://github.com/ja9er/Gofreeproxy": {
"created_at": "2022-08-26 07:36:32",
"description": "自用的动态代理小工具",
"commit_date": "2023-01-06 03:43:37",
"commit_message": "Update readme.md",
"release_tag": "v0.1",
"release_date": "2022-09-06 07:29:40",
"release_message": "优化显示,修复卡顿的bug,增加控制参数,修复mac读取配置文件的问题"
},
"https://github.com/vladko312/SSTImap": {
"created_at": "2022-06-15 06:27:32",
"description": "Automatic SSTI detection tool with interactive interface",
"commit_date": "2023-05-26 20:30:53",
"commit_message": "Version 1.1.3 (Bugfixes)\n\nFixed bug with the new cookie processing\r\nFixed some code being unreachable\r\nMoved new parameter to a different category\r\n\r\nJust a minor bugfix update",
"release_tag": "v1.1",
"release_date": "2023-04-16 22:40:19",
"release_message": "- Crawler and form detection (by @fantesykikachu)\r\n- New template engine added: Cheetah\r\n- Automatic import for engine modules\r\n- Interactive module reloading capability\r\n- Full support for Python 3.11\r\n- Replaced telnetlib with a custom TCP client"
},
"https://github.com/xxcdd/docker_nessus_unlimited": {
"created_at": "2021-02-06 02:32:44",
"description": "docker build nessus with unlimited ip",
"commit_date": "2021-08-23 03:18:51",
"commit_message": "Merge pull request #2 from xxcdd/8.15.1\n\nadapte 8.15.1 plugins download",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/knownsec/PortForward": {
"created_at": "2020-10-20 07:17:31",
"description": "The port forwarding tool developed by Golang solves the problem that the internal and external networks cannot communicate in certain scenarios",
"commit_date": "2021-04-23 16:40:39",
"commit_message": "fix: actively close the previous invalid socket in listen-listen",
"release_tag": "0.5.0",
"release_date": "2020-10-26 06:58:26",
"release_message": "PortForward 的功能如下:\r\n1. 支持 tcp/udp 协议层的端口转发\r\n2. 支持级联\r\n3. 支持正向/反向连接模式\r\n4. 支持多通道\r\n5. 支持 ipv6"
},
"https://github.com/xiecat/fofax": {
"created_at": "2021-12-14 10:01:58",
"description": "fofax is a command line query tool based on the API of https://fofa.info/, simple is the best!",
"commit_date": "2023-04-24 03:20:26",
"commit_message": "发布因网络导致的更新异常",
"release_tag": "v0.1.44",
"release_date": "2023-04-24 03:23:34",
"release_message": "## Changelog\r\n* 修复更新时如果网络有问题可能引发异常问题 #29 。修改弃用函数\r\n\r\n\r\n"
},
"https://github.com/ScarecrowSec/WiKi": {
"created_at": "2021-07-10 15:17:58",
"description": "稻草人安全团队漏洞库",
"commit_date": "2021-07-24 07:10:31",
"commit_message": "Update SUMMARY.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/White-hua/Apt_t00ls": {
"created_at": "2022-10-02 14:14:27",
"description": "高危漏洞利用工具",
"commit_date": "2023-03-25 02:11:10",
"commit_message": "Merge pull request #14 from dbgee/patch-1\n\nUpdate cas_cvm_upload.java 文件名校验",
"release_tag": "v0.6",
"release_date": "2023-03-12 16:51:05",
"release_message": "H3C 任意文件上传\r\n致远帆软组件任意文件上传\r\nnacos任意用户添加\r\n帆软任意文件上传\r\n用友GRP_U8任意文件上传\r\n用友KSOA任意文件上传rce -- 0day 漏洞作者 https://github.com/cdxiaodong"
},
"https://github.com/knownsec/pocsuite3": {
"created_at": "2019-03-15 07:01:04",
"description": "pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.",
"commit_date": "2023-04-29 06:15:36",
"commit_message": "Merge pull request #365 from 13ph03nix/nuclei-issue-3055-protocol-name\n\nfix: Updated protocol attribute name (requests=> http & network => tcp)",
"release_tag": "v2.0.4",
"release_date": "2023-04-29 06:20:47",
"release_message": "* 兼容 nuclei v2.9.1 的模版协议名称变化 #364 \r\n\r\n---\r\n\r\n* Updated protocol names that are compatible with Nuclei v2.9.1 #364 "
},
"https://github.com/murphysecurity/murphysec": {
"created_at": "2022-03-16 02:52:33",
"description": "An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。",
"commit_date": "2023-05-25 13:05:19",
"commit_message": "fix: 修一下字段名",
"release_tag": "v3.1.1",
"release_date": "2023-05-15 12:52:58",
"release_message": "Support NPM lockfile v3 "
},
"https://github.com/blackarrowsec/mssqlproxy": {
"created_at": "2020-02-12 08:44:28",
"description": "mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse",
"commit_date": "2020-08-13 11:53:38",
"commit_message": "Update README.md",
"release_tag": "0.1",
"release_date": "2020-02-13 11:18:28",
"release_message": ""
},
"https://github.com/ggg4566/BurpBountyPlus": {
"created_at": "2021-06-30 08:44:46",
"description": "BurpBounty 魔改版本",
"commit_date": "2022-03-21 07:38:34",
"commit_message": "update",
"release_tag": "3",
"release_date": "2022-03-21 08:04:22",
"release_message": "1. 添加了多目标 fuzz 菜单功能\r\n2. fix 修补占用cpu %100的bug\r\n<img width=\"1200\" alt=\"image\" src=\"https://user-images.githubusercontent.com/7532477/159223555-f238dd62-5476-4f02-9f92-3ef1b3223c09.png\">\r\n"
},
"https://github.com/Anof-cyber/APTRS": {
"created_at": "2022-10-28 16:15:37",
"description": "Automated Penetration Testing Reporting System",
"commit_date": "2023-05-06 09:52:47",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/vaycore/OneScan": {
"created_at": "2023-02-14 01:59:45",
"description": "OneScan是递归目录扫描的BurpSuite插件",
"commit_date": "2023-05-29 04:31:16",
"commit_message": "将数据看板界面的复选框状态保存到配置文件;将Disable选项功能更改为Enable",
"release_tag": "v1.0.4",
"release_date": "2023-05-29 05:03:49",
"release_message": "1.0.4 版本发布,版本更新内容如下\r\n\r\n### 优化\r\n\r\n- 保存数据看板页面复选框状态(将 `Disable HeaderReplace`、`Disable DirScan` 的 `Disable` 更改为 `Enable`)\r\n- 优化正则表达式,解决某些站点 `title` 读取异常的问题\r\n\r\n### 修复\r\n\r\n- 解决 `bodyMd5` 参数计算错误的问题\r\n- 解决数据看板选中某条数据时,加载响应数据过慢的问题\r\n"
},
"https://github.com/ianxtianxt/SharpDecryptPwd": {
"created_at": "2019-10-12 11:43:26",
"description": "Windows常用程序密码读取工具:SharpDecryptPwd",
"commit_date": "2019-10-12 11:48:39",
"commit_message": "Create README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Ormicron/Sharp-dumpkey": {
"created_at": "2021-12-08 03:43:15",
"description": "基于C#实现的获取微信数据库密钥的小工具",
"commit_date": "2022-07-19 07:16:16",
"commit_message": "Update Program.cs",
"release_tag": "1",
"release_date": "2021-12-08 04:50:43",
"release_message": "编译版本"
},
"https://github.com/God-Ok/SeeyonExploit-GUI": {
"created_at": "2021-07-20 14:42:05",
"description": "致远OA综合利用工具V1.0",
"commit_date": "2021-07-07 15:01:16",
"commit_message": "Update README.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/AabyssZG/CRC32-Tools": {
"created_at": "2022-09-18 12:09:14",
"description": "Easy CRC32 Tools,so easy!!!",
"commit_date": "2023-02-01 01:39:12",
"commit_message": "Update README.md",
"release_tag": "2.2",
"release_date": "2022-09-21 02:50:16",
"release_message": "# 更新日志\r\n## 更新内容\r\n- 原本的单文件版,放置于/SingleFile_Version目录,按需自取\r\n- 更新了单脚本整合版,支持Tab补全文件名,更加方便操作\r\n- 更新了文件检测,对于不存在的文件或者无法解读的压缩包进行函数跳出并输出错误\r\n\r\n单脚本整合版即本项目的CRC32-Tools.py,将多个功能整合到一个Python脚本中,脚本参数如下:\r\n```\r\n>python3 CRC32-Tools.py -h\r\nusage: CRC32-Tools.py [-h] [-z READZIP] [-1 ONEBYTE] [-2 TWOBYTE] [-3 THREEBYTE] [-4 FOURBYTE]\r\n\r\noptional arguments:\r\n -h, --help show this help message and exit\r\n -z READZIP 读取对应压缩包,输出各个文件CRC值列表\r\n -1 ONEBYTE 对1Byte的压缩包自动进行CRC碰撞并输出文件内容\r\n -2 TWOBYTE 对2Byte的压缩包自动进行CRC碰撞并输出文件内容\r\n -3 THREEBYTE 对3Byte的压缩包自动进行CRC碰撞并输出文件内容\r\n -4 FOURBYTE 对4Byte的压缩包自动进行CRC碰撞并输出文件内容\r\n```\r\n"
},
"https://github.com/Tsojan/TsojanScan": {
"created_at": "2022-12-18 15:36:54",
"description": "一个集成的BurpSuite漏洞探测插件",
"commit_date": "2023-03-09 12:56:21",
"commit_message": "Update README.md",
"release_tag": "v1.4.4",
"release_date": "2023-03-09 12:55:14",
"release_message": "## 更新说明 - v1.4.4\r\n1. 优化代码结构;\r\n2. 修复weblogic弱口令误报bug;\r\n3. 增加otf后缀不扫描规则;\r\n4. 删除asix/happaxis.jsp扫描规则;\r\n5. 增加sql语法错误的页面回显扫描模块,只显示sql错误显示(参数后面增加单引号、双引号、反斜线,去查看有没有SQL错误语句)。\r\n"
},
"https://github.com/zhzyker/exphub": {
"created_at": "2020-04-01 09:33:35",
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"commit_date": "2021-04-04 09:13:57",
"commit_message": "Update readme.md",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/xundididi/Voyager": {
"created_at": "2020-02-04 12:21:18",
"description": "一个安全工具集合平台,用来提高乙方安全人员的工作效率,请勿用于非法项目",
"commit_date": "2020-02-02 01:10:42",
"commit_message": "修改启动方式",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/LangziFun/LangSrcCurise": {
"created_at": "2019-08-23 02:07:53",
"description": "SRC子域名资产监控",
"commit_date": "2021-01-14 04:32:06",
"commit_message": "修改说明文档",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Potato-py/ipInfoSearch": {
"created_at": "2022-09-26 01:49:10",
"description": "ip域名反查、权重查询以及ICP备案查询。便于提交SRC时资产过滤。",
"commit_date": "2023-03-30 05:33:29",
"commit_message": "优化多线程,采用线程池控制最大线程数",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/Vicl1fe/HackTools": {
"created_at": "2022-07-01 03:11:03",
"description": "提高渗透测试效率。#Burp插件##渗透测试##小工具#",
"commit_date": "2023-03-21 05:43:56",
"commit_message": "新增FineReport",
"release_tag": "1.4",
"release_date": "2023-03-17 08:52:34",
"release_message": "新增FindReport、jasypt解密功能"
},
"https://github.com/phith0n/xray-poc-generation": {
"created_at": "2019-07-06 21:45:57",
"description": "🧬 辅助生成 XRay YAML POC",
"commit_date": "2019-08-23 08:21:38",
"commit_message": "add a newline for expression",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/chaitin/xray": {
"created_at": "2019-06-10 07:16:37",
"description": "一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档",
"commit_date": "2023-05-24 10:30:30",
"commit_message": "[fix] readme",
"release_tag": "1.9.11",
"release_date": "2023-05-18 06:49:12",
"release_message": "### 版本介绍\r\n\r\n该版本为 用友NC NCMessageServlet反序列化漏洞 注入漏洞 的应急版本,相较上个版本,除了添加了一个POC外,未改动其他内容。\r\n\r\n### 更新内容\r\n\r\n想要检测该漏洞的师傅,可以使用\r\n\r\n`./xray ws --poc poc-yaml-yongyou-nc-ncmessageservlet-rce --url http://example.com`\r\n\r\n进行检测。\r\n\r\n相关参考链接:[CT stack](https://stack.chaitin.com/techblog/detail?id=92)"
},
"https://github.com/sqlmapproject/sqlmap": {
"created_at": "2012-06-26 09:52:15",
"description": "Automatic SQL injection and database takeover tool",
"commit_date": "2023-05-25 09:27:15",
"commit_message": "add support to leverage CVE-2014-6577 for Oracle DNS data exfiltration (#5410)\n\nCo-authored-by: marvin <marvin@debian-BULLSEYE-live-builder-AMD64>",
"release_tag": "1.7",
"release_date": "2023-01-02 22:32:55",
"release_message": "Stable version 1.7 ([changeset](https://github.com/sqlmapproject/sqlmap/compare/1.6...1.7))"
},
"https://github.com/loecho-sec/ARL-Finger-ADD": {
"created_at": "2021-07-25 09:11:41",
"description": "灯塔(最新版)指纹添加脚本!",
"commit_date": "2021-08-12 09:28:15",
"commit_message": "Update ARL-Finger-ADD.py",
"release_tag": "",
"release_date": "",
"release_message": ""
},
"https://github.com/LittleBear4/OA-EXPTOOL": {
"created_at": "2022-10-13 12:31:21",