Name	Name	Last commit message	Last commit date
Latest commit History 21 Commits
cheatsheets	cheatsheets
images/README	images/README
scripts	scripts
tips	tips
README.md	README.md
README_en.md	README_en.md

Awesome-Redteam

[(Mian Ze Sheng Ming )] Ben Xiang Mu Suo She Ji De Ji Zhu , Si Lu He Gong Ju Jin Gong Xue Xi ,Ren He Ren Bu De Jiang Qi Yong Yu Fei Fa Yong Tu He Ying Li ,Bu De Jiang Qi Yong Yu Fei Shou Quan Shen Tou Ce Shi ,Fou Ze Hou Guo Zi Xing Cheng Dan ,Yu Ben Xiang Mu Wu Guan . Shi Yong Ben Xiang Mu Qian Qing Xian Yue Du Fa Lu Fa Gui .

Disclaimer: The technologies, concepts, and tools provided in this Git repository are intended for educational and research purposes only. Any use for illegal activities, unauthorized penetration testing, or commercial purposes is strictly prohibited. Please read the Awesome-Laws before using this repository.

Yi Ge Gong Fang Zhi Shi Ku . A knowledge base for red teaming and offensive security.

means recommand Tui Jian Shi Yong

Roadmap

Mu Lu Contents

Xiang Mu Dao Hang Project Navigation
- Su Cha Wen Dang CheatSheets
- Yi Xie Dai Ma Scripts
- Gong Fang Zhi Shi Tips
Kai Yuan Dao Hang Open-Source Navigation
- Bian Jie Ma /Jia Jie Mi Cryptography
  - Zai Xian Gong Ju Online Tools
  - Chi Xian Gong Ju Offline Tools
  - Bian Ma /Jie Ma Encode/Decode
  - Zheng Ze Biao Da Shi Regular Expressions
  - Ha Xi Suan Fa Hash Algorithms
  - Gong Yao Mi Ma Suan Fa RSA
  - Guo Mi Suan Fa SM Algorithms
- Wang Luo Kong Jian Ce Hui Cyberspace Search Engine
  - Zong He Gong Ju Nice Tools
  - Wang Ye /Duan Kou Web/Ports
  - Gu Ge Sou Suo Google Hacking
  - Github Sou Suo Github Dork
- Kai Yuan Qing Bao Open-Source Intelligence
  - Zong He Gong Ju Nice Tools
  - Wei Xie Qing Bao Threat Intelligence
  - Lou Dong Pi Lu Disclosed Vulnerabilities
  - Jie Kou Jian Suo API Search
  - Yuan Dai Ma Jian Suo Source Code Search
- Kai Yuan Zi Yuan Open-Source Resources
  - She Qu /Zhi Shi Ku Communities/Knowledge Base
  - Si Wei Dao Tu /Bei Wang Lu Mindmap/Cheat Sheets
  - Jin Gong Xing An Quan Red Teaming and Offensive Security
  - Fang Yu Xing An Quan Blue Teaming and Defensive Security
  - Cao Zuo An Quan Operation Security
  - Shi Zhan Ping Tai Learning and Practice Platforms
Xin Xi Shou Ji Reconnaissance
- Zong He Gong Ju Nice Tools
- IP/Yu Ming /Zi Yu Ming IP/Domain/Subdomain
- Zhi Wen Fingerprint
  - Zhi Wen Ku Fingerprint Collection
  - Zhi Wen Shi Bie Fingerprint Reconnaissance
  - WAF Shi Bie Waf Checks
- Sao Miao /Bao Po Brute Force
  - Sao Miao /Bao Po Gong Ju Brute Force Tools
  - Sao Miao /Bao Po Zi Dian Brute Force Dictionaries
  - Zi Dian Sheng Cheng Generate a Custom Dictionary
  - Mo Ren Kou Ling Cha Xun Default Credentials
- She Hui Gong Cheng Xue Social Engineering
  - Ping Ju Xie Lu Leaked Credentials
  - You Xiang Email
  - Duan Xin SMS Online
  - Diao Yu Phishing
- Yi Dong Duan Mobile
Lou Dong Yan Jiu Vulnerability Research
- Lou Dong Huan Jing Vulnerable Environments
  - Ji Chu Lou Dong Basic Vulnerabilities
  - Zong He Lou Dong Comprehensive Vulnerabilities
  - Gong Kong Huan Jing Vulnerable IoT Environment
  - Yu Huan Jing Vulnerable Active Directory Environment
  - Yun Huan Jing Vulnerable Cloud Environments
  - AI Huan Jing Vulnerable AI Environments
- PoC Proof of Concept
  - PoC/ExP
  - PoC Mo Ban PoC Templates
Lou Dong Li Yong Vulnerability Exploits
- Zong He Gong Ju Nice Tools
- Dai Ma Shen Ji Code Audit
- Xu Lie Hua Serialization
  - Java
- Fan Xu Lie Hua Deserialization
  - Java
  - PHP
- Shu Ju Ku Database
  - Redis
  - MySQL
  - Oracle
  - MSSQL
- Xin Xi Xie Lu Information Disclosure
- CMS/OA Lou Dong CMS/OA
- Zhong Jian Jian /Ying Yong Ceng Middleware/Application
Shen Tou Ce Shi Penetration Testing
- Zong He Gong Ju Nice Tools
- Shen Tou Cha Jian Extensions
  - Chrome
  - Burpsuite
  - Yakit
- Fu Zhu Gong Ju Auxiliary Tools
  - Gong Ju Ji Open-Source Toolkit
  - Dai Wai Tong Dao DNSLog
  - Zhong Duan You Hua Command Line
  - Dai Ma Mei Hua Beautifier
  - Sheng Cheng Qi Generator
- SQL Zhu Ru SQL Injection
- Fang Wen Kong Zhi Access Control
  - 403 Rao Guo Bypass 40X errors
- Kua Zhan Jiao Ben XSS
- Wen Jian Bao Han File Inclusion
- Fu Wu Duan Qing Qiu Wei Zao SSRF
- Yi Dong Duan An Quan Mobile Security
  - Xiao Cheng Xu Mini Program
  - Ying Yong Cheng Xu APK
  - SessionKey Jie Mi SessionKey
- Zai He Yu Rao Guo Payload and Bypass
Nei Wang Shen Tou Red Teaming and Offensive Security
- Ji Chu She Shi Infrastructure
- Xin Xi Shou Ji Reconnaissance
- Ping Zheng Huo Qu Credential Access
  - Ping Zheng Zhuan Chu Credential Dumping
  - Ben Di Mei Ju Local Enumeration
  - Ha Xi Po Jie NTLM Cracking
- Hou Shen Tou Post Exploitation
  - Zong He Gong Ju Nice Tools
  - Er Jin Zhi Ku Binaries and Libraries
- Quan Xian Wei Chi Persistence
  - Nei Cun Ma MemShell
  - Webshell Guan Li Webshell Management
  - Webshell Mian Sha Webshell Bypass
  - Fan Dan Shell Guan Li Reverse Shell Management
- Quan Xian Ti Sheng Privilege Escalation
  - Linux Ben Di Mei Ju Linux Local Enumeration
  - Windows Ben Di Mei Ju Windows Local Enumeration
  - Windows Ti Quan Windows Exploits
  - Linux Ti Quan Linux Exploits
  - Shu Ju Ku Ti Quan Database Exploits
- Fang Yu Gui Bi Defense Evasion
  - Linux Fang Yu Gui Bi Linux Defense Evasion
  - Windows Fang Yu Gui Bi Windows Defense Evasion
- Nei Wang Chuan Tou Proxy
  - Dai Li Ke Hu Duan Proxy Client
  - Dai Li Gong Ju Proxy Tools
  - DNS Sui Dao DNS Tunnel
  - ICMP Sui Dao ICMP Tunnel
  - Duan Kou Zhuan Fa Port Forwarding
- Cao Zuo An Quan Operation Security
Yu Shen Tou Active Directory Penetration
- Yu Nei Xin Xi Shou Ji Collection and Discovery
- Yu Nei Quan Xian Ti Sheng Privilege Escalation
- Yu Nei Lou Dong Li Yong Known Exploited Vulnerabilities
  - MS14-068
  - noPac
  - Zerologon
  - ProxyLogon/ProxyShell
  - ProxyNotShell
  - Printnightmare
- Yu Nei Shen Tou Fang Shi Methodology
  - Coerce and Relay
  - Delegation
  - ADCS
  - ACLs and ACEs
Fang Yu Xing An Quan Blue Teaming and Defensive Security
- Nei Cun Ma Cha Sha Memshell Detection
- Webshell Cha Sha Webshell Detection
- Gong Ji Yan Pan Blue Teaming
- Ji Xian Jia Gu Enforcement
- Ying Ji Xiang Ying Incident Response
- Le Suo Bing Du Ransomware
  - Sou Suo Yin Qing Search Engine
  - Jie Mi Gong Ju Decryption Tools
- Kai Yuan Mi Guan Open-Source Honeypot
- Ni Xiang Gong Cheng Reverse Engineering
  - Zong He Gong Ju Nice Tools
  - Jing Tai Fen Xi Static Analysis
  - Dong Tai Diao Shi Dynamic Analysis
  - Java
  - Mobile
  - Python
  - Rust/Go/.NET
Yun An Quan Cloud Security
- Kai Yuan Zi Yuan Resources
- Yun An Quan Ju Zhen Cloud Threat Matrix
- Yun Fu Wu Cloud Services
  - Yun Guan Ping Tai Management Tools
  - AK/SK Li Yong AK/SK Exploit
- Yun Yuan Sheng Cloud Native
  - Zong He Gong Ju Nice Tools
  - Rong Qi Docker
  - Ji Qun Kubernetes
AI An Quan AI Security
- Kai Yuan Zi Yuan Resources
- Mo Xing Bang Dan Yu Ping Ce Model Rankings & Evaluation Platforms
- An Quan Wei Lan Yu Jia Gu AI Agent Security & Guardrails
- Gong Fang Zi Dong Hua AI-Powered Red Teaming & Offensive Automation
- Agent Skills Gong Cheng Agent Skills
Ti Gao Sheng Chan Li De Fu Zhu Gong Ju
- LLM
  - Kai Yuan Zi Yuan Open-Source Resources
  - Bian Pai Kuang Jia orchestration framework
  - Ti Shi Ci Prompts
  - Bu Shu Deployment
Ti Gao Sheng Chan Li De Shi Yong Zi Shi
- Ru He Kuai Su Shi Yong alias
- Ru He You Hua Yuan Sheng Zhong Duan
- Ru He Jie Jue Zhong Duan Zhong Wen Luan Ma

Xiang Mu Dao Hang Project Navigation

Su Cha Wen Dang CheatSheets

Chuo Zhe Li Click Here

DefaultCreds-Cheat-Sheet.csv Huawei-iBMC-DefaultCreds.csv Huawei-Product-Cheat-Sheet.csv WeakPassword-Cheat-Sheet.csv An Quan Han Shang Ji Guan Wang Lian Jie Su Cha .txt

Yi Xie Dai Ma Scripts

Chuo Zhe Li Click Here

ShellcodeWrapper: ShellcodeJia Mi AntivirusScanner: Sha Ruan Jin Cheng Jian Ce Jiao Ben runtime-exec-payloads.html: java.lang.Runtime.exec() PayloadsSheng Cheng Ascii2Char: ASCIIMa He Zi Fu Hu Xiang Zhuan Huan Jiao Ben Xiu Gai webshellWen Jian Ming Mi Ma Weakpass_Generator: Zai Xian Ruo Mi Ma Sheng Cheng Gong Ju Yi Hua Ban Godzilla_Decryptor: Ge Si La Liu Liang Jie Mi Behinder4_Key_Bruteforce: Bing He 4Mi Yao Bao Po Flask_Session_Decryptor: Flask sessionZhu Ru Jie Mi

Gong Fang Zhi Shi Tips

Chuo Zhe Li Click Here

Xin Xi Shou Ji -Min Gan Xin Xi Shou Ji Nei Wang Shen Tou -Mian Sha Nei Wang Shen Tou -Yin Cang Nei Wang Shen Tou -Pentesting AD Mindmap An Quan Jia Gou -Wang Luo Gong Ji Yu Fang Yu Tu Pu Ping Tai Da Jian -DNS Log Liu Liang Fen Xi -CobaltStrike Liu Liang Fen Xi -Webshell She Hui Gong Cheng Xue -Diao Yu You Jian Zhu Ti Hui Zong Ni Xiang Fen Xi -Wei Xin Xiao Cheng Xu Fan Bian Yi

Kai Yuan Dao Hang Open-Source Navigation

Bian Jie Ma /Jia Jie Mi Cryptography

Zai Xian Gong Ju Online Tools

Chi Xian Gong Ju Offline Tools

Bian Ma /Jie Ma Encode/Decode

http://code.mcdvisa.com/ Biao Zhun Zhong Wen Dian Ma
https://www.compart.com/en/unicode/ Mo Guo Ma
http://web.chacuo.net/charsetuuencode UU Bian Ma
https://tool.chinaz.com/tools/escape.aspx Zhuan Yi /Fan Zhuan Yi
https://zh.rakko.tools/tools/21/ HTML Shi Ti Bian Ma

Zheng Ze Biao Da Shi Regular Expressions

Ha Xi Suan Fa Hash Algorithms

Gong Yao Mi Ma Suan Fa RSA

https://www.ssleye.com/ssltool/
https://www.lddgo.net/en/encrypt/rsa Zhi Chi .pem Ge Shi

Guo Mi Suan Fa SM Algorithms

hutool-crypto: https://github.com/dromara/hutool hutool-crypto Mo Kuai ,Ti Gong Dui Cheng , Fei Dui Cheng He Zhai Yao Suan Fa Feng Zhuang
GmSSL: https://github.com/guanzhi/GmSSL SM2/SM3/SM4/SM9/SSL
gmssl-python: https://github.com/gongxian-ding/gmssl-python SM2/SM3/SM4/SM9
SM4: https://www.toolhelper.cn/SymmetricEncryption/SM4

Wang Luo Kong Jian Ce Hui Cyberspace Search Engine

Zong He Gong Ju Nice Tools

Wang Ye /Duan Kou Web/Ports

Wayback Machine: https://web.archive.org/ Li Shi Wang Ye Cun Dang
VisualPing: https://visualping.io/ Wang Zhan Bian Geng Jian Kong
Dark Web Exposure: https://www.immuniweb.com/darkweb/
SG TCP/IP: https://www.speedguide.net/ports.php Duan Kou Shu Ju Ku

Gu Ge Sou Suo Google Hacking

https://www.exploit-db.com/google-hacking-database Google Hacking Shu Ju Ku
https://github.com/cipher387/Dorks-collections-list Google Hacking Shu Ju Ku
https://cxsecurity.com/dorks/ Google Hacking Shu Ju Ku
https://dorks.faisalahmed.me/ Google Hacking Zai Xian Gong Ju
https://pentest-tools.com/information-gathering/google-hacking Google Hacking Zai Xian Gong Ju
http://advangle.com/ Google Hacking Zai Xian Gong Ju
https://0iq.me/gip/ Google Hacking Zai Xian Gong Ju
https://github.com/obheda12/GitDorker Google Hacking Ming Ling Xing Gong Ju
https://github.com/six2dez/dorks_hunter Google Hacking Ming Ling Xing Gong Ju
https://github.com/Pa55w0rd/google-hacking-assistant Chrome Kuo Zhan Cheng Xu

Github Sou Suo Github Dork

https://github.com/search/advanced Github Dork
https://github.com/obheda12/GitDorker Github Dork
https://github.com/damit5/gitdorks_go Github Dork

Kai Yuan Qing Bao Open-Source Intelligence

Zong He Gong Ju Nice Tools

OSINT Resource List: https://start.me/p/rx6Qj8/nixintel-s-osint-resource-list
OSINT Framework: https://osintframework.com/
OSINT Handbook: https://i-intelligence.eu/uploads/public-documents/OSINT_Handbook_2020.pdf

Wei Xie Qing Bao Threat Intelligence

Virustotal: https://www.virustotal.com/
Teng Xun Ha Bo Fen Xi Xi Tong : https://habo.qq.com/tool/index
Wei Bu Zai Xian Wei Xie Qing Bao : https://x.threatbook.com/
Qi An Xin Wei Xie Qing Bao : https://ti.qianxin.com/
360 Wei Xie Qing Bao : https://ti.360.net/
Wang Luo An Quan Wei Xie Xin Xi Gong Xiang Ping Tai : https://share.anva.org.cn/web/publicity/listPhishing
An Heng Wei Xie Qing Bao : https://ti.dbappsecurity.com.cn/
Huo Xian An Quan Ping Tai : https://www.huoxian.cn
Zhi Dao Chuang Yu Hei Ke Xin Wen Liu : https://hackernews.cc/
SecWiki An Quan Xin Xi Liu : https://www.sec-wiki.com/

Lou Dong Pi Lu Disclosed Vulnerabilities

Guo Jia Xin Xi An Quan Lou Dong Ku : https://www.cnnvd.org.cn/
Guo Jia Hu Lian Wang Ying Ji Zhong Xin : https://www.cert.org.cn/
360 Wang Luo An Quan Xiang Ying Zhong Xin : https://cert.360.cn/
Zhi Dao Chuang Yu Lou Dong Ku : https://www.seebug.org/
Chang Ting Lou Dong Ku : https://stack.chaitin.com/vuldb/
A Li Yun Lou Dong Ku : https://avd.aliyun.com/high-risk/list
PeiQi Lou Dong Ku : https://peiqi.wgpsec.org/
Hackerone: https://www.hackerone.com/
CVE: https://cve.mitre.org/
National Vulnerability Database: https://nvd.nist.gov/
Vulnerability & Exploit Database: https://www.rapid7.com/db/
Packet Storm's file archive: https://packetstormsecurity.com/files/tags/exploit
Shodan: https://cvedb.shodan.io/cves Shi Shi Geng Xin CVE Lou Dong Xin Xi curl https://cvedb.shodan.io/cves | jq '[.cves[] | select(.cvss > 8)]'
CVEShield: https://www.cveshield.com/ Zui Xin Re Men Lou Dong

Jie Kou Jian Suo API Search

https://www.postman.com/explore/ Gong Gong API
https://rapidapi.com/ Gong Gong API
https://serene-agnesi-57a014.netlify.app/ Fa Xian API keys

Yuan Dai Ma Jian Suo Source Code Search

Kai Yuan Zi Yuan Open-Source Resources

She Qu /Zhi Shi Ku Communities/Knowledge Base

Xian Zhi She Qu : https://xz.aliyun.com/
Infocon: https://infocon.org/
ffffffff0x An Quan Zhi Shi Kuang Jia : https://github.com/ffffffff0x/1earn
Lang Zu Gong Kai Zhi Shi Ku : https://wiki.wgpsec.org/
Mitre ATT&CK matrices: https://attack.mitre.org/matrices/enterprise
Mitre ATT&CK techniques: http://attack.mitre.org/techniques/enterprise/
Hacking Articles: https://www.hackingarticles.in/
PostSwigger Blog: https://portswigger.net/blog
InGuardians Labs Blog: https://www.inguardians.com/
Pentest Workflow: https://pentest.mxhx.org/
Pentest Cheatsheet: https://pentestbook.six2dez.com/

Si Wei Dao Tu /Bei Wang Lu Mindmap/Cheat Sheets

https://cheatsheets.zip/ Kai Fa Zhe Su Cha Biao
https://learnxinyminutes.com/ Bian Cheng /Gong Ju /Ming Ling /Cao Zuo Xi Tong /Kuai Jie Jian Su Cha Biao
https://github.com/Ignitetechnologies/Mindmap/ Wang Luo An Quan Si Wei Dao Tu
https://html5sec.org/ HTML5 An Quan Su Cha Biao
https://orange-cyberdefense.github.io/ocd-mindmaps/img/mindmap_ad_dark_classic_2025.03.excalidraw.svg Yu Gong Fang Si Wei Dao Tu
https://github.com/WADComs/WADComs.github.io Windows/Yu Su Cha Biao

Jin Gong Xing An Quan Red Teaming and Offensive Security

Mac M1 Shi Yong Vulnhub Deng ova Ge Shi Jing Xiang ,Xu Yao Jiang ova Ge Shi Zhuan Wei qcow2,Zai Tong Guo UTM Yun Xing :

Xin Xi Shou Ji Reconnaissance

Zong He Gong Ju Nice Tools

AlliN: https://github.com/P1-Team/AlliN
fscan: https://github.com/shadow1ng/fscan
qscan: https://github.com/qi4L/qscan
TscanPlus: https://github.com/TideSec/TscanPlus
dddd: https://github.com/SleepingBag945/dddd
kscan: https://github.com/lcvvvv/kscan
Kunyu: https://github.com/knownsec/Kunyu
OneForAll: https://github.com/shmilylty/OneForAll
ShuiZe: https://github.com/0x727/ShuiZe_0x727
FofaX: https://github.com/xiecat/fofax
Fofa Viewer: https://github.com/wgpsec/fofa_viewer
ENScan_GO: https://github.com/wgpsec/ENScan_GO
Amass: https://github.com/owasp-amass/amass
ApolloScanner: https://github.com/b0bac/ApolloScanner

IP/Yu Ming /Zi Yu Ming IP/Domain/Subdomain

IP:
Multi Ping:
IP to Domain:
Whois:
DNS:
ASN:
TLS/SSL Zheng Shu :
- https://censys.io
- https://crt.sh

Zhi Wen Fingerprint

Zhi Wen Ku Fingerprint Collection

Zhi Wen Shi Bie Fingerprint Reconnaissance

WAF Shi Bie Waf Checks

Sao Miao /Bao Po Brute Force

Sao Miao /Bao Po Gong Ju Brute Force Tools

Port:
- https://github.com/antirez/hping
Subdomain:
- https://github.com/projectdiscovery/subfinder
- https://github.com/knownsec/ksubdomain
Web:
Directory:
Password:
- https://github.com/vanhauser-thc/thc-hydra
- https://github.com/galkan/crowbar Zhi Chi sshkey He openvpn
- https://github.com/evilsocket/legba/
Hash Po Jie :
- https://github.com/openwall/john
- https://github.com/hashcat/hashcat
- https://hashcat.net/wiki/doku.php?id=example_hashes hashcat Shi Li
- https://github.com/HashPals/Name-That-Hash Ha Xi Lei Xing Shi Bie
- https://github.com/noraj/haiti Ha Xi Lei Xing Shi Bie
Json web token (JWT):

Sao Miao /Bao Po Zi Dian Brute Force Dictionaries

Zi Dian Sheng Cheng Generate a Custom Dictionary

Online:
- Generate wordlists: https://weakpass.com/generate
- Generate subdomains and wordlists: https://weakpass.com/generate/domains
- Yi Zi Zhuan Pin Yin : https://www.aies.cn/pinyin.htm
- Mi Ma Cai Jie : https://www.hacked.com.cn/pass.html
Private Deployment:
- Generate wordlists(offline): https://github.com/zzzteph/weakpass
- Generate subdomains and wordlists(offline): https://github.com/zzzteph/probable_subdomains
Offline:
- pydictor: https://github.com/LandGrey/pydictor/
- crunch:
  - Kali/Linux: https://sourceforge.net/projects/crunch-wordlist
  - Windows: https://github.com/shadwork/Windows-Crunch

Mo Ren Kou Ling Cha Xun Default Credentials

Default Credentials Cheat Sheet: https://github.com/ihebski/DefaultCreds-cheat-sheet 3468 Tiao Mo Ren Kou Ling
datarecovery: https://datarecovery.com/rd/default-passwords/ online
cirt.net: https://cirt.net/passwords online
Online Router Passwords:

She Hui Gong Cheng Xue Social Engineering

Ping Ju Xie Lu Leaked Credentials

You Xiang Email

Temporary Email:
Snov.io: https://app.snov.io
Phonebook: Tong Shi Zhi Chi Zi Yu Ming He URL https://phonebook.cz
Skymem: https://www.skymem.info
Hunter: https://hunter.io
email-format: https://www.email-format.com/i/search/
Sou You Xiang : https://souyouxiang.com/find-contact/
theHarvester: Tong Shi Zhi Chi Zi Yu Ming Cha Xun https://github.com/laramies/theHarvester
Verify emails: https://tools.emailhippo.com/
Accounts registered by email: https://emailrep.io/

Duan Xin SMS Online

Diao Yu Phishing

gophish: https://github.com/gophish/gophish Kai Yuan Diao Yu Gong Ju Bao
SpoofWeb: https://github.com/5icorgi/SpoofWeb Bu Shu Diao Yu Wang Zhan

Yi Dong Duan Mobile

Lou Dong Yan Jiu Vulnerability Research

Lou Dong Huan Jing Vulnerable Environments

Ji Chu Lou Dong Basic Vulnerabilities

Sqli-labs: https://github.com/Audi-1/sqli-labs
Upload-labs: https://github.com/c0ny1/upload-labs
Xss-labs: https://github.com/do0dl3/xss-labs
DVWA: https://github.com/digininja/DVWA
WebGoat: https://github.com/WebGoat/WebGoat
encrypt-labs: https://github.com/SwagXz/encrypt-labs AES/DES/RSA

Zong He Lou Dong Comprehensive Vulnerabilities

Vulhub: https://vulhub.org/
PortSwigger Web Security Academy: https://portswigger.net/web-security
OWASP Top10: https://owasp.org/www-project-juice-shop/
Vulstudy: https://github.com/c0ny1/vulstudy Ji Yu Docker De 17 Ge Lou Dong Ping Tai
Vulfocus: https://github.com/fofapro/vulfocus
FastJsonParty: https://github.com/lemono0/FastJsonParty

Gong Kong Huan Jing Vulnerable IoT Environment

IoT-vulhub: https://github.com/firmianay/IoT-vulhub

Yu Huan Jing Vulnerable Active Directory Environment

Game of active directory: https://github.com/Orange-Cyberdefense/GOAD
BadBlood: https://github.com/davidprowe/BadBlood Chuang Jian Ni Zi Ji De Shi Li Active Directory Huan Jing

Yun Huan Jing Vulnerable Cloud Environments

Awesome-CloudSec-Labs: https://github.com/iknowjason/Awesome-CloudSec-Labs
K8s Lan Party: https://www.k8slanparty.com/
badPods: https://github.com/BishopFox/badPods
Metarget: https://github.com/Metarget/metarget
TerraformGoat: https://github.com/HXSecurity/TerraformGoat
Kubernetes Goat: https://github.com/madhuakula/kubernetes-goat
Attack Defense: https://attackdefense.pentesteracademy.com/listing?labtype=cloud-services&subtype=cloud-services-amazon-s3
AWSGoat: https://github.com/ine-labs/AWSGoat
CloudGoat: https://github.com/RhinoSecurityLabs/cloudgoat

AI Huan Jing Vulnerable AI Environments

AI prompt injection challenge: https://gandalf.lakera.ai/baseline

PoC Proof of Concept

Be careful Malware,POC Ku Zui Xin De CVE Ke Neng Cun Zai Tou Du Feng Xian .

PoC/ExP

https://github.com/wy876/POC
https://github.com/lal0ne/vulnerability
https://github.com/DawnFlame/POChouse
https://github.com/coffeehb/Some-PoC-oR-ExP
https://github.com/luck-ying/Library-POC
https://github.com/Mr-xn/Penetration_Testing_POC
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/ycdxsb/PocOrExp_in_Github
https://github.com/helloexp/0day
https://github.com/trickest/cve
https://sploitus.com/ Ben Zhou Lou Dong Li Yong Ji He
https://www.exploit-db.com/ Pei He searchsploit Shi Yong

PoC Mo Ban PoC Templates

Lou Dong Li Yong Vulnerability Exploits

Zong He Gong Ju Nice Tools

Dai Ma Shen Ji Code Audit

tabby: https://github.com/wh1t3p1g/tabby

Xu Lie Hua Serialization

Java

https://github.com/phith0n/zkar

Fan Xu Lie Hua Deserialization

Java

PHP

https://github.com/ambionics/phpggc PHP Fan Xu Lie Hua Lou Dong Li Yong Zai He

Shu Ju Ku Database

Redis

MySQL

https://github.com/SafeGroceryStore/MDUT Duo Shu Ju Ku Li Yong Gong Ju
https://github.com/4ra1n/mysql-fake-server
https://github.com/dushixiang/evil-mysql-server
https://github.com/fnmsd/MySQL_Fake_Server

Oracle

odat: https://github.com/quentinhardy/odat Yuan Cheng Dai Ma Zhi Xing
sqlplus: https://www.oracle.com/database/technologies/instant-client/linux-x86-64-downloads.html Yi sysdba Shen Fen Zhi Xing

MSSQL

Xin Xi Xie Lu Information Disclosure

trufflehog: https://github.com/trufflesecurity/trufflehog Fa Xian , Yan Zheng Bing Fen Xi Xie Lu De Ping Ju
git-dumper: https://github.com/arthaud/git-dumper
gitleaks: https://github.com/gitleaks/gitleaks
dvcs-ripper: https://github.com/kost/dvcs-ripper .svn, .hg, .cvs Xin Xi Xie Lu
ds_store_exp: https://github.com/lijiejie/ds_store_exp .DS_Store Xin Xi Xie Lu
Hawkeye: https://github.com/0xbug/Hawkeye GitHub Min Gan Xin Xi Xie Lu Jian Kong Pa Chong

CMS/OA Lou Dong CMS/OA

TongdaScan_go https://github.com/Fu5r0dah/TongdaScan_go
Apt_t00ls: https://github.com/White-hua/Apt_t00ls
OA-EXPTOOL: https://github.com/LittleBear4/OA-EXPTOOL
DecryptTools: https://github.com/wafinfo/DecryptTools 22 Chong Jia Jie Mi
ncDecode: https://github.com/1amfine2333/ncDecode Yong You NC Jie Mi
PassDecode-jar: https://github.com/Rvn0xsy/PassDecode-jar Fan Ruan /Zhi Yuan Jie Mi
ezOFFICE_Decrypt: https://github.com/wafinfo/ezOFFICE_Decrypt Mo Hu Jie Mi
LandrayDES: https://github.com/zhutougg/LandrayDES Lan Ling OA Jie Mi

Zhong Jian Jian /Ying Yong Ceng Middleware/Application

Confluence

ConfluenceMemshell: https://github.com/Lotus6/ConfluenceMemshell
CVE-2022-26134 Memshell: https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL
CVE-2023-22527 Memshell: https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL

Druid

DruidCrack: https://github.com/rabbitmask/DruidCrack
druid_sessions: https://github.com/yuyan-sec/druid_sessions

Fastjson

fastjson-exp: https://github.com/amaz1ngday/fastjson-exp

GitLab

CVE-2021-22205: https://github.com/Al1ex/CVE-2021-22205/

Nacos

NacosRce: https://github.com/c0olw/NacosRce/
nacosleak: https://github.com/a1phaboy/nacosleak
nacosScan:https://github.com/Whoopsunix/nacosScan
NacosExploitGUI: https://github.com/charonlight/NacosExploitGUI

Nps

nps-auth-bypass: https://github.com/carr0t2/nps-auth-bypass

Java

jdwp-shellifier: python2 https://github.com/IOActive/jdwp-shellifier
jdwp-shellifier: https://github.com/Lz1y/jdwp-shellifier
jascypt encryption & decryption: https://www.devglan.com/online-tools/jasypt-online-encryption-decryption Jasypt Jia Jie Mi Gong Ju

Shiro

Shiro rememberMe Decrypt: https://vulsee.com/tools/shiroDe/shiroDecrypt.html
shiro_attack: https://github.com/j1anFen/shiro_attack
shiro_rce_tool: https://github.com/wyzxxz/shiro_rce_tool
ShiroExploit: https://github.com/feihong-cs/ShiroExploit-Deprecated
ShiroExp: https://github.com/safe6Sec/ShiroExp
shiro_key: https://github.com/yanm1e/shiro_key 1000+ key

Struts

Struts2VulsTools: https://github.com/shack2/Struts2VulsTools

Spring Boot

SpringBoot-Scan: https://github.com/AabyssZG/SpringBoot-Scan
SpringBootVulExploit: https://github.com/LandGrey/SpringBootVulExploit
CVE-2022-22963 https://github.com/mamba-2021/EXP-POC/tree/main/Spring-cloud-function-SpEL-RCE
CVE-2022-22947/CVE-2022-22963: https://github.com/savior-only/Spring_All_Reachable
swagger-exp: https://github.com/lijiejie/swagger-exp
heapdump_tool: https://github.com/wyzxxz/heapdump_tool
Memory Analyzer: https://eclipse.dev/mat/download/
JDumpSpider:https://github.com/whwlsfb/JDumpSpider

Tomcat

CVE-2020-1938: https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi
ClassHound: https://github.com/LandGrey/ClassHound

Thinkphp

ThinkphpGUI: https://github.com/Lotus6/ThinkphpGUI
thinkphp_gui_tools: https://github.com/bewhale/thinkphp_gui_tools

Weblogic

WeblogicTool: https://github.com/KimJun1010/WeblogicTool
WeblogicScan: https://github.com/dr0op/WeblogicScan
WeblogicScan: https://github.com/rabbitmask/WeblogicScan
weblogicScanner: https://github.com/0xn0ne/weblogicScanner
weblogic-framework: https://github.com/sv3nbeast/weblogic-framework
CVE-2020-14882: https://github.com/zhzyker/exphub/blob/master/weblogic/cve-2020-14882_rce.py

WebSocket

wscat: https://github.com/websockets/wscat

vCenter

VcenterKiller: https://github.com/Schira4396/VcenterKiller
VcenterKit:https://github.com/W01fh4cker/VcenterKit
vcenter_saml_login: https://github.com/horizon3ai/vcenter_saml_login Ti Qu Shen Fen Ti Gong Shang (IdP)Zheng Shu

Zookeeper

ZooInspector: https://issues.apache.org/jira/secure/attachment/12436620/ZooInspector.zip
apache-zookeeper: https://archive.apache.org/dist/zookeeper/zookeeper-3.5.6/ zkCli.sh Ming Ling Xing Gong Ju

Shen Tou Ce Shi Penetration Testing

Zong He Gong Ju Nice Tools

Yakit: https://github.com/yaklang/yakit
Burpsuite: https://portswigger.net/burp

Shen Tou Cha Jian Extensions

Chrome

ZeroOmega: https://github.com/zero-peak/ZeroOmega Gua Pei manifest v3 De proxy switchyOmega
serp-analyzer: https://leadscloud.github.io/serp-analyzer/ Xian Shi Yu Ming /IP
FindSomething: https://github.com/ResidualLaugh/FindSomething Zai Yuan Dai Ma Huo javascript Zhong Cha Zhao Nei Rong
Hack Bar:https://github.com/0140454/hackbar
Wappalyzer: https://www.wappalyzer.com/ Shi Bie Wang Zhan Shi Yong De Ji Zhu Zhan
EditThisCookie:https://www.editthiscookie.com/
Cookie-Editor:https://github.com/Moustachauve/cookie-editor
Disable JavaScript: https://github.com/dpacassi/disable-javascript
Heimdallr: https://github.com/Ghr07h/Heimdallr Mi Guan Jian Ce Gong Ju
anti-honeypot:https://github.com/cnrstar/anti-honeypot Mi Guan Jian Ce Gong Ju
immersive-translate: https://github.com/immersive-translate/immersive-translate/ Fan Yi Gong Ju
relingo: https://cn.relingo.net/en/ Fan Yi Gong Ju
json-formatter: https://github.com/callumlocke/json-formatter
markdown-viewer: https://github.com/simov/markdown-viewer

Burpsuite

HaE: https://github.com/gh0stkey/HaE Gao Liang He Ti Qu Gong Ju
Log4j2Scan: https://github.com/whwlsfb/Log4j2Scan Log4j Lou Dong Sao Miao Gong Ju
RouteVulScan: https://github.com/F6JO/RouteVulScan Lu You Lou Dong Sao Miao Gong Ju
BurpCrypto: https://github.com/whwlsfb/BurpCrypto Zhi Chi AES/RSA/DES/ExecJs Jia Mi Jie Mi
domain hunter: https://github.com/bit4woo/domain_hunter_pro Yu Ming Shou Ji Gong Ju
BurpAppletPentester: https://github.com/mrknow001/BurpAppletPentester sessionkey Jie Mi Gong Ju

Yakit

HaeToYakit: https://github.com/youmulijiang/HaeToYakit

Fu Zhu Gong Ju Auxiliary Tools

Gong Ju Ji Open-Source Toolkit

Dai Wai Tong Dao DNSLog

dig.pm: https://dig.pm/
ceye.io: http://ceye.io/
dnslog.cn: http://dnslog.cn/
Alphalog: dns/http/rmi/ldap https://github.com/AlphabugX/Alphalog
DNS rebinding: https://lock.cmpxchg8b.com/rebinder.html
DNSLog-GO: https://github.com/lanyi1998/DNSlog-GO

Zhong Duan You Hua Command Line

https://github.com/ohmyzsh/ohmyzsh zsh Ming Ling Xing Zeng Qiang Gong Ju
https://github.com/chrisant996/clink cmd.exe Ming Ling Xing Zeng Qiang Gong Ju
https://github.com/hanslub42/rlwrap readline Bao Zhuang Qi
https://github.com/Eugeny/tabby Gua Yong Yu Windows De Zhong Duan Gong Ju
https://github.com/warpdotdev/Warp Gua Yong Yu Mac De Zhong Duan Gong Ju
https://github.com/zellij-org/zellij Zhong Duan Fu Yong Qi
https://github.com/tmux Zhong Duan Fu Yong Qi
https://github.com/tomnomnom/anew Xiang Wen Jian Tian Jia Xin Xing Bing Tiao Guo Zhong Fu Xiang De Gong Ju
https://github.com/jlevy/the-art-of-command-line
Linux command line:
- https://github.com/jaywcjlove/linux-command Zai Xian Cha Xun Gong Ju
- https://github.com/chenjiandongx/pls go Ban Ben
- https://github.com/chenjiandongx/how python Ban Ben
https://explainshell.com/ Jie Shi shell Ming Ling Han Yi
https://github.com/BurntSushi/ripgrep Mian Xiang Xing De Sou Suo Gong Ju (Su Du Geng Kuai )

Dai Ma Mei Hua Beautifier

Sheng Cheng Qi Generator

revshells: https://www.revshells.com/
reverse-shell: https://forum.ywhack.com/reverse-shell/
reverse-shell-generator: https://tex2e.github.io/reverse-shell-generator/index.html
reverse-shell-generator: https://github.com/0dayCTF/reverse-shell-generator
File-Download-Generator: https://github.com/r0eXpeR/File-Download-Generator

SQL Zhu Ru SQL Injection

Fang Wen Kong Zhi Access Control

403 Rao Guo Bypass 40X errors

Kua Zhan Jiao Ben XSS

XSS Chop: https://xsschop.chaitin.cn/demo/
XSS/CSRF: https://evilcos.me/lab/xssor/

Wen Jian Bao Han File Inclusion

Fu Wu Duan Qing Qiu Wei Zao SSRF

https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet
https://github.com/tarunkant/Gopherus Gua Yong Yu py2 De Gopherus Gong Ju
https://github.com/Esonhugh/Gopherus3 Gua Yong Yu py3 De Gopherus Gong Ju

Yi Dong Duan An Quan Mobile Security

Xiao Cheng Xu Mini Program

~~[wxappUnpacker: https://github.com/xuedingmiaojun/wxappUnpacker]~~
https://github.com/Cherrison/CrackMinApp
https://github.com/mrknow001/API-Explorer ak/sk Huo Qu Gong Ju
https://github.com/eeeeeeeeee-code/e0e1-wx
https://github.com/wux1an/wxapkg

Ying Yong Cheng Xu APK

SessionKey Jie Mi SessionKey

https://github.com/mrknow001/wx_sessionkey_decrypt

Zai He Yu Rao Guo Payload and Bypass

PayloadsAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings
IP to Decimal: https://www.browserling.com/tools/ip-to-dec IP Zhuan Shi Jin Zhi (127.0.0.1 >>> 2130706433)
java.lang.Runtime.exec() Payload: https://payloads.net/Runtime.exec/
PHPFuck: https://github.com/splitline/PHPFuck
JSFuck: http://www.jsfuck.com/
JavaScript Deobfuscator and Unpacker: https://lelinhtinh.github.io/de4js/ JavaScript Fan Hun Yao He Jie Bao Gong Ju
CVE-2021-44228-PoC-log4j-bypass-words: https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words

Nei Wang Shen Tou Red Teaming and Offensive Security

Ji Chu She Shi Infrastructure

f8x: https://github.com/ffffffff0x/f8x Hong Dui /Lan Dui Huan Jing Zi Dong Hua Bu Shu Gong Ju
openvpn-install: https://github.com/hwdsl2/openvpn-install OpenVPN Fu Wu Qi An Zhuang Jiao Ben
cloudreve: https://github.com/cloudreve/Cloudreve Zhi Chi Duo Yun De Zi Jian Wen Jian Guan Li Xi Tong
updog: https://github.com/sc0tfree/updog Tong Guo HTTP/S Shang Chuan Xia Zai Wen Jian
mattermost: https://github.com/mattermost/mattermost
rocketchat: https://github.com/RocketChat/Rocket.Chat
codimd: https://github.com/hackmdio/codimd
hedgedoc: https://github.com/hedgedoc/hedgedoc

Xin Xi Shou Ji Reconnaissance

SharpHunter: https://github.com/lintstar/SharpHunter Zi Dong Hua Zhu Ji Xin Xi Sou Ji Gong Ju
netspy: https://github.com/shmilylty/netspy Nei Wang Wang Duan Tan Ce
SharpHostInfo: https://github.com/shmilylty/SharpHostInfo
SharpScan: https://github.com/INotGreen/SharpScan
smbmap: https://github.com/ShawnDEvans/smbmap SMB Mei Ju

Ping Zheng Huo Qu Credential Access

Ping Zheng Zhuan Chu Credential Dumping

LaZagne: https://github.com/AlessandroZ/LaZagne
WirelessKeyView: https://www.nirsoft.net/utils/wireless_key.html
Windows credential manager: https://www.nirsoft.net/utils/credentials_file_view.html
Pillager: https://github.com/qwqdanchun/Pillager/
searchall: https://github.com/Naturehi666/searchall
pypykatz: https://github.com/skelsec/pypykatz Chun Python Shi Xian De mimikatz
regsecrets & dpapidump: fortra/impacket#1898 Yi Zai Windows 11 He Server 2022 Ce Shi Wu Wen Ti
DonPAPI: https://github.com/login-securite/DonPAPI
SharpDPAPI: https://github.com/GhostPack/SharpDPAPI
dploot: https://github.com/zblurx/dploot DPAPI
PPLdump: https://github.com/itm4n/PPLdump Shou Bao Hu Jin Cheng LSASS Du Qu
lsassy: https://github.com/login-securite/lsassy

Ben Di Mei Ju Local Enumeration

HackBrowserData: https://github.com/moonD4rk/HackBrowserData
BrowserGhost: https://github.com/QAX-A-Team/BrowserGhost
chrome: http://www.nirsoft.net/utils/chromepass.html
firefox: https://github.com/unode/firefox_decrypt
foxmail: https://securityxploded.com/foxmail-password-decryptor.php
mobaxterm: https://github.com/HyperSine/how-does-MobaXterm-encrypt-password
navicat: https://github.com/Zhuoyuan1/navicat_password_decrypt
navicat: https://github.com/HyperSine/how-does-navicat-encrypt-password
sunflower: https://github.com/wafinfo/Sunflower_get_Password
FindToDeskPass: https://github.com/yangliukk/FindToDeskPass
sundeskQ: sunflower & todesk https://github.com/milu001/sundeskQ
securreCRT: https://github.com/depau/shcrt
xshell:
- https://github.com/HyperSine/how-does-Xmanager-encrypt-password Ban Ben < 7.0
- https://github.com/RowTeam/SharpDecryptPwd Ben Di Jie Mi
- https://github.com/JDArmy/SharpXDecrypt

Ha Xi Po Jie NTLM Cracking

NetNTLMv1: https://ntlmv1.com/ Zai Xian Po Jie
LM + NTLM hashes and corresponding plaintext passwords:
- https://openwall.info/wiki/_media/john/pw-fake-nt.gz 3107
- https://openwall.info/wiki/_media/john/pw-fake-nt100k.gz 100k

Hou Shen Tou Post Exploitation

Zong He Gong Ju Nice Tools

https://github.com/rapid7/metasploit-framework
https://github.com/byt3bl33d3r/CrackMapExec
https://github.com/Pennyw0rth/NetExec
https://github.com/fortra/impacket
https://github.com/ghost-ng/slinger Qing Liang Ji impacket Ming Ling Xing Gong Ju ,Dan Hui Hua Zheng He Duo Chong Shi Yong Gong Neng
https://github.com/XiaoliChan/wmiexec-Pro Ji Yu wmiexec.py De Mian Sha Zhi Xing
https://docs.microsoft.com/en-us/sysinternals/downloads/pstools
https://github.com/GhostPack/Rubeus
https://github.com/Kevin-Robertson/Powermad
https://github.com/PowerShellMafia/PowerSploit
https://github.com/k8gege/Ladon
https://github.com/samratashok/nishang PowerShell Zhuan Yong
Cobaltstrike Extensions:
- Awesome CobaltStrike: https://github.com/zer0yu/Awesome-CobaltStrike
- Erebus: https://github.com/DeEpinGh0st/Erebus
- LSTAR: https://github.com/lintstar/LSTAR
- ElevateKit: https://github.com/rsmudge/ElevateKit
- C2ReverseProxy: https://github.com/Daybr4ak/C2ReverseProxy
- pystinger: https://github.com/FunnyWolf/pystinger

Er Jin Zhi Ku Binaries and Libraries

LOLBAS: https://github.com/LOLBAS-Project/LOLBAS-Project.github.io Windows Zi Dai Er Jin Zhi Yu Jiao Ben
GTFOBins: https://github.com/GTFOBins/GTFOBins.github.io Unix Er Jin Zhi Li Yong

Quan Xian Wei Chi Persistence

Nei Cun Ma MemShell

Webshell Guan Li Webshell Management

Webshell Mian Sha Webshell Bypass

Fan Dan Shell Guan Li Reverse Shell Management

https://github.com/WangYihang/Platypus
https://github.com/calebstewart/pwncat Python 3.9+

Quan Xian Ti Sheng Privilege Escalation

Linux Ben Di Mei Ju Linux Local Enumeration

Windows Ben Di Mei Ju Windows Local Enumeration

Windows Ti Quan Windows Exploits

Linux Ti Quan Linux Exploits

Shu Ju Ku Ti Quan Database Exploits

https://github.com/Hel10-Web/Databasetools

Fang Yu Gui Bi Defense Evasion

Linux Fang Yu Gui Bi Linux Defense Evasion

libprocesshider: https://github.com/gianlucaborello/libprocesshider Shi Yong ld Yu Jia Zai Yin Cang Linux Jin Cheng
Linux Kernel Hacking: https://github.com/xcellerator/linux_kernel_hacking
tasklist /svc && ps -aux: https://tasklist.ffffffff0x.com/

Windows Fang Yu Gui Bi Windows Defense Evasion

yetAnotherObfuscator: https://github.com/0xb11a1/yetAnotherObfuscator
hoaxshell: https://github.com/t3l3machus/hoaxshell
bypassAV: https://github.com/pureqh/bypassAV
GolangBypassAV: https://github.com/safe6Sec/GolangBypassAV
BypassAntiVirus: https://github.com/TideSec/BypassAntiVirus
AV_Evasion_Tool: https://github.com/1y0n/AV_Evasion_Tool
shellcodeloader: https://github.com/knownsec/shellcodeloader
tasklist/systeminfo: https://www.shentoushi.top/av/av.php
rpeloader: https://github.com/Teach2Breach/rpeloader Zai Mei You An Zhuang De Qing Kuang Xia Zai Windows Shang Shi Yong Python

Nei Wang Chuan Tou Proxy

Dai Li Ke Hu Duan Proxy Client

Proxifier: https://www.proxifier.com/
Proxychains: https://github.com/haad/proxychains

Dai Li Gong Ju Proxy Tools

frp: https://github.com/fatedier/frp
frpModify: https://github.com/uknowsec/frpModify
suo5: https://github.com/zema1/suo5
Stowaway: https://github.com/ph4ntonn/Stowaway
Neo-reGeorg: https://github.com/L-codes/Neo-reGeorg
nps: https://github.com/ehang-io/nps
reGeorg: https://github.com/sensepost/reGeorg
rakshasa: https://github.com/Mob2003/rakshasa
Viper: https://github.com/FunnyWolf/Viper
ligolo-ng: https://github.com/nicocha30/ligolo-ng TUN Jie Kou
gost: https://github.com/ginuerzh/gost

DNS Sui Dao DNS Tunnel

iodine: https://github.com/yarrick/iodine
dnscat2: https://github.com/iagox86/dnscat2
DNS-Shell: https://github.com/sensepost/DNS-Shell

ICMP Sui Dao ICMP Tunnel

icmpsh: https://github.com/bdamele/icmpsh

Duan Kou Zhuan Fa Port Forwarding

tcptunnel: https://github.com/vakuum/tcptunnel Nei Wang - dmz - Gong Ji Ji

Cao Zuo An Quan Operation Security

https://privacy.sexy/ Zai Windows, macOS, Linux Shang Qiang Hua Yin Si Yu An Quan Zui Jia Shi Jian
https://transfer.sh/ Ni Ming Wen Jian Chuan Shu
https://a.f8x.io/ Duan Lian Jie Fu Wu

Yu Shen Tou Active Directory Penetration

Yu Nei Xin Xi Shou Ji Collection and Discovery

BloodHound:
https://github.com/lzzbb/Adinfo
https://github.com/wh0amitz/SharpADWS Ji Yu Active Directory Web Services (ADWS) Xie Yi
LDAP:
DNS:
- https://github.com/dirkjanm/adidnsdump
SCCM:
- https://github.com/garrettfoster13/sccmhunter
- https://github.com/Mayyhem/SharpSCCM
Brute force users:
- https://github.com/ropnop/kerbrute

Yu Nei Quan Xian Ti Sheng Privilege Escalation

https://github.com/CravateRouge/bloodyAD

Yu Nei Lou Dong Li Yong Known Exploited Vulnerabilities

MS14-068

noPac

CVE-2021-42278/CVE-2021-42287

Zerologon

CVE-2020-1472

ProxyLogon/ProxyShell

CVE-2021-34473

ProxyNotShell

CVE-2022-41040/CVE-2022-41082

https://github.com/testanull/ProxyNotShell-PoC

Printnightmare

CVE-2021-34527/CVE-2021-1675

Yu Nei Shen Tou Fang Shi Methodology

Coerce and Relay

PetitPotam: https://github.com/topotam/PetitPotam
PrinterBug: https://github.com/leechristensen/SpoolSample
DFSCoerce: https://github.com/Wh04m1001/DFSCoerce
WSPCoerce: https://github.com/slemire/WSPCoerce
ShadowCoerce: https://github.com/ShutdownRepo/ShadowCoerce
PrivExchange: https://github.com/dirkjanm/privexchange/
Coercer: https://github.com/p0dalirius/Coercer
cannon: https://github.com/Amulab/cannon
Responder: https://github.com/lgandx/Responder
Responder-Windows: https://github.com/lgandx/Responder-Windows
KrbRelayUp: https://github.com/Dec0ne/KrbRelayUp
ntlmrelayx: https://github.com/fortra/impacket/blob/master/examples/ntlmrelayx.py
kerbrelayx: https://github.com/dirkjanm/krbrelayx

Delegation

findDelegation: https://github.com/fortra/impacket/blob/master/examples/findDelegation.py
Impacket rbcd.py: https://github.com/fortra/impacket/blob/master/examples/rbcd.py
SharpRBCD: https://github.com/Kryp7os/SharpRBCD
PowerView: https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
Delegations: https://github.com/TheManticoreProject/Delegations

ADCS

Active Directory Certificate Services

Active Directory Certificate Services(AD CS) Mei Ju Yu Li Yong :
- Certify: https://github.com/GhostPack/Certify
- Certipy: https://github.com/ly4k/Certipy
- certi: https://github.com/zer1t0/certi
- PKINITtools: https://github.com/dirkjanm/PKINITtools
- ADCSPwn: https://github.com/bats3c/ADCSPwn
PassTheCert: https://github.com/AlmondOffSec/PassTheCert

ACLs and ACEs

Fang Yu Xing An Quan Blue Teaming and Defensive Security

Nei Cun Ma Cha Sha Memshell Detection

Webshell Cha Sha Webshell Detection

Gong Ji Yan Pan Blue Teaming

CobaltStrike Decrypt: https://github.com/5ime/CS_Decrypt
BlueTeamTools: https://github.com/abc123info/BlueTeamTools
IP Logger: https://iplogger.org/ Ji Lu Bing Zhui Zong IP Di Zhi

Ji Xian Jia Gu Enforcement

Ying Ji Xiang Ying Incident Response

Le Suo Bing Du Ransomware

Sou Suo Yin Qing Search Engine

360: http://lesuobingdu.360.cn
Teng Xun : https://guanjia.qq.com/pr/ls
Qi Ming Xing Chen : https://lesuo.venuseye.com.cn
Qi An Xin : https://lesuobingdu.qianxin.com
Shen Xin Fu : https://edr.sangfor.com.cn/#/information/ransom_search

Jie Mi Gong Ju Decryption Tools

Teng Xun : https://habo.qq.com/tool
Jin Shan Du Ba : http://www.duba.net/dbt/wannacry.html
Rui Xing : http://it.rising.com.cn/fanglesuo/index.html
Qia Ba Si Ji : https://noransom.kaspersky.com/
https://www.nomoreransom.org/zh/index.html
https://id-ransomware.malwarehunterteam.com
https://www.avast.com/ransomware-decryption-tools
https://www.emsisoft.com/en/ransomware-decryption/
https://github.com/jiansiting/Decryption-Tools

Kai Yuan Mi Guan Open-Source Honeypot

awesome-honeypots: https://github.com/paralax/awesome-honeypots Mi Guan Zi Yuan Hui Zong Lie Biao
HFish: https://github.com/hacklcx/HFish
conpot: https://github.com/mushorg/conpot Gong Ye Kong Zhi Xi Tong (ICS)Zhuan Yong Mi Guan
MysqlHoneypot: https://github.com/qigpig/MysqlHoneypot Ji Yu MySQL Mi Guan Huo Qu Wei Xin Hao
Ehoney: https://github.com/seccome/Ehoney

Ni Xiang Gong Cheng Reverse Engineering

Zong He Gong Ju Nice Tools

OpenArk: https://github.com/BlackINT3/OpenArk Fan Rootkit Gong Ju
python arsenal for RE: https://pythonarsenal.com/ Ni Xiang Gong Cheng Gong Ju Ji
IDA Pro: https://hex-rays.com/ida-pro/
IDA Pro MCP: https://github.com/mrexodia/ida-pro-mcp Ji Cheng AI De IDA Pro Gong Ju
Angr: https://github.com/angr/angr Er Jin Zhi Fen Xi Ping Tai
Cutter: https://cutter.re/ Kai Yuan Ni Xiang Gong Cheng Ping Tai
UPX: https://github.com/upx/upx

Jing Tai Fen Xi Static Analysis

checksec: https://github.com/slimm609/checksec
Detect-It-Easy: https://github.com/horsicq/Detect-It-Easy
ExeinfoPE: https://github.com/ExeinfoASL/ASL
PEiD: https://www.aldeid.com/wiki/PEiD
bindiff: https://www.zynamics.com/software.html
Zai Xian Bian Yi Qi : https://godbolt.org/

Dong Tai Diao Shi Dynamic Analysis

Ollydbg: https://www.ollydbg.de/
x64dbg: https://x64dbg.com/

Java

jadx: https://github.com/skylot/jadx
JEB: https://www.pnfsoftware.com/
GDA: https://github.com/charles2gan/GDA-android-reversing-Tool
jd-gui: https://github.com/java-decompiler/jd-gui

Mobile

scrcpy: https://github.com/Genymobile/scrcpy
android-reverse: https://github.com/WuFengXue/android-reverse

Python

py2exe: https://www.py2exe.org/ py->exe
pyinstaller: https://github.com/pyinstaller/pyinstaller py->exe
unpy2exe: https://github.com/matiasb/unpy2exe exe->pyc
pyinstxtractor: https://github.com/extremecoders-re/pyinstxtractor exe->pyc
pycDcode: https://github.com/rocky/python-uncompyle6/ pyc->py
pycDcode: https://github.com/BarakAharoni/pycDcode

Rust/Go/.NET

https://github.com/cha5126568/rust-reversing-helper for rust
https://github.com/strazzere/golang_loader_assist for golang
https://github.com/sibears/IDAGolangHelper for golang
https://www.jetbrains.com/zh-cn/decompiler/ for .NET
https://github.com/dnSpy/dnSpy for .NET

Yun An Quan Cloud Security

Kai Yuan Zi Yuan Resources

TeamsSix:
- https://github.com/teamssix/awesome-cloud-security
- https://wiki.teamssix.com/
lzCloudSecurity:
- https://github.com/EvilAnne/lzCloudSecurity
- https://lzcloudsecurity.gitbook.io/yun-an-quan-gong-fang-ru-men/
CSA Research: https://c-csa.cn/research/results/
HackTricks Cloud: https://cloud.hacktricks.xyz/
Awesome-CloudSec-Labs: https://github.com/iknowjason/Awesome-CloudSec-Labs
Aliyun OpenAPI: https://next.api.aliyun.com/api/
Cloud Native Landscape: https://landscape.cncf.io/
Cloud Vulnerabilities and Security Issues Database: https://www.cloudvulndb.org/ Yun Lou Dong Yu An Quan Wen Ti Shu Ju Ku

Yun An Quan Ju Zhen Cloud Threat Matrix

https://attack.mitre.org/matrices/enterprise/cloud/
https://cloudsec.huoxian.cn/
https://cloudsec.tencent.com/home/
https://owasp.org/www-project-kubernetes-top-ten/ OWASP Kubernetes Shi Da Feng Xian - 2022 Ban
https://www.microsoft.com/en-us/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/ Kubernetes Wei Xie Ju Zhen

Yun Fu Wu Cloud Services

San Da Yun Fu Wu Ti Gong Shang : - Amazon Web Services (AWS) / Microsoft Azure / Google Cloud Platform (GCP) - A Li Yun / Teng Xun Yun / Hua Wei Yun

Yun Guan Ping Tai Management Tools

https://yun.cloudbility.com/ Yun Cun Chu Tu Xing Hua Guan Li Ping Tai
https://github.com/aliyun/aliyun-cli Gua Yong Yu A Li Yun OSS
https://github.com/aliyun/oss-browser Ji Yu A Li Yun CLI De Tu Xing Hua Gong Ju
https://github.com/TencentCloud/cosbrowser Gua Yong Yu Teng Xun Yun COS
https://github.com/TencentCloud/tencentcloud-cli Ji Yu Teng Xun Yun CLI
https://support.huaweicloud.com/browsertg-obs/obs_03_1003.html Gua Yong Yu Hua Wei Yun OBS
https://www.ctyun.cn/document/10000101/10006768 Gua Yong Yu Tian Yi Yun OBS
https://www.ctyun.cn/document/10306929/10132519 Gua Yong Yu Tian Yi Yun Mei Ti Fu Wu
https://docsv4.qingcloud.com/user_guide/development_docs/cli/install/install/ Ji Yu Qing Yun CLI
https://github.com/qiniu/kodo-browser Gua Yong Yu Qi Niu Yun OSS

AK/SK Li Yong AK/SK Exploit

https://wiki.teamssix.com/cf/ Lou Dong Li Yong Kuang Jia v0.5.0(Kai Yuan )
https://github.com/wgpsec/cloudsword Yun Fu Wu An Quan Ce Shi Gong Ju
https://github.com/CloudExplorer-Dev/CloudExplorer-Lite fit2cloud Yun Zi Yuan Guan Li Gong Ju
https://github.com/mrknow001/aliyun-accesskey-Tools A Li Yun AccessKey Zhuan Yong Gong Ju
https://github.com/iiiusky/alicloud-tools A Li Yun An Quan Gong Ju Ji
https://github.com/NS-Sp4ce/AliyunAccessKeyTools A Li Yun AccessKey Li Yong Gong Ju
https://github.com/freeFV/Tencent_Yun_tools Teng Xun Yun An Quan Gong Ju Ji
https://github.com/libaibaia/cloudSec Zhi Chi San Da Yun + AWS/Qi Niu Yun De Web Gong Ju
https://github.com/wyzxxz/aksk_tool Zhi Chi San Da Yun + AWS/You Ke De /Jing Dong Yun /Bai Du Yun /Qi Niu Yun
https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools Yun Cun Chu Tong Xie Lu Jian Ce Gong Ju
https://github.com/dark-kingA/cloudTools Zhi Chi San Da Yun + You Ke De De An Quan Gong Ju

Yun Yuan Sheng Cloud Native

Zong He Gong Ju Nice Tools

https://github.com/HummerRisk/HummerRisk Kai Yuan Yun Yuan Sheng An Quan Ping Tai

Rong Qi Docker

https://github.com/wagoodman/dive Tan Suo Docker Jing Xiang Ge Ceng Jie Gou
https://github.com/docker/docker-bench-security Docker An Quan Ji Zhun Ce Shi Gong Ju
https://github.com/eliasgranderubio/dagda/ Docker Jing Xiang /Rong Qi Jing Tai Fen Xi Gong Ju (Jian Ce Lou Dong , Mu Ma , Bing Du Deng E Yi Wei Xie )
https://github.com/teamssix/container-escape-check Rong Qi Tao Yi Jian Ce Gong Ju
https://github.com/brant-ruan/awesome-container-escape Rong Qi Tao Yi Ji Zhu Hui Zong
https://github.com/cdk-team/CDK Rong Qi Shen Tou Ce Shi Gong Ju Bao
https://github.com/chaitin/veinmind-tools Rong Qi An Quan Gong Ju Ji

Ji Qun Kubernetes

https://kubernetes.io/docs/tasks/tools/ Kubernetes Guan Fang Gong Ju Wen Dang
https://github.com/etcd-io/etcd Fen Bu Shi Jian Zhi Cun Chu (K8s He Xin Zu Jian )
https://github.com/kubernetes/minikube Ben Di Kubernetes Ji Qun Da Jian Gong Ju
https://github.com/kubernetes-sigs/kind Ji Yu Docker De Ben Di Kubernetes Ji Qun Gong Ju
https://github.com/kubernetes/kubeadm Sheng Chan /Ce Shi Huan Jing Kubernetes Ji Qun Bu Shu Gong Ju
https://github.com/kubernetes-sigs/cri-tools Kubelet Rong Qi Yun Xing Shi Jie Kou (CRI)Gong Ju Ji
https://github.com/derailed/k9s Kubernetes Zhong Duan Guan Li CLI Gong Ju
https://github.com/lightspin-tech/red-kube Ji Yu kubectl De Hong Dui K8s Dui Kang Mo Ni Gong Ju
https://github.com/DataDog/KubeHound Kubernetes Gong Ji Lu Jing Zi Dong Hua Fen Xi Gong Ju
https://github.com/inguardians/peirates Kubernetes Shen Tou Ce Shi Gong Ju
https://github.com/docker/docker-bench-security Docker CIS Ji Zhun Ce Shi Fen Xi Gong Ju
https://github.com/aquasecurity/kube-bench Kubernetes CIS Ji Zhun Ce Shi Fen Xi Gong Ju
https://github.com/aquasecurity/kube-hunter Kubernetes An Quan Ruo Dian Tan Ce Gong Ju

AI An Quan AI Security

Kai Yuan Zi Yuan Resources

GPTSecurity: https://www.gptsecurity.info/
Nsfocus AI An Quan Ju Zhen : https://aiss.nsfocus.com/

Mo Xing Bang Dan Yu Ping Ce Model Rankings & Evaluation Platforms

https://openrouter.ai/rankings OpenRouter AI Pai Xing Bang
https://arena.ai/leaderboard AI Arena Ji Zhun Ce Shi Bang Dan
https://github.com/open-compass/opencompass OpenCompass Da Mo Xing Ping Ce Ping Tai

An Quan Wei Lan Yu Jia Gu AI Agent Security & Guardrails

https://github.com/kappa9999/ClawShield Gua Yong Yu OpenClaw
https://semgrep.dev/blog/2026/openclaw-security-engineers-cheat-sheet OpenClaw An Quan Gong Cheng Shi Su Cha Biao

Gong Fang Zi Dong Hua AI-Powered Red Teaming & Offensive Automation

Some projects may not be fully tested. Use with caution. Bu Fen Xiang Mu Wei Jing Wan Zheng Ce Shi ,Qing Jin Shen Shi Yong .

https://github.com/GreyDGL/PentestGPT Ji Yu Da Yu Yan Mo Xing De Zi Dong Hua Shen Tou Ce Shi Zhi Neng Ti Kuang Jia
https://github.com/NVIDIA/garak LLM Lou Dong Sao Miao Qi
http://github.com/SuperagenticAI/superclaw Hong Dui AI Zhi Neng Ti
https://github.com/usestrix/strix Kai Yuan AI Hei Ke Gong Ju ,Yong Yu Fa Xian Bing Xiu Fu Ying Yong Lou Dong
https://github.com/jd-opensource/JoySafeter An Quan Neng Li Cao Zuo Xi Tong
https://github.com/Significant-Gravitas/AutoGPT AutoGPT Shi Yi Ge Qiang Da Ping Tai ,Ke Chuang Jian , Bu Shu Yu Guan Li Chi Xu Yun Xing De AI Zhi Neng Ti ,Zi Dong Hua Fu Za Gong Zuo Liu
https://github.com/aliasrobotics/cai Wang Luo An Quan AI(CAI),AI An Quan Kuang Jia

Agent Skills Gong Cheng Agent Skills

https://github.com/JackyST0/awesome-agent-skills Gua Yong Yu Cursor, Claude Code, GitHub Copilot Deng
https://github.com/affaan-m/everything-claude-code Gua Yong Yu Claude Code, Codex, Cowork Deng (Anthropic Hei Ke Song Guan Jun Xiang Mu )
https://github.com/libukai/awesome-agent-skills Kuai Su Ru Men , Tui Jian Ji Neng , Zui Xin Zi Xun Yu Shi Zhan An Li
https://github.com/JimLiu/baoyu-skills Gua Yong Yu Claude Code
https://github.com/anthropics/skills

Ti Gao Sheng Chan Li De Fu Zhu Gong Ju

LLM

Kai Yuan Zi Yuan Open-Source Resources

https://github.com/Hannibal046/Awesome-LLM
https://github.com/HqWu-HITCS/Awesome-Chinese-LLM
https://github.com/open-compass/opencompass LLM Xing Neng Bang Dan
https://github.com/deepseek-ai/awesome-deepseek-integration DeepSeek Shi Yong Ji Cheng
https://github.com/raphabot/awesome-cybersecurity-agentic-ai

Bian Pai Kuang Jia orchestration framework

https://github.com/langchain-ai/langchain

Ti Shi Ci Prompts

Bu Shu Deployment

huggingface: https://huggingface.co/ Da Xing Yu Yan Mo Xing Xia Zai (AI Jie Github )
ollama: https://github.com/ollama/ollama Qi Dong Bing Yun Xing Da Xing Yu Yan Mo Xing
open-webui: https://github.com/open-webui/open-webui Chi Xian WebUI
chatbox: https://github.com/Bin-Huang/chatbox Gua Yong Yu AI Mo Xing /Da Yu Yan Mo Xing De You Hao Xing Zhuo Mian Ke Hu Duan (GPT, Claude, Gemini, Ollama...),Zhi Chi MacOS/Windows/Linux Xi Tong
anythingllm: https://anythingllm.com/ Jie Zhu Qiang Da De Nei Zhi Gong Ju He Gong Neng Kuai Su Yun Xing Ben Di Da Yu Yan Mo Xing ,Zhi Chi MacOS/Windows/Linux Xi Tong
enchanted: https://github.com/AugustDev/enchanted Enchanted Yong Yu Yu Si You Zi Tuo Guan Yu Yan Mo Xing Jiao Hu ,Zhi Chi iOS/MacOS Xi Tong
chatbox: https://github.com/Bin-Huang/chatbox Ben Di Ke Hu Duan for Windows/MacOS/Linux
obsidian-copilot: https://github.com/logancyang/obsidian-copilot
continue: https://github.com/continuedev/continue

Ru Guo Ni Xiang Tong Guo ollama Zai Ben Di Kuai Su Bu Shu LLM,Ke Yi Can Kao Zhe Tao Ji Zhu Zhan :

Yun Xing Da Xing Yu Yan Mo Xing :ollama
Yun Xing Da Xing Yu Yan Mo Xing Bing Bu Shu WebUI:ollama + open-webui
Yun Xing Da Xing Yu Yan Mo Xing Bing Bu Shu Ying Yong Cheng Xu :ollama + enchanted
Yun Xing Da Xing Yu Yan Mo Xing Bing Yu Ben Di Bian Ji Qi Ji Cheng (Li Ru Obsidian):ollama + copilot(Obsidian Cha Jian )
Yun Xing Da Xing Yu Yan Mo Xing Bing Yu Ben Di Dai Ma Bian Ji Qi Ji Cheng (Li Ru Vscode): ollama + continue(Vscode Cha Jian )
Yun Xing Da Xing Yu Yan Mo Xing Bing Gou Jian Ben Di RAG Ying Yong :ollama + langchain
...

Ti Gao Sheng Chan Li De Shi Yong Zi Shi

Ru He Kuai Su Shi Yong alias

Windows Chuang Jian alias.bat,Ji Huo conda Xu Ni Huan Jing ,Zai Ge Chi Huan Jing Xia Yun Xing Cheng Xu Huo Gong Ju . Shuang Ji alias.bat,Zhong Qi cmd,Pei Zhi Sheng Xiao .

@echo off :: Software @DOSKEY ida64=activate base$t"D:\CTFTools\Cracking\IDA_7.7\ida64.exe" :: Tools @DOSKEY fscan=cd /d D:\Software\HackTools\fscan$tactivate security$tdir

Jiang alias.bat Pei Zhi Wei Kai Ji Zi Qi Dong :

Zhu Ce Biao Jin Ru Ji Suan Ji \HKEY_CURRENT_USER\Software\Microsoft\Command Processor;
Chuang Jian Zi Fu Chuan Zhi autorun,Fu Zhi Wei alias.bat Suo Zai Wei Zhi ,Li Ru D: \Software\alias.bat;
Zhong Qi Xi Tong ,Pei Zhi Sheng Xiao .

MacOS Bian Ji .zshrc,Zhong Qi shell,Pei Zhi Sheng Xiao :

# 3. Control and Command alias behinder="cd /Users/threekiii/HackTools/C2/Behinder_v4.1/ && /Library/Java/JavaVirtualMachines/jdk-1.8.jdk/Contents/Home/ bin/java -jar Behinder.jar " alias godzilla="cd /Users/threekiii/HackTools/C2/Godzilla_v4.0.1/ && /Library/Java/JavaVirtualMachines/jdk-1.8.jdk/Contents/Home/ bin/java -jar godzilla.jar "

Ru He You Hua Yuan Sheng Zhong Duan

Windows Tong Guo tabby + clink You Hua Yuan Sheng Zhong Duan ,Shi Xian Ming Ling Zi Dong Bu Quan , vps ssh/ftp/sftp, Shu Chu Ri Zhi Ji Lu Deng Gong Neng :

warp: https://github.com/warpdotdev/Warp
tabby: https://github.com/Eugeny/tabby
clink: https://github.com/chrisant996/clink

MacOS Tong Guo warp + ohmyzsh You Hua Yuan Sheng Zhong Duan ,warp Zi Dai Ming Ling Zi Dong Bu Quan ,Yin Ru "Kuai "Gai Nian ,Ti Gong Liao Geng Xian Dai Hua De Bian Cheng Ti Yan (Modern UX and Text Editing):

warp: https://github.com/warpdotdev/Warp
ohmyzsh: https://github.com/ohmyzsh/ohmyzsh

Ru He Jie Jue Zhong Duan Zhong Wen Luan Ma

Windows Zhu Ce Biao Jin Ru Ji Suan Ji \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor,Chuang Jian Zi Fu Chuan Zhi autorun,Fu Zhi Wei chcp 65001.

Folders and files

Latest commit

History

Repository files navigation

Awesome-Redteam

Roadmap

Mu Lu Contents

Xiang Mu Dao Hang Project Navigation

Su Cha Wen Dang CheatSheets

Yi Xie Dai Ma Scripts

Gong Fang Zhi Shi Tips

Kai Yuan Dao Hang Open-Source Navigation

Bian Jie Ma /Jia Jie Mi Cryptography

Zai Xian Gong Ju Online Tools

Chi Xian Gong Ju Offline Tools

Bian Ma /Jie Ma Encode/Decode

Zheng Ze Biao Da Shi Regular Expressions

Ha Xi Suan Fa Hash Algorithms

Gong Yao Mi Ma Suan Fa RSA

Guo Mi Suan Fa SM Algorithms

Wang Luo Kong Jian Ce Hui Cyberspace Search Engine

Zong He Gong Ju Nice Tools

Wang Ye /Duan Kou Web/Ports

Gu Ge Sou Suo Google Hacking

Github Sou Suo Github Dork

Kai Yuan Qing Bao Open-Source Intelligence

Zong He Gong Ju Nice Tools

Wei Xie Qing Bao Threat Intelligence

Lou Dong Pi Lu Disclosed Vulnerabilities

Jie Kou Jian Suo API Search

Yuan Dai Ma Jian Suo Source Code Search

Kai Yuan Zi Yuan Open-Source Resources

She Qu /Zhi Shi Ku Communities/Knowledge Base

Si Wei Dao Tu /Bei Wang Lu Mindmap/Cheat Sheets

Jin Gong Xing An Quan Red Teaming and Offensive Security

Fang Yu Xing An Quan Blue Teaming and Defensive Security

Cao Zuo An Quan Operation Security

Shi Zhan Ping Tai Learning and Practice Platforms

Xin Xi Shou Ji Reconnaissance

Zong He Gong Ju Nice Tools

IP/Yu Ming /Zi Yu Ming IP/Domain/Subdomain

Zhi Wen Fingerprint

Zhi Wen Ku Fingerprint Collection

Zhi Wen Shi Bie Fingerprint Reconnaissance

WAF Shi Bie Waf Checks

Sao Miao /Bao Po Brute Force

Sao Miao /Bao Po Gong Ju Brute Force Tools

Sao Miao /Bao Po Zi Dian Brute Force Dictionaries

Zi Dian Sheng Cheng Generate a Custom Dictionary

Mo Ren Kou Ling Cha Xun Default Credentials

She Hui Gong Cheng Xue Social Engineering

Ping Ju Xie Lu Leaked Credentials

You Xiang Email

Duan Xin SMS Online

Diao Yu Phishing

Yi Dong Duan Mobile

Lou Dong Yan Jiu Vulnerability Research

Lou Dong Huan Jing Vulnerable Environments

Ji Chu Lou Dong Basic Vulnerabilities

Zong He Lou Dong Comprehensive Vulnerabilities

Gong Kong Huan Jing Vulnerable IoT Environment

Yu Huan Jing Vulnerable Active Directory Environment

Yun Huan Jing Vulnerable Cloud Environments

AI Huan Jing Vulnerable AI Environments

PoC Proof of Concept

PoC/ExP

PoC Mo Ban PoC Templates

Lou Dong Li Yong Vulnerability Exploits

Zong He Gong Ju Nice Tools

Dai Ma Shen Ji Code Audit

Xu Lie Hua Serialization

Java

Fan Xu Lie Hua Deserialization

Java

PHP

Shu Ju Ku Database

Redis

MySQL

Oracle

MSSQL