Skip to content

@Sec-Fork 无情的 Fork 机器

Change the repository type filter

All

    Repositories list

    2.4k repositories

    • Exploit-Street

      Public
      Complete list of LPE exploits for Windows (starting from 2023)
      C++
      38000Updated Nov 14, 2024Nov 14, 2024

    • JavaSecLab

      Public
      ​ JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
      JavaScript
      Apache License 2.0
      20100Updated Nov 12, 2024Nov 12, 2024

    • CyberEdge

      Public
      互联网资产综合扫描/攻击面测绘
      Python
      24000Updated Nov 6, 2024Nov 6, 2024

    • testnet

      Public
      TestNet资产管理系统(资产管理|信息收集|暴露面管理|子域名扫描|C段扫描|端口扫描|漏洞扫描|Hunter|Fofa)
      Shell
      27000Updated Nov 6, 2024Nov 6, 2024

    • linker

      Public
      .NET8、p2p打洞(tcp+udp),和组网(点对点,点对网,网对网),和内网穿透,.NET8 NAT transfer, Virtual Private Network
      C#
      GNU General Public License v2.0
      54000Updated Nov 4, 2024Nov 4, 2024

    • web-chains

      Public
      Web 版 Java Payload 生成与漏洞利用工具,提供 Java 反序列化、Hessian 1/2 反序列化等 Payload 生成,以及 JNDI Exploit、Fake Mysql Exploit、JRMPListener 等相关利用
      44000Updated Nov 2, 2024Nov 2, 2024

    • AV-EDR-Lab-Environment-Setup

      Public
      AV/EDR Lab environment setup references to help in Malware development
      15000Updated Nov 1, 2024Nov 1, 2024

    • cyberpanel

      Public
      Cyber Panel - The hosting control panel for OpenLiteSpeed
      JavaScript
      GNU General Public License v3.0
      612000Updated Oct 31, 2024Oct 31, 2024

    • xxl-job-FLM

      Public
      xxl-job内存马
      Java
      10000Updated Oct 31, 2024Oct 31, 2024

    • T-1

      Public
      T-1 is a shellcode loader that leverages ML techniques to detect VM environments
      C++
      MIT License
      3000Updated Oct 30, 2024Oct 30, 2024

    • EasyContral

      Public
      C#基于HTTP实现带GUI的简单远程控制程序
      C#
      3000Updated Oct 30, 2024Oct 30, 2024

    • MSSprinkler

      Public
      MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, and provides verbose information related to accounts and tenant information.
      PowerShell
      MIT License
      6000Updated Oct 27, 2024Oct 27, 2024

    • SecurityInspector

      Public
      一款代码审计辅助插件
      HTML
      20000Updated Oct 24, 2024Oct 24, 2024

    • Athena

      Public
      极简的多资产回测框架
      Jupyter Notebook
      2000Updated Oct 24, 2024Oct 24, 2024

    • loxs

      Public
      best tool for finding SQLi,XSS,LFi,OpenRedirect
      Python
      146000Updated Oct 23, 2024Oct 23, 2024

    • Secure_Stager

      Public
      An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
      C
      24000Updated Oct 21, 2024Oct 21, 2024

    • Rust_Beacon

      Public
      使用 rust 实现的 CobaltStrike 的 beacon
      Rust
      16000Updated Oct 20, 2024Oct 20, 2024

    • Dumphash-C-

      Public
      绕过杀软dumphash 离线读取
      C++
      13000Updated Oct 19, 2024Oct 19, 2024

    • BypassAV-2-1

      Public
      一款基于PE Patch技术的后渗透免杀工具,支持32位和64位
      C++
      18000Updated Oct 18, 2024Oct 18, 2024

    • riverPass

      Public
      riverPass 是一个用Go编写的瑞数WAF绕过工具。它利用了WebSocket协议,将请求发送的自身浏览器中,从而绕过了瑞数WAF的检测。
      Go
      MIT License
      15000Updated Oct 18, 2024Oct 18, 2024

    • Ghost

      Public
      Evasive shellcode loader
      C++
      42000Updated Oct 15, 2024Oct 15, 2024

    • Rust-for-Malware-Development

      Public
      This repository contains my complete resources and coding practices for malware development using Rust 🦀.
      Rust
      MIT License
      168000Updated Oct 15, 2024Oct 15, 2024

    • DockerApiRCE

      Public
      DockerApiRCE
      13000Updated Oct 14, 2024Oct 14, 2024

    • BypassPro-2

      Public
      AutoBypass403-BurpSuite 插件二开重构,优化执行逻辑
      Java
      9100Updated Oct 12, 2024Oct 12, 2024

    • APIFinderPlus

      Public
      目标是成为当下最完善的API挖掘工具,实现自动提取响应敏感信息、URI信息,并且对URI进行自动|手动递归检查
      Java
      6000Updated Oct 12, 2024Oct 12, 2024

    • Cable

      Public
      Active Directory Enumeration & Exploitation Tool
      C#
      GNU General Public License v3.0
      22000Updated Oct 11, 2024Oct 11, 2024

    • reality

      Public
      grs内网穿透工具通过reality协议隐藏特征
      Go
      MIT License
      11000Updated Oct 10, 2024Oct 10, 2024

    • chanzi

      Public
      “铲子”是一款简单易用的JAVA SAST工具,旨在为安全工程师提供一款简单、好用、价格厚道的代码安全扫描产品,支持语言: java(Servlet、spring、dubbo、thirft、mybatis、jsp) ,采用轻量级污点分析,铲子会将java、xml(mybatis、dubbo)等统一构建数据流图,然后进行污点分析,无需编译,也可以反编译扫描jar或class,内置了 sql 注入、命令注入、文件上传、ssrf 等常见漏洞规则,用户可以自定义规则。
      8000Updated Oct 9, 2024Oct 9, 2024

    • PostHikvision

      Public
      哥斯拉Hikvision综合安防后渗透插件,运行中心/web前台/MinIO 配置提取(解密)重置密码,还原密码。
      Java
      8000Updated Oct 8, 2024Oct 8, 2024

    • POC-20241008

      Public
      收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1100多个poc/exp,长期更新。
      861500Updated Oct 7, 2024Oct 7, 2024