STKeeper STKeeper

An advanced web directory scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。

AntSword is a cross-platform website management toolkit.

If you want to keep a secret, you must also hide it from yourself.

Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration te…

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

A fast sub domain brute tool for pentesters

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

Ubuntu Linux privilege escalation exploit (CVE-2019-7304)

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

It's the C version of https://github.com/mthbernardes/sshLooter

Python port of ShadowsocksR

Python botnet and backdoor

PoC for CVE-2018-15133 (Laravel unserialize vulnerability)

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Perform a MitM attack and extract clear text credentials from RDP connections

SSH man-in-the-middle tool

CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7

ezXSS is an easy way to test (blind) XSS

Auto install shadowsocks server，thanks 秋水逸冰

Web path scanner

libev port of shadowsocks

The simple, fast, powerful SYN/TCP port scanner source code

Script to steal passwords from ssh.

Next Generation of ShadowsocksX

Herramienta para evadir disable_functions y open_basedir

linux-kernel-exploits Linux平台提权漏洞集合

A new generation of tool for discovering subdomains( ip , cdn and so on)