⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透，使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost，远程执行SSH/Winrm，密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis，端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机，端口扫描服务识别PortScan。

Tool for building Kubernetes attack paths

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.

Vulnerabilities of Goby supported with exploitation.

事件驱动的渗透测试扫描器 Event-driven pentest scanner

Multiplatform reverse shell generator

A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins / extract secret_key / decrypt data_source info automatic.

Blazing fast, advanced Padding Oracle exploit

CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

致远OA漏洞检测

Octoscan is a static vulnerability scanner for GitHub action workflows.

威胁情报-漏洞存储库

Find CVE PoCs on GitHub

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

A Windows Botnet written in Golang

Experimental Go language CSGO exploit.

A modular exploitation framework extensible with Lua

gtfo, now with the speed of golang