小工具 --持续更新
google插件:hacktools
SMB溢出漏洞检测工具:https://github.com/twowb/zngeek/releases
红队打点:https://github.com/b0bac/ApolloScanner
12.16
bp插件,,fakeip:https://github.com/TheKingOfDuck/burpFakeIP
渗透测试工具,Yakit:https://www.yaklang.io
ps:看到的文章是抓包app
代理客户端,配合bp抓个小程序的包。proxifier:https://www.proxifier.com
12.18
指纹探测:Finger:https://github.com/EASY233/Finger
应急响应笔记及工具:https://github.com/wpsec/Emergency-response-notes
漏洞检测工具(也算是红队打点):POC bomber:https://github.com/tr0uble-mAker/POC-bomber
12.19
有gui界面的渗透工具,Railgun:https://github.com/lz520520/railgun
12.21
主动和被动综合的工具haxunit:https://github.com/Bandit-HaxUnit/haxunit
遍历敏感信息工具 -- lazfinder:https://github.com/thekingofsex/lazfinder
12.23
自动化渗透测试-斗象BASDayBreak破晓
官网:https://daybreak.tophant.com/home
证书:https://daybreak.tophant.com/home/license
OA综合利用工具:https://github.com/LittleBear4/OA-EXPTOOL
23.1.1
Arthas:Alibaba开源的Java诊断工具https://github.com/alibaba/arthas/releases
内存马检测脚本:https://github.com/c0ny1/java-memshell-scanner
webshell管理工具:https://github.com/b1ackc4t/Assassin
跨平台小巧的端口爆破工具PortBrute:https://github.com/awake1t/PortBrute
指纹识别:https://github.com/EdgeSecurityTeam/EHole
yuhScan:web目录快速扫描工具by go:https://github.com/hunyaio/yuhScan
goby,透测试工具viper,官网。
js文件信息收集LinkFinder:https://github.com/GerbenJavado/LinkFinder
云存储检测利用工具:https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools
内网打点Aopo:https://github.com/ExpLangcn/Aopo
1.2
渗透测试信息收集自动化脚本:https://github.com/gysf666/wmic_info
1.3
AWVS+子域名平台联合自动化:https://github.com/Minority2310/awvs-subdomain_platform
沙箱信息收集:https://github.com/Aetsu/Neton
1.4
某生成器:https://github.com/hosch3n/msmap
指纹探测:https://github.com/EASY233/Finger
应急响应笔记附工具:http://www.kxsy.work/2021/10/13/zui-shi-yong-de-ying-ji-xiang-ying-bi-ji-si-lu-xiao-jie/
1.9
一系列工具:https://github.com/iceyhexman/onlinetools
邮箱收集:https://github.com/jax7sec/EmailCollect
shiro检测(主)https://github.com/arno567/ShiroScanF
https://github.com/sv3nbeast/ShiroScan
1.11
网站后台弱口令批量:https://github.com/yzddmr6/WebCrack

浙公网安备 33010602011771号