From 325e842d69f7dfa68472dd755cc9de111c6759a9 Mon Sep 17 00:00:00 2001 From: LoRexxar Date: Mon, 21 Dec 2020 18:04:04 +0800 Subject: [PATCH] update author --- README.md | 52 +++++++++++++------------- TOOLS_README.md | 98 ++++++++++++++++++++++++------------------------- 2 files changed, 75 insertions(+), 75 deletions(-) diff --git a/README.md b/README.md index cf0ee2a..5ce0231 100644 --- a/README.md +++ b/README.md @@ -2,15 +2,15 @@ --- -![](./logo.png) +![](./logo.png) The 404 Starlink Project was started by Knownsec 404Team in 2020. We aim to denfend network and promote the Instrumentalizing of security research in different fields through open source or open methods. Just like Starlink, this project will link researchers with different security background. Not only large tools which break security barriers,various small tools that optimizing the daily experience are included. We will open all tools developed by 404 Team, and continue to collect pain points in the process of security research and penetration testing. The security field used to have various problems, like tools jumbled, different levels obvious, and open source be unmaintained. Through the 404 Starlink Project, we wish security field would become a better place where people like to communicate and progress together. -[“404星链计划”](https://github.com/knownsec/404StarLink-Project)是知道创宇404实验室于2020年8月开始的计划,旨在通过开源或者开放的方式,**长期维护**并推进涉及安全研究各个领域不同环节的工具化,就像星链一样,将立足于不同安全领域、不同安全环节的研究人员链接起来。 +[“404星链计划”](https://github.com/knownsec/404StarLink-Project) 是知道创宇404实验室于2020年8月开始的计划,旨在通过开源或者开放的方式,**长期维护**并推进涉及安全研究各个领域不同环节的工具化,就像星链一样,将立足于不同安全领域、不同安全环节的研究人员链接起来。 -[“404星链计划”](https://github.com/knownsec/404StarLink-Project)主要目的是改善安全圈内工具庞杂、水平层次不齐、开源无人维护的多种问题,营造一个更好更开放的安全工具促进与交流的技术氛围。 +[“404星链计划”](https://github.com/knownsec/404StarLink-Project) 主要目的是改善安全圈内工具庞杂、水平层次不齐、开源无人维护的多种问题,营造一个更好更开放的安全工具促进与交流的技术氛围。 2020年11月,知道创宇404实验室正式推出星链计划2.0。通过星链计划核心社群成员作为核心,筛选**优质、有意义、有趣、坚持维护**的开源项目加入星链计划2.0,由404实验室核心成员及星链计划核心成员作为背书,将优质的开源项目汇聚成星河,为立足于不同安全领域的安全研究人员指明方向。代号**Galaxy**。 @@ -26,7 +26,7 @@ Not only large tools which break security barriers,various small tools that op - 坚持维护 - 通过由404实验室以及星链计划核心成员组成的审阅组审阅 -入选项目将由代码质量、技术难度、新颖度等多个维度评价打分(满分5星),是否坚持维护将作为最重要的评价标准。入选Open-Projects的项目不得超过1年未更新,且超过6个月未更新的项目只能获得上限为4星的评价。入选Fun-Tools分类的开源项目由星链计划2.0核心社群成员判定当前的维护状态,被判定为未维护的项目将会被从星链计划中去除。 +入选项目将由代码质量、技术难度、新颖度等多个维度评价打分(满分5星) ,是否坚持维护将作为最重要的评价标准。入选Open-Projects的项目不得超过1年未更新,且超过6个月未更新的项目只能获得上限为4星的评价。入选Fun-Tools分类的开源项目由星链计划2.0核心社群成员判定当前的维护状态,被判定为未维护的项目将会被从星链计划中去除。 参与星链计划2.0的开源项目可以借由星链计划社群与开发者直接沟通,真正将研究人员和开发人员连在一起。 @@ -49,15 +49,15 @@ Not only large tools which break security barriers,various small tools that op - 在攻击发生之前识别,如流量分析等 - Mitigation measures 缓解措施 - 在攻击发生之中缓解威胁,如hids,waf等 - - [Juggler](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#juggler) - - ![](https://img.shields.io/badge/Positivity-TBD-yellow)![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow)![](https://img.shields.io/badge/Author-C4o-orange)![](https://img.shields.io/badge/Language-Go-blue) + - [Juggler](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#juggler) + - ![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow) ![](https://img.shields.io/badge/Author-C4o-orange) ![](https://img.shields.io/badge/Language-Go-blue) - 一个也许能骗到黑客的系统。可以作为WAF等防护体系的一环。 - Security inspection 安全检测 - 对目标的安全检测,主要集中在对不同链路的主动安全检测 - Security Monitor 安全监控 - 对某个安全链路的安全监控、管理平台 - - [gshark](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#gshark-) ![](https://img.shields.io/badge/-New-red) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-madneal-orange)![](https://img.shields.io/badge/Language-Go-blue) + - [gshark](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#gshark-) ![](https://img.shields.io/badge/-New-red) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-madneal-orange) ![](https://img.shields.io/badge/Language-Go-blue) - 一款开源敏感信息监测系统,支持github、gitlab、searchcode ## 乙方工具向 @@ -68,39 +68,39 @@ Not only large tools which break security barriers,various small tools that op - Vulnerability Assessment 漏洞探测 - 对目标的各类漏洞探测扫描 - - [kunpeng](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#kunpeng) - - ![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-opensec_cn-orange) ![](https://img.shields.io/badge/Language-Go-blue) + - [kunpeng](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#kunpeng) + - ![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-opensec_cn-orange) ![](https://img.shields.io/badge/Language-Go-blue) - Kunpeng是一个Golang编写的开源POC检测框架。 - - [myscan](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#myscan) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow)![](https://img.shields.io/badge/Author-amcai-orange) ![](https://img.shields.io/badge/Language-Python-blue) + - [myscan](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#myscan) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow) ![](https://img.shields.io/badge/Author-amcai-orange) ![](https://img.shields.io/badge/Language-Python-blue) - myscan由python3开发而成的被动扫描工具。 - Penetration Test 攻击与利用 - 在实际渗透测试过程中涉及到的工具 - - [Redis Rogue Server](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#redis-rogue-server) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%e2%98%86-yellow)![](https://img.shields.io/badge/Author-Dliv3-orange)![](https://img.shields.io/badge/Language-Python-blue) + - [Redis Rogue Server](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#redis-rogue-server) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%e2%98%86-yellow) ![](https://img.shields.io/badge/Author-Dliv3-orange) ![](https://img.shields.io/badge/Language-Python-blue) - Redis 4.x/Redis 5.x RCE利用脚本. - Information analysis 信息分析 - 对在渗透测试中获取到的各种信息做分析 - - [java-object-searcher](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#java-object-searcher) + - [java-object-searcher](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#java-object-searcher) - - ![](https://img.shields.io/badge/Positivity-In-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-c0ny1-orange) ![](https://img.shields.io/badge/Language-Java-blue) + - ![](https://img.shields.io/badge/Positivity-In-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-c0ny1-orange) ![](https://img.shields.io/badge/Language-Java-blue) - java内存对象搜索辅助工具,配合IDEA在Java应用运行时,对内存中的对象进行搜索。比如可以可以用挖掘request对象用于回显等场景。 - - [HackBrowserData](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#hackbrowserdata-) ![](https://img.shields.io/badge/-New-red) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-moonD4rk-orange) ![](https://img.shields.io/badge/Language-Go-blue) + - [HackBrowserData](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#hackbrowserdata-) ![](https://img.shields.io/badge/-New-red) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-moonD4rk-orange) ![](https://img.shields.io/badge/Language-Go-blue) - 一款可全平台运行的浏览器数据导出解密工具 - - [frida-skeleton](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#frida-skeleton-) ![](https://img.shields.io/badge/-New-red) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-Margular-orange) ![](https://img.shields.io/badge/Language-Python-blue) + - [frida-skeleton](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#frida-skeleton-) ![](https://img.shields.io/badge/-New-red) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-Margular-orange) ![](https://img.shields.io/badge/Language-Python-blue) - 基于Frida完成的一个更简单易用的安卓hook框架 - - [MySQLMonitor & FileMonitor](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#mysqlmonitor--filemonitor-) ![](https://img.shields.io/badge/-New-red) - - - ![](https://img.shields.io/badge/Positivity-IN-green) ![![](https://img.shields.io/badge/Author-madneal-orange)](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85-yellow) ![](https://img.shields.io/badge/Author-TheKingofDuck-orange)![](https://img.shields.io/badge/Language-Java|Python-blue) + - [MySQLMonitor & FileMonitor](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#mysqlmonitor--filemonitor-) ![](https://img.shields.io/badge/-New-red) + - - ![](https://img.shields.io/badge/Positivity-IN-green) ![![](https://img.shields.io/badge/Author-madneal-orange) ](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85-yellow) ![](https://img.shields.io/badge/Author-TheKingofDuck-orange) ![](https://img.shields.io/badge/Language-Java|Python-blue) - MySQL实时监控工具 & 文件变化实时监控工具 - Back-penetration, intranet tools 后渗透、内网工具 - 在渗透测试后涉及到的权限维持,或者内网渗透涉及到的工具 - - [antSword](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#antSword) - - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-AntSwordProject-orange)![](https://img.shields.io/badge/Language-Nodejs-blue) + - [antSword](https://github.com/knownsec/404StarLink2.0-Galaxy/blob/master/TOOLS_README.md#antSword) + - ![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-AntSwordProject-orange) ![](https://img.shields.io/badge/Language-Nodejs-blue) - 中国蚁剑是一款开源的跨平台网站管理工具,一个所有安全从业者都不应该错过的开源项目。 - Others 其他相关 @@ -112,14 +112,14 @@ Not only large tools which break security barriers,various small tools that op 如果有问题可以在各项目下提交issue,如果有不错的工具推荐,可以向github提交issue, 也可以添加下方的讨论组中参与讨论。 -1、Github issue: [https://github.com/knownsec/404StarLink2.0-Galaxy/issues](https://github.com/knownsec/404StarLink2.0-Galaxy/issues) +1、Github issue: [https://github.com/knownsec/404StarLink2.0-Galaxy/issues](https://github.com/knownsec/404StarLink2.0-Galaxy/issues) 2、微信群: 微信群有两种添加方式: (1) 联系Seebug的各位小伙伴拉你入群,如: -![image-20200902105354031](./init1.png) +![image-20200902105354031](./init1.png) (2) 扫描一下二维码添加我的个人微信,并备注**星链计划**,会把大家拉到星链计划交流群中 diff --git a/TOOLS_README.md b/TOOLS_README.md index 428c561..6350b77 100644 --- a/TOOLS_README.md +++ b/TOOLS_README.md @@ -1,27 +1,27 @@ # Contents -* [甲方工具向](#%E7%94%B2%E6%96%B9%E5%B7%A5%E5%85%B7%E5%90%91) - * [Threat identification 威胁识别](#threat-identification-%E5%A8%81%E8%83%81%E8%AF%86%E5%88%AB) - * [Mitigation measures 缓解措施](#mitigation-measures-%E7%BC%93%E8%A7%A3%E6%8E%AA%E6%96%BD) - * [Juggler](#juggler) - * [Security inspection 安全检测](#security-inspection-%E5%AE%89%E5%85%A8%E6%A3%80%E6%B5%8B) - * [Security Monitor 安全监控](#security-monitor-%E5%AE%89%E5%85%A8%E7%9B%91%E6%8E%A7) - * [gshark](#gshark-) -* [乙方工具向](#%E4%B9%99%E6%96%B9%E5%B7%A5%E5%85%B7%E5%90%91) - * [Reconnaissance 信息收集](#reconnaissance-%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86) - * [Vulnerability Assessment 漏洞探测](#vulnerability-assessment-%E6%BC%8F%E6%B4%9E%E6%8E%A2%E6%B5%8B) - * [Kunpeng](#kunpeng) - * [myscan](#myscan) - * [Penetration Test 攻击与利用](#penetration-test-%E6%94%BB%E5%87%BB%E4%B8%8E%E5%88%A9%E7%94%A8) - * [Redis Rogue Server](#redis-rogue-server) - * [Information analysis 信息分析](#information-analysis-%E4%BF%A1%E6%81%AF%E5%88%86%E6%9E%90) - * [java\-object\-searcher](#java-object-searcher) - * [HackBrowserData](#hackbrowserdata-) - * [frida\-skeleton](#frida-skeleton-) - * [MySQLMonitor & FileMonitor](#mysqlmonitor--filemonitor-) - * [Back\-penetration, intranet tools 后渗透、内网工具](#back-penetration-intranet-tools--%E5%90%8E%E6%B8%97%E9%80%8F%E5%86%85%E7%BD%91%E5%B7%A5%E5%85%B7) - * [antSword](#antsword) - * [Others 其他相关](#others-%E5%85%B6%E4%BB%96%E7%9B%B8%E5%85%B3) +* [甲方工具向](#%E7%94%B2%E6%96%B9%E5%B7%A5%E5%85%B7%E5%90%91) + * [Threat identification 威胁识别](#threat-identification-%E5%A8%81%E8%83%81%E8%AF%86%E5%88%AB) + * [Mitigation measures 缓解措施](#mitigation-measures-%E7%BC%93%E8%A7%A3%E6%8E%AA%E6%96%BD) + * [Juggler](#juggler) + * [Security inspection 安全检测](#security-inspection-%E5%AE%89%E5%85%A8%E6%A3%80%E6%B5%8B) + * [Security Monitor 安全监控](#security-monitor-%E5%AE%89%E5%85%A8%E7%9B%91%E6%8E%A7) + * [gshark](#gshark-) +* [乙方工具向](#%E4%B9%99%E6%96%B9%E5%B7%A5%E5%85%B7%E5%90%91) + * [Reconnaissance 信息收集](#reconnaissance-%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86) + * [Vulnerability Assessment 漏洞探测](#vulnerability-assessment-%E6%BC%8F%E6%B4%9E%E6%8E%A2%E6%B5%8B) + * [Kunpeng](#kunpeng) + * [myscan](#myscan) + * [Penetration Test 攻击与利用](#penetration-test-%E6%94%BB%E5%87%BB%E4%B8%8E%E5%88%A9%E7%94%A8) + * [Redis Rogue Server](#redis-rogue-server) + * [Information analysis 信息分析](#information-analysis-%E4%BF%A1%E6%81%AF%E5%88%86%E6%9E%90) + * [java\-object\-searcher](#java-object-searcher) + * [HackBrowserData](#hackbrowserdata-) + * [frida\-skeleton](#frida-skeleton-) + * [MySQLMonitor & FileMonitor](#mysqlmonitor--filemonitor-) + * [Back\-penetration, intranet tools 后渗透、内网工具](#back-penetration-intranet-tools--%E5%90%8E%E6%B8%97%E9%80%8F%E5%86%85%E7%BD%91%E5%B7%A5%E5%85%B7) + * [antSword](#antsword) + * [Others 其他相关](#others-%E5%85%B6%E4%BB%96%E7%9B%B8%E5%85%B3) # 甲方工具向 @@ -40,9 +40,9 @@ 在攻击发生之中缓解威胁,如hids,waf等 -### [Juggler](https://github.com/C4o/Juggler) +### [Juggler](https://github.com/C4o/Juggler) -![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85☆-yellow)![](https://img.shields.io/badge/Author-C4o-orange) ![](https://img.shields.io/badge/Language-Go-blue) +![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85☆-yellow) ![](https://img.shields.io/badge/Author-C4o-orange) ![](https://img.shields.io/badge/Language-Go-blue) ##### 项目链接: @@ -65,9 +65,9 @@ https://github.com/C4o/Juggler 对某个安全链路的安全监控、管理平台 -### [gshark](https://github.com/madneal/gshark) ![](https://img.shields.io/badge/-New-red) +### [gshark](https://github.com/madneal/gshark) ![](https://img.shields.io/badge/-New-red) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-madneal-orange)![](https://img.shields.io/badge/Language-Go-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-madneal-orange) ![](https://img.shields.io/badge/Language-Go-blue) ##### 项目链接: @@ -92,9 +92,9 @@ https://github.com/madneal/gshark 对目标的各类漏洞探测扫描 -### [Kunpeng](https://github.com/opensec-cn/kunpeng) +### [Kunpeng](https://github.com/opensec-cn/kunpeng) -![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-opensec_cn-orange) ![](https://img.shields.io/badge/Language-Go-blue) +![](https://img.shields.io/badge/Positivity-TBD-yellow) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-opensec_cn-orange) ![](https://img.shields.io/badge/Language-Go-blue) ##### 项目链接: @@ -102,15 +102,15 @@ https://github.com/opensec-cn/kunpeng ##### 项目简述: -Kunpeng是一个Golang编写的开源POC检测框架,集成了包括数据库、中间件、web组件、cms等等的漏洞POC([查看已收录POC列表](https://github.com/opensec-cn/kunpeng/blob/master/doc/plugin.md)),可检测弱口令、SQL注入、XSS、RCE等漏洞类型,以动态链接库的形式提供调用,通过此项目可快速开发漏洞检测类的系统,比攻击者快一步发现风险漏洞。 +Kunpeng是一个Golang编写的开源POC检测框架,集成了包括数据库、中间件、web组件、cms等等的漏洞POC([查看已收录POC列表](https://github.com/opensec-cn/kunpeng/blob/master/doc/plugin.md) ),可检测弱口令、SQL注入、XSS、RCE等漏洞类型,以动态链接库的形式提供调用,通过此项目可快速开发漏洞检测类的系统,比攻击者快一步发现风险漏洞。 ##### 推荐评语: 基于Golang开发的检测框架在使用过程中有着显而易见的优势,有经验的开发维护更是将这一点发挥到极致。 -### [myscan](https://github.com/amcai/myscan) +### [myscan](https://github.com/amcai/myscan) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow)![](https://img.shields.io/badge/Author-amcai-orange) ![](https://img.shields.io/badge/Language-Python-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%e2%98%86-yellow) ![](https://img.shields.io/badge/Author-amcai-orange) ![](https://img.shields.io/badge/Language-Python-blue) ##### 项目链接: @@ -128,17 +128,17 @@ myscan是参考awvs的poc目录架构,pocsuite3、sqlmap等代码框架,以 在实际渗透测试过程中涉及到的工具 -### [Redis Rogue Server](https://github.com/Dliv3/redis-rogue-server) +### [Redis Rogue Server](https://github.com/Dliv3/redis-rogue-server) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%e2%98%86-yellow)![](https://img.shields.io/badge/Author-Dliv3-orange)![](https://img.shields.io/badge/Language-Python-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%e2%98%86-yellow) ![](https://img.shields.io/badge/Author-Dliv3-orange) ![](https://img.shields.io/badge/Language-Python-blue) ##### 项目链接: -[https://github.com/Dliv3/redis-rogue-server](https://github.com/Dliv3/redis-rogue-server) +[https://github.com/Dliv3/redis-rogue-server](https://github.com/Dliv3/redis-rogue-server) ##### 项目简述: -Redis 4.x/Redis 5.x RCE利用脚本. 项目最初来源于[https://github.com/n0b0dyCN/redis-rogue-server](https://github.com/n0b0dyCN/redis-rogue-server) +Redis 4.x/Redis 5.x RCE利用脚本. 项目最初来源于[https://github.com/n0b0dyCN/redis-rogue-server](https://github.com/n0b0dyCN/redis-rogue-server) ##### 推荐评语: @@ -148,9 +148,9 @@ Redis 4.x/Redis 5.x RCE利用脚本. 项目最初来源于[https://github.com/n0 ## Information analysis 信息分析 对在渗透测试中获取到的各种信息做分析 -### [java-object-searcher](https://github.com/c0ny1/java-object-searcher) +### [java-object-searcher](https://github.com/c0ny1/java-object-searcher) -![](https://img.shields.io/badge/Positivity-In-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-c0ny1-orange) ![](https://img.shields.io/badge/Language-Java-blue) +![](https://img.shields.io/badge/Positivity-In-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-c0ny1-orange) ![](https://img.shields.io/badge/Language-Java-blue) ##### 项目链接: @@ -164,9 +164,9 @@ java内存对象搜索辅助工具,配合IDEA在Java应用运行时,对内 当你知道某个或某种类型对象存在于内存并且你刚好需要它时,却往往因为它隐藏得太深而放弃寻找,这款可能帮助你从成千上万对象构成的森林中解脱。 -### [HackBrowserData](https://github.com/moonD4rk/HackBrowserData) ![](https://img.shields.io/badge/-New-red) +### [HackBrowserData](https://github.com/moonD4rk/HackBrowserData) ![](https://img.shields.io/badge/-New-red) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-moonD4rk-orange) ![](https://img.shields.io/badge/Language-Go-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-moonD4rk-orange) ![](https://img.shields.io/badge/Language-Go-blue) ##### 项目链接: @@ -179,9 +179,9 @@ hack-browser-data 是一个解密浏览器数据(密码|历史记录|Cookies| 这是一个你无论什么时候都有可能突然用上的工具,基于golang编写的项目也适用于各种不同场合。 -### [frida-skeleton](https://github.com/Margular/frida-skeleton) ![](https://img.shields.io/badge/-New-red) +### [frida-skeleton](https://github.com/Margular/frida-skeleton) ![](https://img.shields.io/badge/-New-red) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green)![](https://img.shields.io/badge/Author-Margular-orange) ![](https://img.shields.io/badge/Language-Python-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-Margular-orange) ![](https://img.shields.io/badge/Language-Python-blue) ##### 项目链接: @@ -194,20 +194,20 @@ frida-skeleton是基于frida的安卓hook框架,提供了很多frida自身不 调试apk项目时不可避免地需要用到frida来做辅助工具,这个项目建立在frida的基础上进一步优化了使用的许多细节以及体验。 -### [MySQLMonitor & FileMonitor](https://github.com/TheKingOfDuck/MySQLMonitor) ![](https://img.shields.io/badge/-New-red) +### [MySQLMonitor & FileMonitor](https://github.com/TheKingOfDuck/MySQLMonitor) ![](https://img.shields.io/badge/-New-red) -![](https://img.shields.io/badge/Positivity-IN-green) ![![](https://img.shields.io/badge/Author-madneal-orange)](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85-yellow) ![](https://img.shields.io/badge/Author-TheKingofDuck-orange)![](https://img.shields.io/badge/Language-Java|Python-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![![](https://img.shields.io/badge/Author-madneal-orange) ](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85-yellow) ![](https://img.shields.io/badge/Author-TheKingofDuck-orange) ![](https://img.shields.io/badge/Language-Java|Python-blue) ##### 项目链接: -[https://github.com/TheKingOfDuck/MySQLMonitor](https://github.com/TheKingOfDuck/MySQLMonitor) +[https://github.com/TheKingOfDuck/MySQLMonitor](https://github.com/TheKingOfDuck/MySQLMonitor) -[https://github.com/TheKingOfDuck/FileMonitor](https://github.com/TheKingOfDuck/FileMonitor) +[https://github.com/TheKingOfDuck/FileMonitor](https://github.com/TheKingOfDuck/FileMonitor) ##### 项目简述: -MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具) -文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具) +MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具) +文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具) ##### 推荐评语: @@ -217,9 +217,9 @@ MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具) 在渗透测试后涉及到的权限维持,或者内网渗透涉及到的工具 -### [antSword](https://github.com/AntSwordProject/antSword) +### [antSword](https://github.com/AntSwordProject/antSword) -![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-AntSwordProject-orange)![](https://img.shields.io/badge/Language-Nodejs-blue) +![](https://img.shields.io/badge/Positivity-IN-green) ![](https://img.shields.io/badge/Score-%E2%98%85%E2%98%85%E2%98%85%E2%98%85%E2%98%85-green) ![](https://img.shields.io/badge/Author-AntSwordProject-orange) ![](https://img.shields.io/badge/Language-Nodejs-blue) ##### 项目链接: