轻量化红队知识仓库,不定期更新。
markdown文档与Linux alias命令或Windows doskey命令联动,可实现终端快捷查询。
- 反弹shell命令速查:Click Here
- 重要端口及服务速查:Click Here
- 安全厂商及其官网链接速查:Click Here
- 红队中易被攻击的一些重点系统漏洞整理(来源:棱角安全团队):Click Here
- Apache项目及漏洞指纹速查:Click Here
- CyberChef:编解码及加密,可本地部署 https://github.com/gchq/CyberChef
- OK Tools在线工具:https://github.com/wangyiwy/oktools
- CTF在线工具:http://www.hiencode.com/
- Unicode字符表:https://www.52unicode.com/enclosed-alphanumerics-zifu
- 在线MD5 Hash破解:https://www.somd5.com/
- Explain Shell:Shell命令解析 https://explainshell.com/
- 在线正则表达式:https://c.runoob.com/front-end/854/
- Ceye DNS:DNS oob平台 http://ceye.io/
- DNS log:DNS oob平台 http://dnslog.cn/
- Webshell Chop:https://webshellchop.chaitin.cn/demo/
- XSS Chop:https://xsschop.chaitin.cn/demo/
- WebShell查杀:https://n.shellpub.com/
- Google Hacking Database:https://www.exploit-db.com/google-hacking-database
- Wayback Machine:网页缓存查询 https://archive.org/web
- 在线代码格式标准化:http://web.chacuo.net/formatsh
- IP精准定位:https://www.ipuu.net/#/home
- IP 138:https://site.ip138.com/
- Security Trails:https://securitytrails.com/
- Chinaz:https://ping.chinaz.com/
- Host Tracker:https://www.host-tracker.com/
- Webpage Test:https://www.webpagetest.org/
- DNS Check:https://dnscheck.pingdom.com/
- 站长之家 Whois:https://whois.chinaz.com/
- 中国万网 Whois:https://whois.aliyun.com/
- 国际 Whois:https://who.is/
- Hacker Target:https://hackertarget.com/find-dns-host-records
- DNS Dumpster:https://dnsdumpster.com
- DNS DB:https://dnsdb.io/zh-cn
- Censys:https://censys.io
- Certificate Search:https://crt.sh
- 证书透明度监控:https://developers.facebook.com/tools/ct"
- CNNIC中国互联网信息中心:http://ipwhois.cnnic.net.cn
- Fofa:https://fofa.info/
- Shodan:https://www.shodan.io/
- ZoomEye:https://www.zoomeye.org/
- 谛听:https://www.ditecting.com/
- 360网络空间测绘:https://quake.360.cn/quake/#/index
- Virustotal:https://www.virustotal.com/gui/home/upload
- 腾讯哈勃分析系统:https://habo.qq.com/tool/index
- 微步在线威胁情报:https://x.threatbook.cn/
- 奇安信威胁情报:https://ti.qianxin.com/
- 360威胁情报:https://ti.360.net/#/homepage
- 安恒威胁情报:https://ti.dbappsecurity.com.cn/
- 火线安全平台:https://www.huoxian.cn
- Hacking8安全信息流:https://i.hacking8.com/
- CTF Wiki:https://ctf-wiki.org/
- CTF Time:https://ctftime.org/
- CTF Tools:https://github.com/zardus/ctf-tools
- 攻防世界:https://adworld.xctf.org.cn/
- Hacker 101:https://www.hacker101.com/
- Exploit Database:https://www.exploit-db.com/
- HackerOne:https://www.hackerone.com/
- Vulhub:https://vulhub.org/
- 乌云镜像:http://wooyun.2xss.cc/
- 知道创宇漏洞平台:https://www.seebug.org/
- HackTheBox:https://www.hackthebox.com/
- OWASP Top10:https://owasp.org/www-project-juice-shop/
- WebGoat:https://github.com/WebGoat/WebGoat
- 狼组公开知识库:https://wiki.wgpsec.org/
- 404星链计划:知道创宇 404 实验室 https://github.com/knownsec/404StarLink
-
Wapplyzer:Chrome插件 跨平台网站分析工具 https://github.com/AliasIO/Wappalyzer
-
TideFinger:提取了多个开源指纹识别工具的规则库并进行了规则重组 https://github.com/TideSec/TideFinger
-
御剑web指纹识别程序:https://www.webshell.cc/4697.html
-
云悉指纹识别:http://www.yunsee.cn/
-
dirsearch:目录扫描/爆破 https://github.com/maurosoria/dirsearch
-
dirmap:目录扫描/爆破 https://github.com/H4ckForJob/dirmap
-
Arjun:HTTP参数扫描器 https://github.com/s0md3v/Arjun
-
ksubdomain:子域名爆破 https://github.com/knownsec/ksubdomain
-
Gobuster:URI/DNS/WEB爆破 https://github.com/OJ/gobuster
- Dictionary-Of-Pentesting:渗透测试、SRC漏洞挖掘、爆破、Fuzzing等常用字典 https://github.com/insightglacier/Dictionary-Of-Pentesting
- fuzzDicts:Web渗透Fuzz字典 https://github.com/TheKingOfDuck/fuzzDicts
- PentesterSpecialDict:渗透测试工程师精简化字典 https://github.com/ppbibo/PentesterSpecialDict
- AlliN:https://github.com/P1-Team/AlliN
- Kunyu:https://github.com/knownsec/Kunyu
- OneForAll:https://github.com/shmilylty/OneForAll
- ShuiZe:https://github.com/0x727/ShuiZe_0x727
- Fofa Viewer:https://github.com/wgpsec/fofa_viewer
- fscan:内网综合扫描工具 https://github.com/shadow1ng/fscan
- EHole:红队重点攻击系统指纹探测工具 https://github.com/EdgeSecurityTeam/EHole
- Ladon:用于大型网络渗透的多线程插件化综合扫描工具 https://github.com/k8gege/Ladon
- Windows-Exploit-Suggester:https://github.com/AonCyberLabs/Windows-Exploit-Suggester
- Linux_Exploit_Suggester:https://github.com/InteliSecureLabs/Linux_Exploit_Suggester
- Vulhub:https://vulhub.org/
- PeiQi文库:http://wiki.peiqi.tech/
- PoCBox:https://github.com/0verSp4ce/PoCBox
- Vulnerability:https://github.com/EdgeSecurityTeam/Vulnerability
- POChouse:https://github.com/DawnFlame/POChouse
- ysoserial:Java反序列化 https://github.com/frohoff/ysoserial
- Vulmap:漏洞扫描和验证工具 https://github.com/zhzyker/vulmap
- Some-PoC-oR-ExP:各种漏洞PoC、ExP的收集或编写 https://github.com/coffeehb/Some-PoC-oR-ExP
- CMS-Hunter:CMS漏洞测试用例集合 https://github.com/SecWiki/CMS-Hunter
- Penetration_Testing_POC:https://github.com/Mr-xn/Penetration_Testing_POC
- PayloadsAllTheThings:https://github.com/swisskyrepo/PayloadsAllTheThings
- java.lang.Runtime.exec() Payload:java Payload在线生成 https://www.bugku.net/runtime-exec-payloads/
- PHP Generic Gadget Chains:PHP反序列化Payload https://github.com/ambionics/phpggc
- Webshell收集项目:https://github.com/tennc/webshell
- Behinder 冰蝎:https://github.com/rebeyond/Behinder
- Behinder3:
kali + java 11.0.14或windows10 + java 1.8.0_91,注意,该环境下Behinder2无法正常运行 - Behinder2:windows10 + java 1.8.0_91
- Behinder3:
- Godzilla 哥斯拉:https://github.com/BeichenDream/Godzilla
- NPS:通过web端管理,无需配置文件 https://github.com/ehang-io/nps
- FRP:55k star项目 https://github.com/fatedier/frp
- Neo-reGeorg:tunnel快速部署 https://github.com/L-codes/Neo-reGeorg
- Proxifier:windows代理工具 https://www.proxifier.com/
- Proxychains:kali代理工具 https://github.com/haad/proxychains
- The art of command line:快速掌握命令行 https://github.com/jlevy/the-art-of-command-line
- Responder:实现获取NTLM Hash等功能 https://github.com/SpiderLabs/Responder
- Impacket:其中的psexec.py通过用户名和密码远程连接到目标服务器 https://github.com/SecureAuthCorp/impacket
- PsTools:PsExec.exe功能同Impacket中的psexec.py https://docs.microsoft.com/en-us/sysinternals/downloads/pstools
- CrackMinApp:反编译微信小程序 https://github.com/Cherrison/CrackMinApp
- AppInfoScanner:移动端信息收集 https://github.com/kelvinBen/AppInfoScanner
-
Awesome CobaltStrike:CobaltStrike知识库 https://github.com/zer0yu/Awesome-CobaltStrike
-
Erebus:后渗透测试插件 https://github.com/DeEpinGh0st/Erebus
-
LSTAR:综合后渗透插件 https://github.com/lintstar/LSTAR
-
ElevateKit:提权插件 https://github.com/rsmudge/ElevateKit
- HaE:高亮标记与信息提取辅助型插件 https://github.com/gh0stkey/HaE
- Log4j2Scan:Log4j主动扫描 https://github.com/whwlsfb/Log4j2Scan
- Proxy SwitchyOmega:快速切换代理 https://github.com/FelisCatus/SwitchyOmega
- Wappalyzer:识别网站技术/框架/语言 https://www.wappalyzer.com/
- EditThisCookie:修改Cookie https://www.editthiscookie.com/
- FindSomething:在网页的源代码或js中寻找有用信息 https://github.com/ResidualLaugh/FindSomething
- Disable JavaScript:禁用JavaScript绕过弹窗 https://github.com/dpacassi/disable-javascript
- Hunter:查找网页暴露邮箱 https://hunter.io/chrome
- Xray:安全评估工具 https://github.com/chaitin/xray
- 创建alias.bat,文件内容如下。
@echo off
::Tips
@DOSKEY httpcode=type "D:\Hack Tools\Tips\http_status_code.md"
@DOSKEY versions=type "D:\Hack Tools\Tips\versions.md"
@DOSKEY owasp=type "D:\Hack Tools\Tips\owasp.md"
- 注册表打开
计算机\HKEY_CURRENT_USER\Software\Microsoft\Command Processor。 - 创建字符串值
autorun,赋值为alias.bat所在位置,例如D:\Software\alias.bat。 - 双击alias.bat运行,重启cmd。
- 此时在终端输入httpcode,即可返回文件内容。
解决cmd中文乱码的问题:
- 注册表打开
计算机\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor。- 创建字符串值
autorun,赋值为chcp 65001。
- 安装插件
Markdown Viewer。 - 配合Bootstrap可以实现快速部署导航页或文档库。
