神兵利器 | 史上最全渗透工具总结

声明:本人坚决反对利用文章内容进行恶意攻击行为,一切错误行为必将受到惩罚,绿色网络需要靠我们共同维护,推荐大家在了解技术原理的前提下,更好的维护个人信息安全、企业安全、国家安全。

  1. 信息搜集工具

ARL 资产侦察灯塔‍ https://github.com/TophantTechnology/ARL‍
AsamF 资产收集工具 https://github.com/Kento-Sec/AsamF
shuize信息搜集‍‍ https://github.com/0x727/ShuiZe_0x727
ENScan 企业信息搜集 https://github.com/wgpsec/ENScan_GO
EHole 指纹探测工具‍ https://github.com/EdgeSecurityTeam/EHole‍
ObserverWard指纹识别‍ https://github.com/0x727/ObserverWard
Dismap 指纹识别 https://github.com/zhzyker/dismap
Naabu 端口扫描 https://github.com/projectdiscovery/naabu‍
ALLiN 子域名收集 https://github.com/P1-Team/AlliN‍‍
OneForAll 子域收集‍ https://github.com/shmilylty/OneForAll
ksubdomain子域名爆破‍ https://github.com/knownsec/ksubdomain
subfinder 子域名搜集‍ https://github.com/projectdiscovery/subfinder
Amass 子域名扫描工具‍ https://github.com/OWASP/Amass
Payer 子域名挖掘机 https://github.com/Pik-sec/Payer
dirsearch 目录扫描‍‍ https://github.com/maurosoria/dirsearch
Phoenix 目录扫描神器 https://github.com/Pik-sec/Phoenix
feroxbuster 目录扫描‍ https://github.com/epi052/feroxbuster
GitHack泄露利用工具 https://github.com/lijiejie/GitHack
API未授权扫描插件 https://github.com/API-Security/APIKit

2. Web漏洞扫描工具

railgun漏洞扫描工具 https://github.com/lz520520/railgun‍
YAKIT漏洞扫描工具 https://github.com/yaklang/yakit
Exphub 漏洞扫描工具 https://github.com/zhzyker/exphub‍
EasyPen 漏洞扫描工具 https://github.com/lijiejie/EasyPen
MYExploit 漏洞扫描工具‍ https://github.com/achuna33/MYExploit
scan4all 漏洞扫描工具‍ https://github.com/hktalent/scan4all
VScan 漏洞扫描工具‍‍ https://github.com/veo/vscan
POC-bomber漏洞扫描工具 https://github.com/tr0uble-mAker/POC-bomber
Vulmap web漏洞扫描‍‍ https://github.com/zhzyker/vulmap
Komo 漏洞扫描工具 https://github.com/komomon/Komo
xray 被动扫描工具 https://github.com/chaitin/xray
Perun 综合扫描器‍‍ https://github.com/WyAtu/Perun
SCAMagicScan漏洞扫描 https://github.com/SCAMagic/SCAMagicScan
Packer Fuzzer Webpack‍ https://github.com/rtcatc/Packer-Fuzzer

3. WebShell管理工具

哥斯拉Webshell管理 https://github.com/BeichenDream/Godzilla
ByPassGodzilla‍‍ https://github.com/Tas9er/ByPassGodzilla
AntSword 加载器 https://github.com/AntSwordProject/AntSword-Loader

4. 内网扫描工具

fscan 内网扫描工具

https://github.com/shadow1ng/fscan

nuclei 内网扫描工具 https://github.com/projectdiscovery/nuclei
kscan 内网扫描工具 https://github.com/lcvvvv/kscan
nacs 内网扫描工具 https://github.com/u21h2/nacs
scan4all 内网扫描工具 https://github.com/hktalent/scan4all
VScan 漏洞扫描工具 https://github.com/veo/vscan
LadonGo 漏洞扫描器 https://github.com/k8gege/LadonGo

5. 主机提权工具

PEASS-ng https://github.com/carlospolop/PEASS-ng
Traitor https://github.com/liamg/traitor
LinuxEelvation https://github.com/Al1ex/LinuxEelvation
windows提权检测‍ https://github.com/bitsadmin/wesng

6. 内网穿透工具

Stowaway 多级代理工具 https://github.com/ph4ntonn/Stowaway‍
Dog Tunnel端口映射 https://github.com/vzex/dog-tunnel‍
frp 端口映射‍‍ https://github.com/fatedier/frp
iox 端口转发工具‍‍ https://github.com/EddieIvan01/iox
spp 隧道代理工具‍ https://github.com/esrrhs/spp
Neo-reGeorg 代理工具 https://github.com/L-codes/Neo-reGeorg

7. 弱口令爆破工具

crack 弱口令暴力破解‍ https://github.com/niudaii/crack
超级弱口令检查工具 https://github.com/shack2/SNETCracker

 

 

 

 

 

 

你可能感兴趣的:(安全攻防,前端,javascript,开发语言,ecmascript,安全)