一些常用工具整理

windows 免杀远控

Cobalt Strike

信息收集

C段

https://phpinfo.me/bing.php

passive dns

https://www.circl.lu/services/passive-dns/
https://www.passivetotal.org/
https://www.virustotal.com/fr/documentation/public-api/#getting-ip-reports
https://www.passivetotal.org/

地区ip

中国ip http://www.ipdeny.com/ipblocks/data/countries/cn.zone

网站证书查看

http://web.chacuo.net/netsslcheck

其他

https://x.threatbook.cn/
https://censys.io/data

端口扫描

zmap 扫单一端口

sudo zmap -p 80 -o results.csv 10.0.0.0/24

massscan 扫多端口

sudo ./masscan -p1-65535 10.0.0.024 -oJ result.json

隐藏身份

https://www.noip.com/
https://github.com/fate0/proxylist/blob/master/proxy.list
127.0.0.1.xip.io
https://proxy.coderbusy.com/

社工库

打码

http://163.donothackme.club/
https://haveibeenpwned.com/

注册查询

https://namechk.com/
http://www.reg007.com/

hash

md5

http://cmd5.com/
http://www.md5.cc/
https://www.somd5.com/

window hash

http://www.objectif-securite.ch/ophcrack.php

勒索软件解密

https://www.nomoreransom.org/

批量扫描

https://fofa.so/
https://www.zoomeye.org

web 指纹识别

https://github.com/Ms0x0/Dayu

渗透辅助

https://github.com/BugScanTeam/DNSLog

在线运行

php https://3v4l.org/

数据库连接

https://www.adminer.org

java 反序列化问题

https://github.com/mbechler/marshalsec
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet

web 学习

https://github.com/CHYbeta/Web-Security-Learning

静态代码分析

java http://find-sec-bugs.github.io/

php 代码加密解密

PHP代码修复工具(针对乱码类、混淆类文件修复) http://zhaoyuanma.com/phpcodefix.html

分享到 评论