158915830's Stars
wangsir01/docs
互联网数字垃圾回收专用废纸篓
rzte/pdf-exploit
pdf exploit 集成
cckuailong/reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
X1r0z/JNDIMap
JNDI 注入利用工具, 支持 RMI 和 LDAP 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI and LDAP protocols, including a variety of methods to bypass higher-version JDK
pmiaowu/BurpShiroPassiveScan
一款基于BurpSuite的被动式shiro检测插件
pimps/ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
pimps/JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
welk1n/JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
lemono0/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
Y4er/ysoserial
ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
wy876/POC
收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了800多个poc/exp,长期更新。
alibaba/fastjson
FASTJSON 2.0.x has been released, faster and more secure, recommend you upgrade.
ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955
Git-lfs RCE exploit CVE-2020-27955 - tested on Windows on: git, gh cli, GitHub Desktop, Visual Studio, SourceTree etc.
welk1n/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
WangYihang/ccupp
基于社会工程学的弱口令密码字典生成工具
CodeXTF2/Burp2Malleable
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
L-codes/Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
JKme/cube
内网渗透测试工具,弱密码爆破、信息收集和漏洞扫描
shadow1ng/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
Al1ex/WindowsElevation
Windows Elevation(持续更新)
Prepouce/CoercedPotato
A Windows potato to privesc
itm4n/PrintSpoofer
Abusing impersonation privileges through the "Printer Bug"
HavocFramework/Havoc
The Havoc Framework.
xerial/sqlite-jdbc
SQLite JDBC Driver
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Mr-Un1k0d3r/CatMyPhish
Search for categorized domain
Y4tacker/JavaSec
a rep for documenting my study, may be from 0 to 0.1
arsium/EagleMonitorRAT
Remote Access Tool Written In C#
flipt-io/reverst
Reverse Tunnels in Go over HTTP/3 and QUIC