Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
4sh3s
Config files for my GitHub profile.
4sh3s.github.io
4sh3s11
Config files for my GitHub profile.
All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
AsamF
AsamF是集成Fofa、Quake、Hunter、Shodan、Zoomeye、Chinaz、0.zone及爱企查的一站式企业信息资产收集、网络资产测绘工具。
Auto-Elevate
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
phpjoern
Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.
tabby
A CAT called tabby ( Code Analysis Tool )
4sh3s's Repositories
4sh3s/0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
4sh3s/4sh3s
Config files for my GitHub profile.
4sh3s/All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
4sh3s/AsamF
AsamF是集成Fofa、Quake、Hunter、Shodan、Zoomeye、Chinaz、0.zone及爱企查的一站式企业信息资产收集、网络资产测绘工具。
4sh3s/Awesome-Redteam
一个红队知识仓库
4sh3s/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
4sh3s/geacon_pro
跨平台重构了Cobaltstrike Beacon,适配了大部分Beacon的功能,行为对国内主流杀软免杀,支持4.1以上的版本。 A cross-platform CobaltStrike Beacon bypass anti-virus, supports 4.1+ version.
4sh3s/GetDomainAdmin
获取域控权限方法枚举
4sh3s/Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
4sh3s/HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
4sh3s/JavaSec-1
a rep for documenting my study, may be from 0 to 0.1
4sh3s/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
4sh3s/PaddleDetection
Object Detection toolkit based on PaddlePaddle. It supports object detection, instance segmentation, multiple object tracking and real-time multi-person keypoint detection.
4sh3s/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
4sh3s/Platypus
:hammer: A modern multiple reverse shell sessions manager written in go
4sh3s/Polaris
渗透测试框架
4sh3s/pxplan
CVE-2022-2022
4sh3s/saucerframe
python3批量poc检测工具
4sh3s/searchall
强大的敏感信息搜索工具
4sh3s/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
4sh3s/SilentHound
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
4sh3s/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
4sh3s/Study
一起学习,一起进步
4sh3s/suo5
一款高性能 HTTP 代理隧道工具 | A high-performance http proxy tunneling tool
4sh3s/SweetBabyScan
Red Tools 渗透测试
4sh3s/sx
:vulcan_salute: Fast, modern, easy-to-use network scanner
4sh3s/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
4sh3s/WaterDragon
WaterDragon:用GithubAction实现代理功能。红队,cve,代理池,隐匿,攻防,对抗,hackone,src,proxy,CVE-2020,CVE-2021,CVE-2022
4sh3s/web-sec
WEB安全手册,漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】
4sh3s/www-project-kubernetes-top-ten
OWASP Foundation Web Respository