Pinned Repositories
Amnesiay.github.io
BlackDex
BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.
CVE-Master
收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.
exploits
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
genpAss
JNDIExploit
A malicious LDAP server for JNDI injection attacks
JSINFO-SCAN
递归式寻找域名和api。
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Amnesiay's Repositories
Amnesiay/Amnesiay.github.io
Amnesiay/BlackDex
BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.
Amnesiay/CVE-Master
收集本人自接触渗透测试用于漏洞验证的所有热门CVE、POC、CNVD攻击有效载荷+测试工具+FUZZ,一个仓库满足许多攻击测试场景,开箱即用.
Amnesiay/exploits
Amnesiay/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Amnesiay/genpAss
Amnesiay/JNDIExploit
A malicious LDAP server for JNDI injection attacks
Amnesiay/JSINFO-SCAN
递归式寻找域名和api。
Amnesiay/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Amnesiay/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Amnesiay/CobaltstrikeSource
Cobaltstrike4.1 Source
Amnesiay/PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE
Amnesiay/rong
Amnesiay/SecondaryDevCobaltStrike
二次开发过后的CobaltStrike,版本为4.1.在原来CobaltStrike的基础上修改多处特征,解决流量查杀问题.
Amnesiay/SRC-experience
工欲善其事,必先利其器
Amnesiay/Viper
metasploit-framework with webui / metasploit-framework 图形界面