Pinned Repositories
-
啥也不是
0day
Ar39.github.io
beichuan
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
email
email 信息收集
follina.py
POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
ipInfo
通过OXID解析器获取Windows远程主机上网卡地址
tomcat
tomcat 爆破的小工具,大佬轻喷,就是觉得网上的工具不太好用burp太麻烦,就自己写了一个。(字典是msf的字典)
Ar39's Repositories
Ar39/ipInfo
通过OXID解析器获取Windows远程主机上网卡地址
Ar39/tomcat
tomcat 爆破的小工具,大佬轻喷,就是觉得网上的工具不太好用burp太麻烦,就自己写了一个。(字典是msf的字典)
Ar39/follina.py
POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
Ar39/-
啥也不是
Ar39/0day
Ar39/Ar39.github.io
Ar39/beichuan
Ar39/bottleneckOsmosis
瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
Ar39/burpsuite_hack
一款代理扫描器
Ar39/CobaltStrike_CNA
使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。
Ar39/crawlergo
A powerful browser crawler for web vulnerability scanners
Ar39/credcollect
Automatic credential collection
Ar39/CVE-2021-4034
CVE-2021-4034 1day
Ar39/CVE-2022-0847
The Dirty Pipe Vulnerability
Ar39/CVE-2022-0847-DirtyPipe-Exploit
A root exploit for CVE-2022-0847 (Dirty Pipe)
Ar39/FakeToa
TCP IP伪造,建议使用 ubuntu 22.04
Ar39/fuso
一款快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具
Ar39/github-dorks
Find leaked secrets via github search
Ar39/JNDIExploit-BlackHat2023
Ar39/lazyscan
Ar39/Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
Ar39/log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
Ar39/netspy
Ar39/poc
golang 练手小项目
Ar39/SecBooks
安全类各家文库大乱斗
Ar39/SpringBootEnvDecrypt
SpringBoot获取被星号脱敏的密码的明文
Ar39/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Ar39/URLFinder
类似JSFinder的golang实现,一款用于快速提取检测页面中JS与URL的工具,更快更全更舒服
Ar39/Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
Ar39/xiahuyu
CVE-2023-2023