Pinned Repositories
520apkhook
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.
Anti-Anti-Spider
越来越多的网站具有反爬虫特性,有的用图片隐藏关键数据,有的使用反人类的验证码,建立反反爬虫的代码仓库,通过与不同特性的网站做斗争(无恶意)提高技术。(欢迎提交难以采集的网站)(因工作原因,项目暂停)
awesome-cve-poc
✍️ A curated list of CVE PoCs.
Axis-1.4-RCE-Poc
Axis <=1.4 远程命令执行(RCE) POC
Blasting-Dictionary
网站后台、文件包含、WebShell等爆破字典!
bobo.github.io
bobo's blog
claystack
CVE-2020-1350
Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2003 up to Windows Server 2019.
Edge0day.exe
CVE-2020-????
getAndtest_xiciProxy
西刺代理的爬取及验证其有效性
BoboZhang0522's Repositories
BoboZhang0522/520apkhook
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.
BoboZhang0522/Anti-Anti-Spider
越来越多的网站具有反爬虫特性,有的用图片隐藏关键数据,有的使用反人类的验证码,建立反反爬虫的代码仓库,通过与不同特性的网站做斗争(无恶意)提高技术。(欢迎提交难以采集的网站)(因工作原因,项目暂停)
BoboZhang0522/awesome-cve-poc
✍️ A curated list of CVE PoCs.
BoboZhang0522/Axis-1.4-RCE-Poc
Axis <=1.4 远程命令执行(RCE) POC
BoboZhang0522/Blasting-Dictionary
网站后台、文件包含、WebShell等爆破字典!
BoboZhang0522/bobo.github.io
bobo's blog
BoboZhang0522/claystack
BoboZhang0522/CVE-2020-1350
Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2003 up to Windows Server 2019.
BoboZhang0522/Edge0day.exe
CVE-2020-????
BoboZhang0522/getAndtest_xiciProxy
西刺代理的爬取及验证其有效性
BoboZhang0522/h1domains
HackerOne "in scope" domains
BoboZhang0522/CobaltstrikeSource
Cobaltstrike4.1 Source
BoboZhang0522/go-common
哔哩哔哩 bilibili 网站后台工程 源码
BoboZhang0522/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
BoboZhang0522/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
BoboZhang0522/Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon7.2内置94个模块,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、SMBGhost、Weblogic、ActiveMQ、Tomcat、Struts2系列,密码口令爆破(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、Netbios、LDAP、SmbHash、WmiHash、Winrm),远程执行命令(wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
BoboZhang0522/LinuxBashShellScriptForOps
Linux Bash Shell Script and Python Script For Ops and Devops
BoboZhang0522/my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
BoboZhang0522/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
BoboZhang0522/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce
BoboZhang0522/PhishingBook
钓鱼攻击资源汇总&备忘录
BoboZhang0522/sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
BoboZhang0522/shadow2
渗透 超全面的渗透资料💯 包含:0day,xss,sql注入,提权……
BoboZhang0522/shellcodeloader
shellcodeloader
BoboZhang0522/show-me-the-code
Python 练习册,每天一个小程序
BoboZhang0522/spring-rce-war
BoboZhang0522/SpringShell
Spring Core RCE
BoboZhang0522/Struts2-Scan
Struts2全漏洞扫描利用工具
BoboZhang0522/Team-Ares
Repository for all TeamARES POC code and tools.
BoboZhang0522/unauthorized-check
扫描常见未授权访问(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)