Cainlll

Cainlll's Stars

• qi4L/JYso

  It can be either a JNDIExploit or a ysoserial.

  Language:Java1.5k178

• pwntester/ysoserial.net

  Deserialization payload generator for a variety of .NET formatters

  Language:C#3.2k468

• rmb122/rogue_mysql_server

  A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

  Language:Go68878

• chengling-ing/SecReport

  多人协同信息安全渗透测试报告编写/导出平台

  Language:Python211

• go-gost/gost

  GO Simple Tunnel - a simple tunnel written in golang

  Language:Go4.1k498

• jenv/jenv

  Manage your Java environment

  Language:Shell5.8k379

• chaitin/xray-plugins

  11510

• chaitin/xapp

  2186

• chaitin/SafeLine

  serve as a reverse proxy to protect your web services from attacks and exploits.

  Language:Go12k742

• arch3rPro/PST-Bucket

  Scoop-Buket for Penetration Suite Toolkit - Windows渗透测试工具仓库For Scoop

  Language:PowerShell12217

• vaycore/OneScan

  OneScan是递归目录扫描的BurpSuite插件

  Language:Java67829

• tldr-pages/tldr

  📚 Collaborative cheatsheets for console commands

  Language:Markdown50.5k4.1k

• PortSwigger/route-vul-scan

  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件

  Language:Java71

• pen4uin/java-echo-generator

  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.

  Language:Java38736

• ffffffff0x/AboutSecurity

  Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.

  Language:HTML971187

• gh0stkey/Web-Fuzzing-Box

  Web Fuzzing Box - Web 模糊测试字典与一些Payloads

  Language:HTML2.1k371

• d3ckx1/Fvuln

  F-vuln（全称：Find-Vulnerability）是为了自己工作方便专门编写的一款自动化工具，主要适用于日常安全服务、渗透测试人员和RedTeam红队人员，它集合的功能包括：存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。

  1.1k142

• lz520520/railgun

  2k246

• tzwlhack/Vulnerability

  6714

• bcvgh/daydayExp-pocs

  daydayExp的漏洞POC仓库，慢慢更新...

  17920

• wh1t3p1g/ysomap

  A helpful Java Deserialization exploit framework.

  Language:Java1.2k150

• arch3rPro/Pentest-Windows

  Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

  2.2k206

• charonlight/NacosExploitGUI

  Nacos漏洞综合利用GUI工具，集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用

  Language:Java89567

• nccgroup/SocksOverRDP

  Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop

  Language:C++1.1k167

• Y4tacker/JavaSec

  a rep for documenting my study, may be from 0 to 0.1

  Language:Java1.9k283

• 404tk/CVE-2022-46463

  harbor unauthorized detection

  Language:Python203

• feihong-cs/Java-Rce-Echo

  Java RCE 回显测试代码

  Language:Java992176

• exp1orer/JNDI-Inject-Exploit

  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

  Language:Java656113

• SleepingBag945/dddd

  dddd是一款使用简单的批量信息收集,供应链漏洞探测工具，旨在优化红队工作流，减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标

  Language:Go1k98

• ezshine/wxapkg-convertor

  一个反编译微信小程序的工具，仓库也收集各种微信小程序/小游戏.wxapkg文件

  Language:JavaScript1.3k372