Pinned Repositories
acunetix_0day
Acunetix 0day RCE
AIL-framework
AIL framework - Analysis Information Leak framework
Android_Kernel_CVE_POCs
A list of my CVE's with POCs
antSword
【中国蚁剑】一款跨平台的开源网站管理工具 // AntSword is a cross platform website management tools.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
ark
分布式扫描框架
cobalt-strike-persistence
cobalt strike 自启动脚本
Dump-Clear-Password-after-KB2871997-installed
NSA-EQGRP-Auction-Files
php_bugs
PHP代码审计分段讲解
Cyri1s's Repositories
Cyri1s/Android_Kernel_CVE_POCs
A list of my CVE's with POCs
Cyri1s/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Cyri1s/awesome-cve-poc
✍️ A curated list of CVE PoCs.
Cyri1s/blur-admin
Angular Bootstrap Admin Panel Framework
Cyri1s/charles-hacking
Hacking Charles Web Debugging Proxy
Cyri1s/CVE-2017-0199
Exploit toolkit CVE-2017-0199 - v3.0 is a handy python script which provides pentesters and security researchers a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious (Obfuscated) RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
Cyri1s/CVE-2017-0213
CVE-2017-0213 for command line
Cyri1s/dnsAutoRebinding
ssrf、ssrf内网地址fuzz、dns二次rebinding、支持ipv4/ipv6、支持ip地址转码、dns记录污染
Cyri1s/dnssearch
A subdomain enumeration tool.
Cyri1s/docker-ngrok
An Ngrok v2 container based on wizardapps/ngrok and fnichol/ngrok
Cyri1s/Dr0p1t-Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Cyri1s/DropboxC2C
DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.
Cyri1s/EggShell
iOS/macOS Remote Administration Tool
Cyri1s/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Cyri1s/GreatSCT
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
Cyri1s/Hawkeye
GitHub 泄露监控系统
Cyri1s/IdeaLicenseServer
Cyri1s/lightbulb-framework
Tools for auditing WAFS
Cyri1s/mana
Our mana toolkit for wifi rogue AP attacks and MitM - see hostapd-mana too
Cyri1s/MS17-010
MS17-010
Cyri1s/PowerShell-Suite
My musings with PowerShell
Cyri1s/prowler
aws-cis-security-benchmark: Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark (https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
Cyri1s/puppetstrings
Hitch a free ride to Ring 0 on Windows
Cyri1s/ReconDog
Recon Dog is an all in one tool for all your basic information gathering needs.
Cyri1s/RedTips
Red Team Tips as posted by @vysecurity on Twitter
Cyri1s/salt-scanner
Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
Cyri1s/sudo-backdoor
Wraps sudo; transparently steals user's credentials and exfiltrate over DNS. For those annoying times when you get a shell/file write on a sudoers account and need to leverage their credentials.
Cyri1s/weblogic_cmd
weblogic t3 deserialization rce
Cyri1s/Winpcap_Install
Auto install WinPcap on Windows(command line)
Cyri1s/x-waf
适用于中小企业的云waf