Pinned Repositories
arthas
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
avbook
AV电影管理系统, avmoo , javbus , javlibrary 爬虫,线上AV影片图书馆,AV磁力链接数据库,Japanese Adult Video Library,Adult Video Magnet Links - Japanese Adult Video Database
awvs_script_decode
解密好的AWVS10.5 data/script/目录下的脚本
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
cmseasy_decode
CVE-2019-2890
CVE-2019-2890 Exploit for WebLogic with T3
CVE-2020-14645
Middleware-Vulnerability-detection
CMS、中间件漏洞检测利用合集 Since 2019-9-15
poc--exp
常用渗透poc收集
DaBoQuan's Repositories
DaBoQuan/CVE-2020-14645
DaBoQuan/Middleware-Vulnerability-detection
CMS、中间件漏洞检测利用合集 Since 2019-9-15
DaBoQuan/poc--exp
常用渗透poc收集
DaBoQuan/CVE-2019-2890
CVE-2019-2890 Exploit for WebLogic with T3
DaBoQuan/arthas
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
DaBoQuan/BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
DaBoQuan/CobaltStrike
CobaltStrike's source code
DaBoQuan/CodeqlNote
Codeql学习笔记
DaBoQuan/daboquan.github.io
DaBoQuan/dafa
DaBoQuan/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
DaBoQuan/exploits
DaBoQuan/GScan
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
DaBoQuan/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
DaBoQuan/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
DaBoQuan/learnjavabug
Java安全相关的漏洞和技术demo,其中包括原生Java、Fastjson、Jackson、Hessian2以及XML反序列化漏洞利用和Dubbo(Hessian2反序列化)、Shiro(PaddingOracleCBC)等框架的exploits,并且还有Java Security Manager绕过、Dubbo-Hessian2安全加固、RMI利用等等实践代码。
DaBoQuan/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
DaBoQuan/nps
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
DaBoQuan/Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
DaBoQuan/phuip-fpizdam
DaBoQuan/pocassist
pocassist是一款全新的开源漏洞测试框架,无需代码知识也可实现对poc的在线编辑、管理、测试。 使用之前请先阅读文档。
DaBoQuan/PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin
DaBoQuan/PrintNightmare
DaBoQuan/Shiro-721
Shiro-721 RCE Via RememberMe Padding Oracle Attack
DaBoQuan/SimpleRemoter
基于gh0st的远程控制器:实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能,优化全部代码及整理排版,修复内存泄漏缺陷,程序运行稳定。此项目初版见:https://github.com/zibility/Remote
DaBoQuan/SMBGhost_RCE_PoC
DaBoQuan/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
DaBoQuan/TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
DaBoQuan/Viper
Viper (炫彩蛇) 开源图形化内网渗透工具
DaBoQuan/WatchAD
AD Security Intrusion Detection System