Pinned Repositories
2019GWCTF
AWD_CTF_Platform
一个简单的AWD训练平台
Chaos
A social coding experiment that updates its own code democratically.
chashell
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
CVE-2018-20250
exp for https://research.checkpoint.com/extracting-code-execution-from-winrar
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
hashcrack
Search hashes in different website.
MS17-010_WORAWIT
MS17-010 zzz_exploit.py modified to allow for reverse shells
pentest_study
从零开始内网渗透学习
src
日常src平台域名收集
F1uYu4n's Repositories
F1uYu4n/hashcrack
Search hashes in different website.
F1uYu4n/src
日常src平台域名收集
F1uYu4n/MS17-010_WORAWIT
MS17-010 zzz_exploit.py modified to allow for reverse shells
F1uYu4n/2019GWCTF
F1uYu4n/AWD_CTF_Platform
一个简单的AWD训练平台
F1uYu4n/Chaos
A social coding experiment that updates its own code democratically.
F1uYu4n/chashell
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
F1uYu4n/CVE-2018-20250
exp for https://research.checkpoint.com/extracting-code-execution-from-winrar
F1uYu4n/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
F1uYu4n/how-does-Xmanager-encrypt-password
This is a repo to tell you how Xmanager encrypt password.
F1uYu4n/go-common
哔哩哔哩 bilibili 网站后台工程 源码
F1uYu4n/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
F1uYu4n/Invoke-Obfuscation
PowerShell Obfuscator
F1uYu4n/jeecg-password-decrypt
F1uYu4n/JSPHorse
JSPHorse Project Backup
F1uYu4n/K8tools
K8工具(内网渗透/提权工具/远程溢出/漏洞利用/Exploit/APT/0day/Shellcode/Payload/priviledge/OverFlow/WebShell/PenTest)
F1uYu4n/linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
F1uYu4n/offensiveinterview
翻译国外的@WebBreacher的安全/渗透测试/红队面试题,有部分参考作用
F1uYu4n/pe_to_shellcode
Converts PE into a shellcode
F1uYu4n/Prepare-for-AWD
AWD攻防赛脚本集合
F1uYu4n/qqgroup-visualization
QQ群关系可视化查询3D力导向图
F1uYu4n/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
F1uYu4n/ScriptDotSh-MalwareDevelopment
This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/
F1uYu4n/ShortPayload
如何将Java反序列化Payload极致缩小
F1uYu4n/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
F1uYu4n/stego-toolkit
Collection of steganography tools - helps with CTF challenges
F1uYu4n/stools
攻防武器项目
F1uYu4n/SUCTF-2019
F1uYu4n/THC-Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
F1uYu4n/webshell-sample
收集自网络各处的 webshell 样本,用于测试 webshell 扫描器检测率。