Pinned Repositories
0day
各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
0x94TR
0x94TR Scanner Burp Suite Extension
2019
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
408
for my car
9ak47er.github.io
AD-Attack-Defense
Active Directory Security For Red & Blue Team
penetration
渗透 超全面的渗透资料💯 包含:0day,xss,sql注入,提权……
simditor
DOM XSS
SRC-experience
工欲善其事,必先利其器
Heartway's Repositories
Heartway/AlliN
A flexible scanner
Heartway/ARL
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Heartway/BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
Heartway/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
Heartway/copagent
java memory web shell extracting tool
Heartway/ctfs
Heartway/CVE-2021-3156
CVE-2021-3156
Heartway/exploits
Heartway/Fuzz_dic
参数 | 字典 collections
Heartway/gadgetinspector
一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。
Heartway/Git_Extract
提取远程 git 泄露或本地 git 的工具
Heartway/GoFileBinder
golang免杀捆绑器
Heartway/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Heartway/host_scan
这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
Heartway/HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
Heartway/java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
Heartway/ksubdomain
无状态子域名爆破工具
Heartway/LandrayExploit
蓝凌OA漏洞利用工具/前台无条件RCE/文件写入
Heartway/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Heartway/rogue_mysql_server
一个支持 go, php, python, java, 原生命令行等多种语言下客户端的 mysql 恶意服务器
Heartway/SAP_EEM_CVE-2020-6207
PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)
Heartway/SecConArchive
Security Conference Archive
Heartway/sectool
zheyangzi
Heartway/shiro_attack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
Heartway/SNETCracker
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
Heartway/untrusted-types
Heartway/V7_bus_anddriver
拼车司机
Heartway/WAF-bypass
Heartway/xray-crack
xray社区高级版证书生成,仅供学习研究,正常使用请支持正版
Heartway/zerologon
Exploit for zerologon cve-2020-1472