HxXhY's Stars
Jumbo-WJB/Fuzz_Waf
vulmon/Vulmap
Vulmap Online Local Vulnerability Scanners Project
chroblert/WindowsVulnScan
AlessandroZ/BeRoot
Privilege Escalation Project - Windows / Linux / Mac
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
AonCyberLabs/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
mzfr/gtfo
Search gtfobins and lolbas files from your terminal
InteliSecureLabs/Linux_Exploit_Suggester
Linux Exploit Suggester; based on operating system release number
nil0x42/phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
uvbs/Script-collection
这是一个收集脚本的项目
k8gege/JbossExploit
MSF moudle jboss invoke deploy getshell Exploit & Jboss jmx-console getshell exploit
danigargu/CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
ohpe/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
Tuhinshubhra/CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
S9MF/S9MF-php-webshell-bypass
为方便WAF入库的项目 | 分享PHP免杀大马 | 菜是原罪 | 多姿势(假的就一个)
mysqludf/lib_mysqludf_sys
A UDF library with functions to interact with the operating system. These functions allow you to interact with the execution environment in which MySQL runs.
p3n73st3r/Ghazi
Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB in "Proxy" or "Repeater" TAB
nian-hua/BurpExtender
SecYouth/sec-jobs
信息安全实习和校招的面经、真题和资料 减少安全选手找实习/工作的痛苦
Leezj9671/Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
l3m0n/Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
Artemis1029/Java_xmlhack
帮助java环境下任意文件下载情况自动化读取源码的小工具
incredibleindishell/ysoserial.net-complied
This repository contains complied exe of ysoserial.net ( ys.exe in directory ysoserial/bin/Debug). This work belongs to @pwntester bhai ji \m/
zcgonvh/CVE-2020-0688
Exploit and detect tools for CVE-2020-0688
LandGrey/ClassHound
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
zcgonvh/cve-2017-7269
fixed msf module for cve-2017-7269
Yt1g3r/CVE-2020-0688_EXP
CVE-2020-0688_EXP Auto trigger payload & encrypt method
rootkiter/Binary-files
EarthWorm/Termite 停止更新
LangziFun/LangSrcCurise
SRC子域名资产监控