Pinned Repositories
Auto-Root-Exploit
Auto Root Exploit Tool
BT_Panel_Privilege_Escalation
宝塔面板Windows版提权方法
bypassUAC
基于注册表劫持BypassUAC
EcShop_RCE_Scanner
一款轻量级的扫描工具
FileZilla_Privilege_Escalation
FileZilla Server Interface 加账户脚本
JsLoader
js免杀shellcode,绕过杀毒添加自启
office-exploits
office-exploits Office漏洞集合 https://www.sec-wiki.com
RDODecrypt
Remote Desktop Organizer 密码破解
ShellcodeLoader
将shellcode用rsa加密并动态编译exe,自带几种反沙箱技术。
xsshunter
The XSS Hunter service - a portable version of XSSHunter.com
Hzllaga's Repositories
Hzllaga/ShellcodeLoader
将shellcode用rsa加密并动态编译exe,自带几种反沙箱技术。
Hzllaga/JsLoader
js免杀shellcode,绕过杀毒添加自启
Hzllaga/BT_Panel_Privilege_Escalation
宝塔面板Windows版提权方法
Hzllaga/RDODecrypt
Remote Desktop Organizer 密码破解
Hzllaga/bypassUAC
基于注册表劫持BypassUAC
Hzllaga/EcShop_RCE_Scanner
一款轻量级的扫描工具
Hzllaga/FileZilla_Privilege_Escalation
FileZilla Server Interface 加账户脚本
Hzllaga/xsshunter
The XSS Hunter service - a portable version of XSSHunter.com
Hzllaga/BackgroundScanner
Hzllaga/AWVS-Script
Hzllaga/FridaHookSysAPI
System level encryption algorithm Hook from Frida
Hzllaga/upload-fuzz-dic-builder
上传漏洞fuzz字典生成脚本
Hzllaga/viewgen
Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
Hzllaga/GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
Hzllaga/Hzllaga
Hzllaga/IITC_TW
IITC 中文版 (Ingress map)
Hzllaga/IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Hzllaga/JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
Hzllaga/JNDIExploit-1
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Hzllaga/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Hzllaga/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
Hzllaga/MaliciousMacroGenerator
Malicious Macro Generator
Hzllaga/onlinetools
在线cms识别|旁站|c段|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
Hzllaga/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Hzllaga/PHPFuck
PHPFuck: ([+.^]) / Using only 7 different characters to write and execute php.
Hzllaga/qqgroup-visualization
QQ群关系可视化查询3D力导向图
Hzllaga/Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Hzllaga/Symlink-Directory-Traversal-smb-manually
SAMBA Symlink Directory Traversal Manual Exploitation
Hzllaga/wtfsec.org
Hzllaga/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档