Pinned Repositories
coremail-poc-exp
cve-2019-0708-exp
CVE-2019-17564
CVE-2019-17564 Apache Dubbo deserialization RCE
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
CVE-2022-24990-TerraMaster-TOS--PHP-
CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令
Joomla-3.4.6-RCE
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE
ratel
ratel(獾) 是由rust开发的红队信息搜集,扫描工具,支持从fofa,zoomeye API查询,主动扫描端口,提取https证书域名,自定义poc,输出xlsx格式。
SMBGhost_RCE_PoC
Wechat_0day
Jaky5155's Repositories
Jaky5155/Aazhen-RexHa
自研JavaFX图形化漏洞扫描工具,支持扫描的漏洞分别是: ThinkPHP-2.x-RCE, ThinkPHP-5.0.23-RCE, ThinkPHP5.0.x-5.0.23通杀RCE, ThinkPHP5-SQL注入&敏感信息泄露, ThinkPHP 3.x 日志泄露NO.1, ThinkPHP 3.x 日志泄露NO.2, ThinkPHP 5.x 数据库信息泄露的漏洞检测,以及批量检测的功能。漏洞POC基本适用ThinkPHP全版本漏洞。
Jaky5155/All-Defense-Tool
本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。
Jaky5155/Awesome-web3-Security
A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
Jaky5155/Blockchain-dark-forest-selfguard-handbook
Blockchain dark forest selfguard handbook. Master these, master the security of your cryptocurrency.
Jaky5155/DarkAngel
DarkAngel 是一款全自动白帽漏洞扫描器,从hackerone、bugcrowd资产监听到漏洞报告生成、企业微信通知。
Jaky5155/DumpHash
一款dump hash工具配合后渗透的利用
Jaky5155/estk
ES ToolKit is a standalone solution to navigate and backup data for a wide range of Elasticsearch and Kibana versions.
Jaky5155/fofahubkey
fofahub是一个围绕资产仓库开展工作的平台,它的地基就是资产仓库。
Jaky5155/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp
警惕 一种针对红队的新型溯源手段!
Jaky5155/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Jaky5155/GithubC2
Github as C2 Demonstration , free API = free C2 Infrastructure
Jaky5155/gmailc2
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions
Jaky5155/gogo
Jaky5155/InCloud-nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Jaky5155/jctn1-stable-diffusion-webui-colab
Jaky5155/kpop-stack
Jaky5155/Mindmap
网络安全工具的思维导图
Jaky5155/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Jaky5155/Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Jaky5155/probable_subdomains
Subdomains analysis and generation tool. Reveal the hidden!
Jaky5155/qiniuClient
云存储管理客户端。支持七牛云、腾讯云、青云、阿里云、又拍云、亚马逊S3、京东云,仿文件夹管理、图片预览、拖拽上传、文件夹上传、同步、批量导出URL等功能
Jaky5155/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
Jaky5155/scan_tw
Jaky5155/sd-webui-mov2mov
适用于Automatic1111/stable-diffusion-webui 的 Mov2mov 插件。
Jaky5155/Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
Jaky5155/Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
Jaky5155/Stable-diffusion-person
由基于Stable-diffusion的Chilloutmix模型生成高清真实的人像
Jaky5155/wechat-chatgpt
Use ChatGPT On Wechat via wechaty
Jaky5155/xray-1
xray最新社区高级版 包含722POC 附license,关键词,渗透测试,漏扫
Jaky5155/xxxxx