Pinned Repositories
coremail-poc-exp
cve-2019-0708-exp
CVE-2019-17564
CVE-2019-17564 Apache Dubbo deserialization RCE
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
CVE-2022-24990-TerraMaster-TOS--PHP-
CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令
Joomla-3.4.6-RCE
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE
ratel
ratel(獾) 是由rust开发的红队信息搜集,扫描工具,支持从fofa,zoomeye API查询,主动扫描端口,提取https证书域名,自定义poc,输出xlsx格式。
SMBGhost_RCE_PoC
Wechat_0day
Jaky5155's Repositories
Jaky5155/dumpall
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
Jaky5155/Network-Attack-and-Defense-Course-Design
2022北航网络攻防实验设计
Jaky5155/blackbird
An OSINT tool to search for accounts by username in social networks.
Jaky5155/ShellcodeLoader
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
Jaky5155/KnowledgeSharing
Jaky5155/WaterDragon
It make you like water:flexible.Redteam,proxy,attack,红队,攻击,隐匿,代理,代理池,攻防
Jaky5155/PostConfluence
哥斯拉Confluence后渗透插件 MakeToken SearchPage ListAllUser AddAdminUser ListAllPage ........
Jaky5155/inforgation
Jaky5155/SweetBabyScan
Red Tools 渗透测试
Jaky5155/Cloud-Bucket-Leak-Detection-Tools
六大云存储,泄露利用检测工具
Jaky5155/setool-master
SetoolMaster是一款进阶型社会工程学工具,包括了全球定位、Ngrok、Seeker高精度定位、网页钓鱼、病毒攻击、恐吓勒索信、爬虫、网站克隆、物联网设备搜索等
Jaky5155/RedGuard
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
Jaky5155/login
模拟QQ邮箱登录的钓鱼网站,数据可实时发送到手机上。
Jaky5155/inventory
Asset inventory on public bug bounty programs.
Jaky5155/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Jaky5155/xray_free_crack
xray_free_crack,通用xray白嫖高级版.
Jaky5155/xray_crack
xray高级版本破解通用启动器
Jaky5155/Fvuln
F-vuln(全称:Find-Vulnerability)是为了自己工作方便专门编写的一款自动化工具,主要适用于日常安全服务、渗透测试人员和RedTeam红队人员,它集合的功能包括:存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。
Jaky5155/http-proxy-ipv6-pool
Make every request from a separate IPv6 address.
Jaky5155/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Jaky5155/ev
EV: IDS Evasion via Packet Manipulation
Jaky5155/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Jaky5155/shiro_killer
不知道大家批量shiro的时候,会不会很慢,也不能批量。鄙人写的这个经过测试,可以批量全网,有不足之处,还请师傅们轻喷。
Jaky5155/bypass-script
cobaltstrike免杀插件
Jaky5155/Nuclei-Templates-Collection
Nuclei Templates Collection
Jaky5155/WSO2-Unauthenticated-SSRF
Jaky5155/wechat-bot
带二次开发接口的PC微信聊天机器人
Jaky5155/jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
Jaky5155/CVE-2022-29464
WSO2 RCE (CVE-2022-29464) exploit.
Jaky5155/Spring4Shell-POC-Verification-Lab
This lab is created to test poc exploits on vulnerable, partially vulnerable and fixed version of spring boot deployment