Pinned Repositories
coremail-poc-exp
cve-2019-0708-exp
CVE-2019-17564
CVE-2019-17564 Apache Dubbo deserialization RCE
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
CVE-2022-24990-TerraMaster-TOS--PHP-
CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令
Joomla-3.4.6-RCE
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE
ratel
ratel(獾) 是由rust开发的红队信息搜集,扫描工具,支持从fofa,zoomeye API查询,主动扫描端口,提取https证书域名,自定义poc,输出xlsx格式。
SMBGhost_RCE_PoC
Wechat_0day
Jaky5155's Repositories
Jaky5155/CNVD-2020-10487-Tomcat-Ajp-lfi
Tomcat-Ajp协议文件读取漏洞
Jaky5155/CVE-2019-17564
CVE-2019-17564 Apache Dubbo deserialization RCE
Jaky5155/CVE-2020-0683
CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege
Jaky5155/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Jaky5155/Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Jaky5155/Joomla-3.4.6-RCE
Jaky5155/CVE-2019-0785
CVE-2019-0785
Jaky5155/gdog
A fully featured Windows backdoor that uses Gmail as a C&C server
Jaky5155/coremail-poc-exp
Jaky5155/cve-2019-0708-exp
Jaky5155/gcat
A PoC backdoor that uses Gmail as a C&C server
Jaky5155/Invoke-DOSfuscation
Cmd.exe Command Obfuscation Generator & Detection Test Harness
Jaky5155/meltdown-exploit
Meltdown Exploit PoC
Jaky5155/GetAppUrl
Jaky5155/twittor
A fully featured backdoor that uses Twitter as a C&C server