Pinned Repositories
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
CVE-2021-40444
CVE-2021-40444 PoC
DoUCMe
HackTheWorld
An Python Script For Generating Payloads that Bypasses All Antivirus so far .
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Proxylogon
ProxyLogon Pre-Auth SSRF To Arbitrary File Write
proxyshell-auto
Automatic ProxyShell Exploit
WP-Statistics-BlindSQL
WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection (Unauthenticated)
Udyz's Repositories
Udyz/proxyshell-auto
Automatic ProxyShell Exploit
Udyz/WP-Statistics-BlindSQL
WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection (Unauthenticated)
Udyz/CVE-2021-40444
CVE-2021-40444 PoC
Udyz/privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Udyz/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
Udyz/proxyshell-shell
ProxyShell Shell Interface
Udyz/Zerologon
Exploit Code for CVE-2020-1472 aka Zerologon
Udyz/conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Udyz/DoUCMe
Udyz/api-covid-vn
Udyz/CVE-2021-21551
Exploit to SYSTEM for CVE-2021-21551
Udyz/CVE-2021-24086
Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys.
Udyz/CVE-2021-3129
Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)
Udyz/CVE-2021-31762
Exploiting a Cross-site request forgery (CSRF) attack to creat a new privileged user through the Webmin's add users feature
Udyz/CVE-2021-3493
Ubuntu OverlayFS Local Privesc
Udyz/CVE-2021-36260
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
Udyz/CVE-2021-37980
PoC CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only)
Udyz/CVE-2021-42008
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
Udyz/FastTunnel
expose a local server to the internet. 跨平台的内网穿透工具 远程内网计算机 域名访问内网站点 反向代理内网服务 花生壳 端口转发 http代理
Udyz/log4j-payload-generator
Log4j jndi injects the Payload generator
Udyz/Microsoft-Activation-Scripts
A collection of scripts for activating Microsoft products using HWID / KMS38 / Online KMS activation methods with a focus on open-source code, less antivirus detection and user-friendliness.
Udyz/mwcfg
A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
Udyz/NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
Udyz/PeiQi-0day
Udyz/PrintNightmare
Udyz/ProxyShell
ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)
Udyz/proxyshell-poc
Udyz/rogue-jndi
A malicious LDAP server for JNDI injection attacks
Udyz/Some-command-for-security
Some command for security
Udyz/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)