Pinned Repositories
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
2022-HW-POC
2022 护网行动 POC 整理
360SafeBrowsergetpass
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本,用于节省红队人员工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
ActuatorExploit
SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE
AjaxFileUpload
alicloud-tools
阿里云ECS、策略组辅助小工具
Ninja_UUID_Dropper
Module Stomping, No New Thread, HellsGate syscaller, UUID Dropper for x64 Windows 10!
SpringBoot-Labs
一个涵盖六个专栏:Spring Boot 2.X、Spring Cloud、Spring Cloud Alibaba、Dubbo、分布式消息队列、分布式事务的仓库。希望胖友小手一抖,右上角来个 Star,感恩 1024
Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
asdfkj1's Repositories
asdfkj1/actuator-testbed
A vulnerable application exposing Spring Boot Actuators
asdfkj1/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
asdfkj1/awesome-mac
Now we have become very big, Different from the original idea. Collect premium software in various categories.
asdfkj1/BB-datas
Tools and datas related to bug bounty programs.
asdfkj1/BypassAVAddUsers
绕过杀毒软件添加用户
asdfkj1/CMS-Hunter
CMS漏洞测试用例集合
asdfkj1/cmsprint
CMS和中间件指纹库
asdfkj1/CNVD-C-2019-48814
CNVD-C-2019-48814 Weblogic wls9_async_response 反序列化利用工具
asdfkj1/collection-document
Collection of quality safety articles
asdfkj1/CVE-2019-0193
Apache Solr DataImport Handler RCE
asdfkj1/CVE-2019-2725
CVE-2019-2725 命令回显
asdfkj1/CVE-2019-5736-PoC
PoC for CVE-2019-5736
asdfkj1/DDOS-TOLL
A tool that performs HULK HTTP flood, Ping of Death, UDP flood, SNMP, Smurf ICMP, and Slowloris attacs
asdfkj1/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
asdfkj1/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
asdfkj1/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
asdfkj1/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
asdfkj1/linux-exploit-suggester-2
Next-Generation Linux Kernel Exploit Suggester
asdfkj1/Micro8
asdfkj1/MS17-010
MS17-010
asdfkj1/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
asdfkj1/Pentest
tools
asdfkj1/Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
asdfkj1/POC-T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
asdfkj1/Python-100-Days
Python - 100天从新手到大师
asdfkj1/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
asdfkj1/Sublist3r
Fast subdomains enumeration tool for penetration testers
asdfkj1/tools
https://github.com/k8gege/K8tools
asdfkj1/Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,弱口令探测,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
asdfkj1/Windows-Hack-Programming
《WINDOWS黑客编程技术详解》,作者甘迪文,2018年12月由人民邮电出版社出版,是一本面向黑客编程初学者的书,较为全面的地总结黑客编程技术。其内容重在实践,着重剖析技术实现原理,向读者讲解黑客编程技术的实现方法。