Pinned Repositories
AV-Bypass-Learning
免杀学习笔记
BypassPro
对权限绕过自动化bypass的burpsuite插件
coremailattack
dingdingtip
Hyacinth
一款java漏洞集合工具
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
Ruoyi-All
若依后台定时任务一键利用
sunloginrce
sunlogin rce
yougar0.github.io
漏洞知识库
baisesecxxx's Repositories
baisesecxxx/1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
baisesecxxx/alarm-clock
baisesecxxx/AlliN
A flexible scanner
baisesecxxx/BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.
baisesecxxx/BloodHound
Six Degrees of Domain Admin
baisesecxxx/CobaltSpam
baisesecxxx/CodeReview
代码审计总结
baisesecxxx/DerbyCon-2019Files
This is a group of tools that I was planning on releasing During Derbycon 2019 talk if it was accepted or with a blogpost if not.
baisesecxxx/dumpall
一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
baisesecxxx/Exp-collect
baisesecxxx/ExpDemo-JavaFX
图形化漏洞利用Demo-JavaFX版
baisesecxxx/EZOfficeGetShell
万户EZOffice批量GetShell / Code By:Tas9er
baisesecxxx/FOFA-ICO-Search-Tools
FOFA ICO 搜索工具 (支持语法搜索、ICON_Hash 搜索 和 一键导出) By:08sec&zero-0sec 阳光宅男 && zero-0sec 凯文大叔
baisesecxxx/GSLibrary
轻量级知识库&POC管理平台
baisesecxxx/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
baisesecxxx/Hello-Java-Sec
☕️ Java Security,安全编码和代码审计
baisesecxxx/injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
baisesecxxx/JuicyPotato
Modifying JuicyPotato to support load shellcode and webshell
baisesecxxx/Kunlun-M
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
baisesecxxx/MetasploitCoop_0x727
基于msf的后渗透协作平台
baisesecxxx/oFx
漏洞批量扫描框架,0Day/1Day全网概念验证,~~刷洞,刷肉鸡用~~
baisesecxxx/PassDecode-jar
帆软/致远密码解密工具
baisesecxxx/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
baisesecxxx/PyHook
PyHook is an offensive API hooking tool written in python designed to catch various credentials within the API call.
baisesecxxx/revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
baisesecxxx/seeyon-exploit
致远OA漏洞检测
baisesecxxx/Viper
Viper (炫彩蛇) 开源图形化内网渗透工具
baisesecxxx/vulbase
各大漏洞文库合集
baisesecxxx/WechatDecrypt
微信消息解密工具
baisesecxxx/Windows_API_Tools
使用WindowsAPI写的一些渗透小工具