Pinned Repositories
Facebook-Bug-Bounty-Write-ups
Hunting Bugs for Fun and Profit
FinalRecon
OSINT Tool for All-In-One Web Reconnaissance
Hardware-and-Firmware-Security-Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Java-Application-Exploits
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool WebLogic, WebSphere, JBoss, Jenkins, OpenNMS Vulnerability
king-phisher
Phishing Campaign Toolkit
LeakLooker
Find open databases with Shodan
LuWu
红队基础设施自动化部署工具
mass-pwn-vbulletin
Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan
pentest
test-your-sysadmin-skills
A collection of *nix Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
c002's Repositories
c002/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
c002/API-SecurityEmpire
API Security Projecto aims to present unique attack & defense methods in API Security field
c002/Awesome-RCE-techniques
Awesome list of techniques to achieve Remote Code Execution on various apps!
c002/bbrf-client
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
c002/BITB
Browser In The Browser (BITB) Templates
c002/bruteforce-lists
Some files for bruteforcing certain things.
c002/cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
c002/cerbrutus
Network brute force tool, written in Python. Faster than other existing solutions (including the main leader in the network brute force market).
c002/chainsaw
Rapidly Search and Hunt through Windows Event Logs
c002/CVE-2022-21971
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
c002/CVE-Reverse
c002/DivideAndScan
Divide full port scan results and use it for targeted Nmap runs
c002/eos
Enemies Of Symfony - Debug mode Symfony looter
c002/fud-backdoor
Create a fully undetectable backdoor with simple steps.
c002/hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
c002/InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
c002/jenkins-attack-framework
c002/JIRA_testing
c002/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
c002/log4j-shell-poc
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
c002/mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
c002/My-PoC-Exploits
PoC exploits I wrote. They're as is and I will not offer support
c002/nanodump
Dumping LSASS has never been so stealthy
c002/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
c002/odfuzz
c002/OneListForAll
Rockyou for web fuzzing
c002/Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
c002/pihole-google
Completely block Google and its services
c002/recon_methodology
recon from myerspective
c002/RedTeam-Resources