Pinned Repositories
Facebook-Bug-Bounty-Write-ups
Hunting Bugs for Fun and Profit
FinalRecon
OSINT Tool for All-In-One Web Reconnaissance
Hardware-and-Firmware-Security-Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Java-Application-Exploits
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool WebLogic, WebSphere, JBoss, Jenkins, OpenNMS Vulnerability
king-phisher
Phishing Campaign Toolkit
LeakLooker
Find open databases with Shodan
LuWu
红队基础设施自动化部署工具
mass-pwn-vbulletin
Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan
pentest
test-your-sysadmin-skills
A collection of *nix Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
c002's Repositories
c002/alldomains
all domains and his subdoamins
c002/BlueGate
PoC for the Remote Desktop Gateway vulnerability - CVE-2020-0609 & CVE-2020-0610
c002/bravestarr
Fedora 31 netkit-telnet-0.17 telnetd remote exploit
c002/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner
CNVD-2020-10487/CVE-2020-1938,批量扫描工具
c002/ConPtyShell
ConPtyShell - Fully Interactive Reverse Shell for Windows
c002/cve-2019-1458_POC
POC for cve-2019-1458
c002/CVE-2019-19782
CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit
c002/CVE-2020-0683
CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege
c002/CVE-2020-0688_EXP
CVE-2020-0688_EXP Auto trigger payload & encrypt method
c002/CVE-2020-1938
c002/CVE-2020-1938-Tomact-file_include-file_read
Tomcat的文件包含及文件读取漏洞利用POC
c002/CVE-2020-2555
CVE-2020-2555
c002/docs
c002/Dwarf
Full featured multi arch/os debugger built on top of PyQt5 and frida
c002/easyXssPayload
XssPayload List . Usage:
c002/fakelogonscreen
Fake Windows logon screen to steal passwords
c002/MobileHackingCheatSheet
Basics on commands/tools/info on how to assess the security of mobile applications
c002/PoC-in-GitHub
📡PoC auto collect from GitHub.
c002/PrivescCheck
Privilege Escalation Enumeration Script for Windows
c002/pymeta
Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
c002/Red_Team
Some scripts useful for red team activities
c002/routeros
RouterOS Security Research Tooling and Proof of Concepts
c002/Site-Subdomains
Biggest list of subdomains in the WORLD !
c002/solr-injection
Apache Solr Injection Research
c002/soot
Soot - A Java optimization framework
c002/Tech-Scripts-n-Goodies
c002/weblogic_rce
cve2019_2725、CNVD-C-2019-48814 Weblogic _async remote command execution exp
c002/xfrm_poc
Linux kernel XFRM UAF poc (3.x - 5.x kernels)
c002/xsser
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
c002/Z0FCourse_ReverseEngineering
Reverse engineering focusing on x64 Windows.