Pinned Repositories
7kbscan-RDP-Sniper
一款有图形界面的RDP(3389)口令检测工具
Binary-files
调整下载方式,尝试规避域名黑名单。
blackeye-1
The most complete Phishing Tool, with 32 templates +1 customizable
deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
DongTai-docs
DongTai IAST documentation
HFish
扩展企业安全测试主动诱导型蜜罐框架系统
HiddenEye
Modern Phishing Tool With Advanced Functionality [ Android-Support-Available ]
Routers-vuls
WatchAD
AD Security Intrusion Detection System
yulong-hids
一款由 YSRC 开源的主机入侵检测系统
cloudwafs's Repositories
cloudwafs/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
cloudwafs/DongTai-docs
DongTai IAST documentation
cloudwafs/burp-log4shell
Log4Shell scanner for Burp Suite
cloudwafs/CVE-2021-44228-Log4Shell-Hashes
Hashes for vulnerable LOG4J versions
cloudwafs/CVE-2022-26134-a
cloudwafs/CVE-2022-26134-t
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)
cloudwafs/DingDongHelper
叮咚买菜抢菜插件
cloudwafs/dingtalk-RCE
cloudwafs/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
cloudwafs/JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
cloudwafs/log4j-fuzz-head-poc
批量检测log4j漏洞,主要还是批量fuzzz 头
cloudwafs/log4j-shell-poc
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
cloudwafs/log4j2burpscanner
CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名
cloudwafs/Log4j2Scan
一款无须借助dnslog且完全无害的log4j2反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
cloudwafs/log4jScan
用于帮助企业内部快速扫描log4j的jndi漏洞的burp插件
cloudwafs/Log4jShell_Vulnerable_Site
Test site that is intentionally vulnerable to log4jshell
cloudwafs/MyProjects
cloudwafs/openrasp
🔥Open source RASP solution
cloudwafs/openvpn-server-ldap-otp
A dockerised OpenVPN server using LDAP for authentication, with optional 2FA via Google Authenticator
cloudwafs/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
cloudwafs/redis-rce
Redis 4.x/5.x RCE
cloudwafs/RedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
cloudwafs/Savior
渗透测试报告自动生成工具!
cloudwafs/SmsForwarder
短信转发器——监控Android手机短信并根据指定规则转发到其他手机:钉钉机器人、企业微信群机器人、飞书机器人、企业微信应用消息、邮箱、bark、webhook、Telegram机器人、Server酱、手机短信等。PS.这个APK主要是学习与自用,如有BUG请提ISSUE,同时欢迎大家提PR指正
cloudwafs/spring-rce-war
cloudwafs/spring4shell
spring4shell POC
cloudwafs/SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965
cloudwafs/ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
cloudwafs/vuln-list-update
cloudwafs/vulnerability
收集、整理、修改互联网上公开的漏洞POC