cr1f

cr1f's Stars

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python62.2k1.8k014.8k

• acmesh-official/acme.sh

  A pure Unix shell script implementing ACME client protocol

  Language:Shell40.5k4863.1k5.1k

• nikic/PHP-Parser

  A PHP parser written in PHP

  Language:PHP17.1k2306261.1k

• angristan/openvpn-install

  Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.

  Language:Shell14k2727673k

• frohoff/ysoserial

  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

  Language:Java7.9k2131061.8k

• yeyintminthuhtut/Awesome-Red-Teaming

  List of Awesome Red Teaming Resources

  7k347121.7k

• xmendez/wfuzz

  Web application fuzzer

  Language:Python6k1691991.4k

• epinna/tplmap

  Server-Side Template Injection and Code Injection Detection and Exploitation Tool

  Language:Python3.8k8480678

• tomnomnom/waybackurls

  Fetch all the URLs that the Wayback Machine knows about for a domain

  Language:Go3.6k6844479

• blechschmidt/massdns

  A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

  Language:C3.2k73111471

• laurentj/slimerjs

  A scriptable browser like PhantomJS, based on Firefox

  Language:JavaScript3k101589258

• hannob/snallygaster

  Tool to scan for secret files on HTTP servers

  Language:Python2.1k7441230

• kost/dvcs-ripper

  Rip web accessible (distributed) version control systems: SVN/GIT/HG...

  Language:Perl1.7k5218312

• RenwaX23/XSS-Payloads

  List of XSS Vectors/Payloads

  1.2k420255

• l3m0n/Bypass_Disable_functions_Shell

  一个各种方式突破Disable_functions达到命令执行的shell

  Language:PHP1.2k283259

• avevlad/russia-it-podcast

  Список русскоязычных подкастов на тему информационных технологий

  1.2k14118104

• bl4de/security-tools

  My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

  Language:Python8663830177

• NickstaDB/BaRMIe

  Java RMI enumeration and attack tool.

  Language:Java72122495

• HoLyVieR/prototype-pollution-nsec18

  Content released at NorthSec 2018 for my talk on prototype pollution

  Language:JavaScript51512481

• Bo0oM/PHP_imap_open_exploit

  Bypassing disabled exec functions in PHP (c) CRLF

  Language:PHP40016166

• a2u/CVE-2018-7600

  💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002

  Language:Python349779108

• Bo0oM/ParamPamPam

  Language:Python27213161

• Tools2/Zend-Decoder

  还原ZendGuard处理后的php代码

  Language:PHP217101095

• breenmachine/dnsftp

  Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.

  Language:Python20620047

• beched/php_disable_functions_bypass

  procfs-based PHP sandbox bypass

  Language:PHP1334112

• firefart/CVE-2018-7600

  CVE-2018-7600 - Drupal 7.x RCE

  Language:Python719038

• paralax/Awesome-Pentest-1

  Awesome Penetration Testing A collection of awesome penetration testing resources

  567017

• nikic/Phuzzy

  Fuzzer for PHP internal functions

  Language:PHP31403

• bucefal91/php-async

  Framework for asynchronous executing shell command in PHP.

  Language:PHP19413

• winstrool/pas-4.1.1b_source_code

  Так как автор шелла P.A.S приостановил разработку в связи с нашумевшими событиями, возможно, кто то захочет продолжать его доробатывать, для этих целей выкладываю исходный код который взял с шела https://github.com/wordfence/grizzly/blob/master/pas-4.1.1b/P.A.S.v.4.1.1b.php

  Language:PHP310