Pinned Repositories
CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
CloudExplorer-Lite
开源的轻量级云管平台
CVE-2021-22005
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2021-22201
CVE-2021–22201 Arbitrary file read on Gitlab
CVE-2021-4034
CVE-2021-4034 1day
Exchange_SSRF
Some Attacks of Exchange SSRF ProxyLogon&ProxyShell
FastAdmin_Upload
FastAdmin 前台文件上传RCE
Fofa_Spider
通过fofa api接口获取搜索结果并筛选Web资产
JNDI-Inject-Exploit
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
W_DirScan
基于Python3开发的多线程目录扫描器
exp1orer's Repositories
exp1orer/JNDI-Inject-Exploit
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
exp1orer/FastAdmin_Upload
FastAdmin 前台文件上传RCE
exp1orer/W_DirScan
基于Python3开发的多线程目录扫描器
exp1orer/Fofa_Spider
通过fofa api接口获取搜索结果并筛选Web资产
exp1orer/CVE-2021-22201
CVE-2021–22201 Arbitrary file read on Gitlab
exp1orer/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
exp1orer/CloudExplorer-Lite
开源的轻量级云管平台
exp1orer/CVE-2021-22005
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
exp1orer/CVE-2021-4034
CVE-2021-4034 1day
exp1orer/Exchange_SSRF
Some Attacks of Exchange SSRF ProxyLogon&ProxyShell
exp1orer/exp1orer
Open resource script
exp1orer/exp1orer.github.io
The W Blog
exp1orer/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
exp1orer/Java-Rce-Echo
Java RCE 回显测试代码
exp1orer/JspEncounter
exp1orer/light-Life
exp1orer/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
exp1orer/MemoryShell
JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
exp1orer/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
exp1orer/SpringInspector
Java自动代码审计工具,尤其针对Spring框架,核心原理是模拟JVM栈帧进行分析,无需提供源码,通过一个JAR包即可
exp1orer/ThinkPHP6_Anyfile_operation_write
ThinkPHP6任意文件操作漏洞,影响版本ThinkPHP6.0.0-6.0.1
exp1orer/translation
exp1orer/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
exp1orer/weaverOA_sql_injection
泛微OA某版本的SQL注入漏洞
exp1orer/webshell
This is a webshell open source project
exp1orer/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
exp1orer/ysoserial
此项目为su18大佬的仓库镜像,如有问题可发issuse删库