Pinned Repositories
acme.sh
A pure Unix shell script implementing ACME client protocol
ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
ADModule
Microsoft signed ActiveDirectory PowerShell module
advanced-go-programming-book
:books: 《Go语言高级编程》开源图书,涵盖CGO、Go汇编语言、RPC实现、Protobuf插件实现、Web框架实现、分布式系统等高阶主题(完稿)
aliyun-accesskey-Tools
阿里云accesskey利用工具
awesome-bugbounty-tools
A curated list of various bug bounty tools
awesome-cloud-security
awesome cloud security || 收集一些国内外不错的云安全资源,主要是国内
awesome-go
A curated list of awesome Go frameworks, libraries and software
Farmer
MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
funnyDog896's Repositories
funnyDog896/awesome-cloud-security
awesome cloud security || 收集一些国内外不错的云安全资源,主要是国内
funnyDog896/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
funnyDog896/advanced-go-programming-book
:books: 《Go语言高级编程》开源图书,涵盖CGO、Go汇编语言、RPC实现、Protobuf插件实现、Web框架实现、分布式系统等高阶主题(完稿)
funnyDog896/aliyun-accesskey-Tools
阿里云accesskey利用工具
funnyDog896/awesome-bugbounty-tools
A curated list of various bug bounty tools
funnyDog896/aes_dinvoke
a repository that contains the program.cs source file that has D/Invoke bare minimum implementation and AES encryption for shellcode execution
funnyDog896/blackhat-usa-2022-demos
Demos for the Blackhat USA 2022 talk "Taking Kerberos to the Next Level"
funnyDog896/ByPassBehinder
ByPassBehinder / 冰蝎WebShell免杀生成 / Code By:Tas9er
funnyDog896/CdpSvcLPE
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
funnyDog896/CVE-2022-26809-RCE
funnyDog896/CVE-2022-2992
Authenticated Remote Command Execution in Gitlab via GitHub import
funnyDog896/CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
funnyDog896/DLL-SIDELOADING
funnyDog896/DockerSpy
DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.
funnyDog896/FakeFlash
flash钓鱼 flash水坑攻击最新版源码
funnyDog896/follina.py
Quick POC to replicate the 'Follina' Office RCE vulnerability for local testing purposes
funnyDog896/GetDomainAdmin
获取域控权限方法枚举
funnyDog896/httpx
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
funnyDog896/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
funnyDog896/ksubdomain
Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
funnyDog896/modifyCertTemplate
ADCS cert template modification and ACL enumeration
funnyDog896/noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
funnyDog896/PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
funnyDog896/ProxyNotShell-PoC
funnyDog896/PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
funnyDog896/qscan
轻量化全方位扫描器
funnyDog896/SharpSCCM
A C# utility for interacting with SCCM
funnyDog896/ShiroExp
shiro综合利用工具
funnyDog896/Striker
A Command and Control (C2)
funnyDog896/TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!