halodoom

halodoom's Stars

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python60.3k1.8k014.5k

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP57.2k1.9k26223.8k

• vulhub/vulhub

  Pre-Built Vulnerable Environments Based on Docker-Compose

  Language:Dockerfile17.6k5751834.4k

• GTFOBins/GTFOBins.github.io

  GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

  Language:HTML10.7k144471.3k

• LOLBAS-Project/LOLBAS

  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

  Language:XSLT7k22998977

• google/fuzzing

  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing

  Language:C++3.5k11330429

• 1y0n/AV_Evasion_Tool

  掩日 - 免杀执行器生成工具

  Language:C#2.6k7058404

• SummerSec/ShiroAttack2

  shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack

  Language:Java2k2457263

• helloexp/0day

  各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

  Language:C2k645806

• bit4woo/domain_hunter_pro

  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

  Language:Java1.9k2439197

• mm0r1/exploits

  Pwn stuff.

  Language:PHP1.8k5813387

• googleprojectzero/domato

  DOM fuzzer

  Language:Python1.7k676278

• threedr3am/JSP-WebShells

  Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势

  Language:Java1.4k222322

• bit4woo/python_sec

  python安全和代码审计相关资料收集 resource collection of python security and code review

  1.3k422325

• wh1t3p1g/ysomap

  A helpful Java Deserialization exploit framework.

  Language:Java1.2k2816150

• dirkjanm/krbrelayx

  Kerberos unconstrained delegation abuse toolkit

  Language:Python1.1k1522166

• 1n7erface/PocList

  Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE

  Language:Java1.1k373320

• SummerSec/JavaLearnVulnerability

  Java漏洞学习笔记 Deserialization Vulnerability

  Language:HTML91721095

• Rvn0xsy/BadCode

  恶意代码逃逸源代码 http://payloads.online

  Language:C++727305122

• zhaoyumi/WeaverExploit_All

  泛微最近的漏洞利用工具（PS：2023）

  Language:Go4498942

• INotGreen/GlllPowerloader

  绕过AV/EDR的代码例子（Code example to bypass AV/EDR）

  Language:Python4371912102

• ctfhub-team/ctfhub_base_image

  Index of CTFHub Base Images

  82408

• KpLi0rn/0day

  各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新

  Language:C150014

• Jevon101/MyMalwareAnalyze

  本项目记录一些我分析的恶意代码用于归档使用

  1100