Pinned Repositories
burpsuiefakeip
burp伪造ip爆破脚本
bypass360mimikatz_x64
CVE-2015-7501
(CVE-2015-7501)JBoss JMXInvokerServlet 反序列化漏洞
ecologyExp.jar
泛微oa数据库配置文件读取
Flash-player
flash钓鱼源码 中文+英文
MS14-068
域渗透工具
ShiroScan
shiro 1.2.47 反序列化
SleuthQL
SleuthQL是基于python3所开发的一款,用于批量爬行站点可能存在sql的地址。并且可以配合burp+sqlmap进行批量注入。 对比sqlmap手动单线程一个一个注入点的去识别,方便了很多。
teamview
win-exp-
windwos辅助提权脚本
ianxtianxt's Repositories
ianxtianxt/ShiroScan
shiro 1.2.47 反序列化
ianxtianxt/CVE-2015-7501
(CVE-2015-7501)JBoss JMXInvokerServlet 反序列化漏洞
ianxtianxt/CVE-2020-7799
ianxtianxt/fastjson-1.2.47-RCE-1
Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法
ianxtianxt/ysoserial.net
ianxtianxt/CVE-2020-2551
Weblogic IIOP CVE-2020-2551
ianxtianxt/PageMyadmin_file_upload_getshell
PageMyadmin文件上传getshell
ianxtianxt/springboot_actuator
actuator_vulnerability
ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit
CVE-2019-5096(UAF in upload handler) exploit cause Denial of Service
ianxtianxt/D-Link-DIR-859-RCE
D-Link DIR-859 - RCE UnAutenticated (CVE-2019–17621)
ianxtianxt/FileMonitor
文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
ianxtianxt/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款支持全平台的浏览器数据导出工具
ianxtianxt/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
ianxtianxt/AJPy
ianxtianxt/awesome-industrial-control-system-security
A curated list of resources related to Industrial Control System (ICS) security.
ianxtianxt/CVE-2019-0230
CVE-2019-0230 & s2-059 poc.
ianxtianxt/CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
ianxtianxt/CVE-2020-1472
Test tool for CVE-2020-1472
ianxtianxt/CVE-2020-7471
django 漏洞:CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC
ianxtianxt/dcpwn
an impacket-dependent script exploiting CVE-2019-1040
ianxtianxt/hikvision-xor-decrypter
Used for breaking XOR encryption on Hikvision configuration files that have been decrypted using aes-128-ecb
ianxtianxt/JNDI
JNDI 注入利用工具
ianxtianxt/knock
Knock Subdomain Scan
ianxtianxt/SMBGhost_RCE_PoC
ianxtianxt/springboot-shiro
ianxtianxt/Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
ianxtianxt/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
ianxtianxt/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
ianxtianxt/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
ianxtianxt/zendframework3-