Pinned Repositories
BadDNS
Behinder
“冰蝎”动态二进制加密网站管理客户端
ev
EV: IDS Evasion via Packet Manipulation
exploits
InjectJDBC
注入JVM进程 动态获取目标进程连接的数据库
JavaSec
Java安全,漏洞分析/挖掘/利用
linuxKernelRoot
新一代root,跟面具完全不同思路,摆脱面具被检测的弱点,完美隐藏root功能,挑战全网root检测手段,兼容安卓APP直接JNI调用,稳定、流畅、不闪退。
S-BlastingDictionary
自己搜集的爆破字典,包括常用用户名、密码弱口令、SQL万能密码等
ViewFinder
:camera: ViewFinder - Remote isolated browser API for security, automation visibility and interactivity. Free web UI for headless Chrome browser. RBI. CBII. Remote browser isolation, embeddable BrowserView, secure chrome-as-a-service. Managed, variable bandwidth and co-browsing options available in Pro versions. Like S2, WebGap, Bromium, Authentic8, Menlo Security and Broadcom, but free and source-available. Integrated secure document viewing with CDR from https://github.com/dosyago/p2%2e
Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
istoliving's Repositories
istoliving/Active-Directory-Pentest-Notes
个人域渗透学习笔记
istoliving/Awesome_shiro
CVE-2016-4437-Shiro反序列化爆破模块和key,命令执行,反弹shell的脚本
istoliving/BaiduPCS-Go
百度网盘客户端 - Go语言编写
istoliving/captcha_break
验证码识别
istoliving/Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
istoliving/Chinese-translation-ATT-CK-framework
ATT&CK 框架图中文翻译版 原为安恒奖品,自我二次翻译,修改了一些小的翻译错误问题,自我保存即可
istoliving/CNVD-2020-10487-Tomcat-Ajp-lfi
Tomcat-Ajp协议文件读取漏洞
istoliving/Content-discovery
istoliving/CVE-2020-1337-exploit
CVE-2020-1337 Windows Print Spooler Privilege Escalation
istoliving/Fortify_Rule
Decode Fortify Rule Bin File Get XML File
istoliving/go-domain-util
GOlang package for checking if url contains subdomain, what that subdomain is, what is a top level domain in url etc.
istoliving/go-idcardno
golang 身份证号码工具库。提供18位身份证号码自动生成、有效性校验、信息解析
istoliving/Golang-chromedp-Headless-URL-
Golang+chromedp+Headless实现百万级URL有效性的测试
istoliving/HashPump
A tool to exploit the hash length extension attack in various hashing algorithms
istoliving/Java-Rce-Echo
Java RCE 回显测试代码
istoliving/Multi-Reverse-shell-cheatsheet
istoliving/pcitapi.ticai.com
ticai 自動api
istoliving/pentest-domain
域控 学习+攻击大纲
istoliving/Pentest_Dic
自己收集整理自用的字典
istoliving/RedisWriteFile
通过 Redis 主从写出无损文件
istoliving/SafetyMap
各类网络安全思维导图收藏
istoliving/SB-Actuator
Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测
istoliving/semaphore
🚦 Semaphore pattern implementation with timeout of lock/unlock operations.
istoliving/SuperWordlist
基于实战沉淀下的各种弱口令字典
istoliving/tcpkiller-1
A library for tcpkill implemented in Go.
istoliving/TongDaOA-Fake-User
通达OA 任意用户登录漏洞
istoliving/V2RayX
GUI for v2ray-core on macOS
istoliving/WeblogicEnvironment
Weblogic环境搭建工具
istoliving/XSS_Cheat_Sheet_2020_Edition
xss漏洞模糊测试payload的最佳集合 2020版
istoliving/ymratelimit