Pinned Repositories
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
awesome-python-applications
💿 Free software that works great, and also happens to be open-source Python.
bigipsecurity
This document describes common misconfigurations of F5 Networks BigIP systems.
BurpSuite-collections
BurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦
CVE-2020-3452
CVE-2020-3452 exploit
HFS-Http-File-Server
This is the exploit code for HFS-HTTP File server. Versions 2.3.x were vulnerable to Remote code execution vulnerability. I
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
Redis-Server-Exploit
This will give you shell access on the target system if redis server is not configured properly and faced on the internet without any authentication
security
Stuff about it-security that might be good to know
Shell-Uploader
This is just a shell uploader which helps in uploading shell from your local machine.
iw00tr00t's Repositories
iw00tr00t/Struts2-Scan
Struts2全漏洞扫描利用工具
iw00tr00t/cve-2018-1273
Spring Data Commons RCE 远程命令执行漏洞
iw00tr00t/BurpSuite_Pro_v1.7.37
iw00tr00t/gitlab-SSRF-redis-RCE
GitLab 11.4.7 SSRF配合redis远程执行代码
iw00tr00t/facebook-bug-bounty-writeups
Facebook Bug Bounties
iw00tr00t/CVE-2018-2628
iw00tr00t/cve-2019-2618
Weblogic Upload Vuln(Need username password)-CVE-2019-2618
iw00tr00t/hardening
Repository of Hardening Guides
iw00tr00t/APT34
APT34/OILRIG leak
iw00tr00t/CVE-2019-0232
Apache Tomcat Remote Code Execution on Windows - CGI-BIN
iw00tr00t/CVE-2019-3396
Confluence 未授权 RCE (CVE-2019-3396) 漏洞
iw00tr00t/RE-iOS-Apps
A completely free, open source and online course about Reverse Engineering iOS Applications.
iw00tr00t/PoC
Proofs-of-concept
iw00tr00t/CVE-2019-3396_EXP
CVE-2019-3396 confluence SSTI RCE
iw00tr00t/CVE-2019-0841
PoC code for CVE-2019-0841 Privilege Escalation vulnerability
iw00tr00t/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
iw00tr00t/PHP-Audit-Labs
一个关于PHP的代码审计项目
iw00tr00t/poc-graphql
Research on GraphQL from an AppSec point of view.
iw00tr00t/CVE-2019-0604
CVE-2019-0604
iw00tr00t/Drupalgeddon2
Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
iw00tr00t/smart-contract-best-practices
A guide to smart contract security best practices
iw00tr00t/CVE-2019-0192
RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
iw00tr00t/CVE-2019-7238
🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻
iw00tr00t/WindowsDefender_ASR_Bypass-OffensiveCon2019
Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.
iw00tr00t/Jenkins-PreAuth-RCE-PoC
:smiling_imp: Jenkins RCE PoC. From unauthenticated user to remote code execution - it's a hacker's dream! (Chaining CVE-2019-1003000, CVE-2018-1999002, and more)
iw00tr00t/CVE-2019-5736-PoC
PoC for CVE-2019-5736
iw00tr00t/cve-2019-5736-poc-1
Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
iw00tr00t/vba-obfuscator
2018 School project - PoC of malware code obfuscation in Word macros
iw00tr00t/hack2win-chrome
This is collaborative work of Ned Williamson and Niklas Baumstark
iw00tr00t/RAT-via-Telegram
Windows Remote Administration Tool via Telegram