kkin77

: )

Home

Pinned Repositories

AB
0 0 00
ActuatorExploit
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
Language:Python0 0 00
Ainz
Ainz旨在为解决目标资产收集问题的一款目标资产全收集工具
00
aksk_tool
AK资源管理工具，阿里云/腾讯云 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM操作，OSS/COS管理，RDS管理，域名管理，添加RAM账号等
0 0 00
AlliN
A flexible scanner
Language:Python1 0 00
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。
Language:Python0 0 00
artifact64
THIS REPO IS PART OF WHAT ORCA TOLD ME TO UPLOAD
Language:C0 0 00
Awesome-POC
一个各类漏洞POC知识库
0 0 00
exploits
Language:JavaScript1 0 00
tomcat-jmxproxy-rce-exp
Apache Tomcat JMXProxy RCE
Language:Go2 0 039

kkin77's Repositories

kkin77/exploits
Language:JavaScript1 0 00
kkin77/ActuatorExploit
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
Language:Python0 0 00
kkin77/ClassHound
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
kkin77/collection-document
Collection of quality safety articles. Awesome articles.
0 0
kkin77/CS-Loader
CS免杀
kkin77/DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
kkin77/DuckMemoryScan
检测绝大部分所谓的内存免杀马
kkin77/Fuzz_dic
参数 | 字典 collections
kkin77/GetMail
利用NTLM Hash读取Exchange邮件
kkin77/Godzilla-Plugin-Store
kkin77/GreatSCT
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
kkin77/hack-requests
The hack-requests is an http network library for hackers
kkin77/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
kkin77/javasec
自己学习java安全的一些总结，主要是安全审计相关
kkin77/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
kkin77/jslink_XRAY
从js文件中提取url等并与Xray联动
kkin77/lightsocks
⚡️一个轻巧的网络混淆代理🌏
kkin77/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
kkin77/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
kkin77/MaliciousMacroMSBuild
Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
kkin77/myScripts
一个垃圾桶
kkin77/openfire_shells
后台插件getshell
kkin77/PeiQi-WIKI-POC
鹿不在侧，鲸不予游🐋
kkin77/pspy
Monitor linux processes without root permissions
kkin77/RedTeamTools
记录自己编写、修改的部分工具
kkin77/reGeorg
The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
kkin77/spring-boot-upload-file-lead-to-rce-tricks
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
kkin77/SpringBootVulExploit
SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list
kkin77/Taie-AutoPhishing
剑指钓鱼基建快速部署自动化
kkin77/TongDa-OA
通达OA一些漏洞点