Pinned Repositories
An0n-3xPloiTeR-Shell
An0n 3xPloiTeR Shell
apache-rootkit
A malicious Apache module with rootkit functionality
Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
cas4.x-execution-rce
exp for 4.1.x-4.1.6, 4.1.7-4.2.x, padding oracle attack
checkSql
PySharpSphere
Yet another SharpSphere
thorns
thorns_project 分布式异步队列系统
VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
lanzous's Repositories
lanzous/cas4.x-execution-rce
exp for 4.1.x-4.1.6, 4.1.7-4.2.x, padding oracle attack
lanzous/PySharpSphere
Yet another SharpSphere
lanzous/Bypass_JVM_Verifier
Bypass JVM Class ByteCode Verifier , 对抗反编译器
lanzous/CTF-Java-Gadget
CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
lanzous/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
lanzous/Deserial_Sink_With_JDBC
Some ReadObject Sink With JDBC
lanzous/edit-gencon
geacon:简单适配了一个profile配置文件,可直接拿来修改使用,用于cs上线linux.
lanzous/HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
lanzous/Heroinn
A cross platform C2/post-exploitation framework.
lanzous/http2tcp
TCP over HTTP.
lanzous/icmp-backdoor
Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
lanzous/j2osWin
lanzous/JadedWraith
Light-weight UNIX backdoor
lanzous/JNDIExploit
A malicious LDAP server for JNDI injection attacks
lanzous/JSource-Obfuscator
Java Source Code Obfuscator(java源代码混淆器)
lanzous/libprocesshider
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
lanzous/manjusaka
牛屎花 一款C2远控
lanzous/MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
lanzous/port_reuse
golang 实现的windows and linux 端口复用工具。
lanzous/public-src
非涉密源码
lanzous/pwnginx
Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
lanzous/SCFProxy
A little proxy tool based on Tencent Cloud Function Service.
lanzous/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
lanzous/Sharp-WMIExec
lanzous/SharpAllTheThings
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
lanzous/shiro-exploit
Shiro反序列化利用工具,支持新版本(AES-GCM)Shiro的key爆破,配合ysoserial,生成回显Payload
lanzous/Snell
snell
lanzous/Spark
✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的,网页UI、跨平台以及多功能的远程控制和监控工具,你可以随时随地监控和控制所有设备。
lanzous/suterusu
An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
lanzous/utils
Helper Libraries