Pinned Repositories
AntSwordEncoder
AntSword Encoder byPassWaf
BugsKu
Collect common vulnerabilities
bypassAv
coremail-poc
coremail 配置信息泄漏
Java-Security
Java安全学习,并记录。
phuip-fpizdam
Exploit for CVE-2019-11043
pocs-collection
各种poc收集编写,主要改编为POC-T框架的poc,便于以后进行大型测试
routerAsset
A script is designed to discover routers in the network
sectools
个人安全工具开发学习,漏洞检测工具,语言不限,主要为图形化工具
weaponKu
Some scripts written to solve problems at work .
lowliness9's Repositories
lowliness9/bypassAv
lowliness9/Java-Security
Java安全学习,并记录。
lowliness9/weaponKu
Some scripts written to solve problems at work .
lowliness9/aliyun-accesskey-Tools
阿里云accesskey利用工具
lowliness9/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
lowliness9/CrossC2
generate CobaltStrike's cross-platform payload
lowliness9/FourEye
AV Evasion Tool For Red Team Ops
lowliness9/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
lowliness9/fscan
一款内网扫描工具,方便一键大保健~
lowliness9/HackReport
渗透测试报告/资料文档/渗透经验文档/安全书籍
lowliness9/harbor
An open source trusted cloud native registry project that stores, signs, and scans content.
lowliness9/hydrapy
hydrapy
lowliness9/impacket
Impacket is a collection of Python classes for working with network protocols.
lowliness9/InScan
边界打点后的自动化渗透工具
lowliness9/jarm
lowliness9/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
lowliness9/LadonGo
Ladon Network Scanner For Golang (Full platform penetration scanner framework)LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.2版本包含24个模块功能,高危漏洞检测MS17010、SmbGhost,远程执行SshCmd、WinrmCmd,密码爆破SmbScan、SshScan、FtpScan、MysqlScan、MssqlScan、OracleScan、SqlplusScan、WinrmScan、HttpBasicScan,存活探测/信息收集/指纹识别PingScan、IcmpScan,HttpBanner、HttpTitle、TcpBanner、WeblogicScan、OxidScan,端口扫描PortScan。
lowliness9/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
lowliness9/Memcrashed-DDoS-Exploit
DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
lowliness9/passive-scan-client
Burp被动扫描流量转发插件
lowliness9/rad
lowliness9/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
lowliness9/Safety-Project-Collection
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
lowliness9/scylla
Intelligent proxy pool for Humans™ (Maintainer needed)
lowliness9/shiro_attack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
lowliness9/suricata-rules
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
lowliness9/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
lowliness9/yarGen
yarGen is a generator for YARA rules
lowliness9/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
lowliness9/Z1-AggressorScripts
适用于Cobalt Strike的插件