Pinned Repositories
0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Archive.org-Downloader
Python3 script to download archive.org books in PDF format
AutoRepeater
Burp插件,自动化挖掘SSRF,Redirect,Sqli漏洞,自定义匹配参数
CVE-2022-30190-Follina-PowerPoint-Version
CVE-2022-30190 powerpoint version
gssapi-abuse
A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks
OWASSRF-CVE-2022-41082-POC
PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers
spawn
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.
nanaao's Repositories
nanaao/Antivirus-Scan
What AV? 一款轻量级的杀软在线识别的项目,持续更新ing
nanaao/ASwordx64
手握次元剑 / 仗梦走星辰
nanaao/bbot
A recursive internet scanner for hackers.
nanaao/CVE-2024-23692
POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692
nanaao/CVE-2024-7928
Will attempt to retrieve DB details for FastAdmin instances
nanaao/dddd
dddd是一款使用简单的批量信息收集,供应链漏洞探测工具,旨在优化红队工作流,减少伤肝的机械性操作。支持从Hunter、Fofa批量拉取目标
nanaao/eBSploit
eBSploit适用于内网渗透中遇到MS17-010漏洞的情况快速上线公网msf及cs,同时支持自定义dll命令执行、会话迁移等操作。
nanaao/ecapture
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
nanaao/Exchange-Info
Exchange 信息收集工具
nanaao/File-Tunnel
Tunnel TCP connections through a file
nanaao/FindToDeskPass
通过Dump内存读取ToDesk设备代码、连接密码
nanaao/gigaproxy
One proxy to rule them all
nanaao/IHxExec
Process injection alternative
nanaao/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
nanaao/Kdrill
Python tool to check rootkits in Windows kernel
nanaao/KillWxapkg
自动化反编译微信小程序,小程序安全利器,自动解密,解包,可最大程度还原工程目录
nanaao/KubernetesCS
Kubernetes has its “ADCS” -- How To Backdoor a Kubernetes in silence and more persistent?
nanaao/maltrail
Malicious traffic detection system
nanaao/NacosExploit
Nacos 综合利用工具
nanaao/NetAlertX
🖧🔍 WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
nanaao/PANIX
Customizable Linux Persistence Tool for Security Research and Detection Engineering.
nanaao/ProxyCat
一款部署于云端或本地的代理池中间件,可将静态代理IP灵活运用成隧道IP,提供固定请求地址,一次部署终身使用
nanaao/RCE-labs
RCE tricks!?All in!!!!!
nanaao/Red-Team-Exercises
nanaao/spray
Next Generation HTTP Dir/File Fuzz Tool
nanaao/tun2proxy
Tunnel (TUN) interface for SOCKS and HTTP proxies
nanaao/WiKi-Hub-2023.github.io
PHP代码审计案例-1000PHP
nanaao/Windows_Memory_Search
基于Go开发检索windows进程字符串工具
nanaao/WindowsDowndate
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
nanaao/XMachOViewer
XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS