Pinned Repositories
Gofreeproxy
自用的动态代理小工具
subsocks
A Socks5 proxy that encapsulates Socks5 in other security protocols
Bundler-bypass
免杀捆绑器,过国内主流杀软。A Bundler bypass anti-virus
cf-backup
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
ClashX
CVE-2024-26026
CVE-2024-26026: BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION
FakeToa
TCP IP伪造,建议使用 ubuntu 22.04
MemShell-1
Tomcat的Filter型免杀内存马,主要思路是Bypass各种检查手段
QVD-2023-6271
Alibab Nacos <= 2.2.0 Unauthorized Login POC EXP
httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
passwa11's Repositories
passwa11/Cloudflare-Workers-Proxy
简单而功能强大的反代服务,允许你将一个网址映射到另一个网址,并处理跨域请求
passwa11/cve-2024-6387-poc
passwa11/killav
kill 360 Defender
passwa11/Awesome-POC
一个漏洞POC知识库 目前数量 1000+
passwa11/BypassAV
一款基于PE Patch技术的后渗透免杀工具,支持32位和64位
passwa11/CodeAudit
记录一些代码审计过的源码
passwa11/CVE-2024-38077-POC
passwa11/CVE-2024-40725-CVE-2024-40898
CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.
passwa11/DecryptTools
DecryptTools-综合解密
passwa11/Docker-TCP-Scan
旨在以攻促防,针对Docker TCP socket的开源利用工具
passwa11/EDR-XDR-AV-Killer
Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
passwa11/frp
基于frp-0.58.1魔改二开,随机化socks5账户密码及端口、钉钉上线下线通知、配置文件oss加密读取、域前置防止溯源、源码替换/编译混淆等
passwa11/geoserver-llll
geoserver后台漏洞检测一键化工具
passwa11/IoT-vulnerable
IoT-vulnerable
passwa11/iotpocs
iot vuln
passwa11/JDD
passwa11/JDD-PocLearning
passwa11/JoJoLoader
助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan
passwa11/JsonExp
fastjson漏洞批量检测工具
passwa11/marshalsec
passwa11/MemShellGene
一款Java内存马生成、测试工具,搭配@ax1sX的MemShell食用。
passwa11/MS-SharePoint-July-Patch-RCE-PoC
passwa11/nacos-poc
passwa11/nuclei_poc
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
passwa11/pdf-exploit-new
pdf exploit 集成
passwa11/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1000多个poc/exp,长期更新。
passwa11/Rat-winos4.0-gh0st
免杀远控木马源码整理开源(银狐 winos 大灰狼 gh0st) Rat
passwa11/SecurityList
A list for Web Security and Code Audit
passwa11/springboot_scan
SpringBoot 漏洞扫描利用工具,默认优先使用收集路径进行扫描(springboot_urls.txt) 当扫描不存在接口时,使用api前缀拼接扫描,可以自行添加
passwa11/watchTowr-vs-progress-moveit_CVE-2024-5806
Exploit for the CVE-2024-5806