passwa11's Stars
alufers/mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
opendatalab/PDF-Extract-Kit
A Comprehensive Toolkit for High-Quality PDF Content Extraction
Ackites/KillWxapkg
自动化反编译微信小程序,小程序安全评估工具,发现小程序安全问题,自动解密,解包,可还原工程目录,支持Hook,小程序修改
threedr3am/ZhouYu
(周瑜)Java - SpringBoot 持久化 WebShell 学习demo(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)
outlaws-bai/Galaxy
Burp插件,支持用js/python/java实现hook脚本或任意语言实现grpc/http hook服务来自动解密报文,让你像测试明文一样简单。A Burp plugin that supports implementing hook scripts using js/python/java or implementing grpc/http services in any language to automatically decrypt messages, making it as simple as testing plaintext.
Dliv3/redis-rogue-server
Redis 4.x/5.x RCE
vicanso/pingap
A reverse proxy like nginx, built on pingora, simple and efficient.
onewinner/VulToolsKit
红队武器库漏洞利用工具合集整理
HackerCalico/Magic_C2
红队 C2 框架,使用 No X Loader 技术。Red Team C2 Framework, using No X Loader technology.
rzte/pdf-exploit
pdf exploit 集成
Conan924/NacosExploit
NacosExploit 命令执行 内存马等利用
testnet0/testnet
K3rnel-Dev/pdf-exploit
POC Pdf-exploit builder on C#
LOURC0D3/CVE-2024-4367-PoC
CVE-2024-4367 & CVE-2024-34342 Proof of Concept
FFR66/Nacos_Rce
网传nacos_rce漏洞poc
Fheidt12/Windows_Log
基于Go编写的windows日志分析工具
ifconfig-me/Directory-Traversal-Payloads
List of Directory Traversal/LFI Payloads Scraped from the Internet
two06/CerealKiller
.NET deserialization hunter
MInggongK/Penetration-mining-src
一款集成了H3C,致远,泛微,万户,帆软,海康威视,金蝶云星空,畅捷通,Struts等多个RCE漏洞利用工具
ReverseApple/GhidraApple
Better Apple binary analysis for Ghidra
youncyb/AS_ASPX_AES_ENCODE
蚁剑AES加密通信ASPX Webshell
passer-W/Supershell-Counter
Supershell反制
bmth666/Yongyou-Unserialize-plus
用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc
lightr3d/CVE-2024-21006_jar
CVE-2024-21006 exp
berryalen02/PEIconHasher
原地修改PE文件ICON hash的小工具,用作免杀
bit4woo/Wsdler
WSDL Parser extension for Burp
KingPKingP/webshell
webshell
bigblackhat/JavaUnserial
Java反序列化利用链
youxox/LandrayOA-rce
蓝凌OA treexml.tmpl 远程RCE漏洞检测
kN6jq/decryptScript
mitmproxy 常见算法汇总