Pinned Repositories
Aazhen-v3.1
自研JavaFX图形化漏洞扫描工具,支持ThinkPHP 2.x RCE,Thinkphp5 5.0.22/5.1.29RCE,ThinkPHP5 5.0.23RCE和ThinkPHP5 SQL注入漏洞和敏感信息泄露漏洞的漏洞检测,以及命令执行的功能。漏洞POC基本适用ThinkPHP全版本漏洞。
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
addMemShellsJSP
通过jsp注入valve内存马,可以忽略框架影响,通用tomcat789
afrog
一个挖洞工具 - A tool for finding vulnerabilities
AlphaGolang
IDApython Scripts for Analyzing Golang Binaries
ant_php_extension
PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions
Artillery
JAVA 插件化漏洞扫描器,Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
fastjson_rce_tool
fastjson命令执行自动化利用工具, remote code execute,JNDI服务利用工具 RMI/LDAP,LDAP反序列方式部分回显
Vuln-List
(持续更新)对网上出现的各种OA、中间件、CMS等漏洞进行整理,主要包括漏洞介绍、漏洞影响版本以及漏洞POC/EXP等,并且会持续更新。
secjia's Repositories
secjia/cve_monitor
Automatic monitor github cve using Github Actions
secjia/Aazhen-v3.1
自研JavaFX图形化漏洞扫描工具,支持ThinkPHP 2.x RCE,Thinkphp5 5.0.22/5.1.29RCE,ThinkPHP5 5.0.23RCE和ThinkPHP5 SQL注入漏洞和敏感信息泄露漏洞的漏洞检测,以及命令执行的功能。漏洞POC基本适用ThinkPHP全版本漏洞。
secjia/afrog
一个挖洞工具 - A tool for finding vulnerabilities
secjia/Artillery
JAVA 插件化漏洞扫描器,Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。
secjia/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
secjia/BlackHat-Scrapy
BlackHat scrapy for download all the pdf file
secjia/boopkit
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
secjia/burp-awesome-tls
Fix Burp Suite's horrible TLS stack & spoof any browser fingerprint
secjia/clipboardhistory
secjia/CVE-2022-26134
secjia/CVE-2022-26134-Godzilla-MEMSHELL
secjia/decode5sObfuscator
CloudFlare 5秒盾第一层混淆代码一键还原
secjia/Doraemon
一款快速插入Webshell,Payload,复现漏洞的BurpSuite 插件
secjia/FUD-UUID-Shellcode
secjia/hwsaudit
使用Go语言开发的Linux权限审计工具
secjia/iMonitor
iMonitor(冰镜 - 终端行为分析系统)
secjia/lfimap
Local file inclusion discovery and exploitation tool
secjia/LiteSpeedTest
A simple tool for batch test ss/ssr/v2ray/trojan servers.
secjia/log4j-over-slf4f
versão da lib para compatibilidade com Filenet P8
secjia/MySQLByPassForSafeDog
MySQL注入绕安全狗Tamper / Code By:Tas9er
secjia/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
secjia/proxify
Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
secjia/SQL-injection-bypass
记录实战中的各种sql注入绕过姿势
secjia/struts2
Mirror of Apache Struts 2
secjia/Txray
xray 跨平台终端客户端 支持Windows linux Mac
secjia/web-sec
WEB安全手册,漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】
secjia/XLL_Phishing
XLL Phishing Tradecraft
secjia/Xray1.9.1
Xray1.9.1
secjia/xray_crack
xray 1.8.5 full crack
secjia/YongyouNC-Unserialize-Tools
用友NC反序列化漏洞payload生成