Pinned Repositories
2019_Vul_warning_Poc_Collect
整理的2019年厂商发布的漏洞预警公开POC集合,不足之处还希望多多补充,完善
CVE-2019-1388
guest→system(UAC手动提权)
CVE-2020-1938-Tomact-file_include-file_read
Tomcat的文件包含及文件读取漏洞利用POC
DnslogCmdEcho
命令执行不回显但DNS协议出网的命令回显场景解决方案
ImgLoaderShellCode
SecretKiller
利用正则对不同的目标进行匹配,URL,js,遍历文件夹文件
ShiroScan
Shiro<=1.2.4反序列化,一键检测工具
weblogic-framework
weblogic-framework
X-AutoXray
AutoScan 有多个目标时,多线程调用xray+rad进行自动扫描
X-Fofa
Fofa的API快速调用,使用了一些小Tips,自用勿传
sv3nbeast's Repositories
sv3nbeast/2019_Vul_warning_Poc_Collect
整理的2019年厂商发布的漏洞预警公开POC集合,不足之处还希望多多补充,完善
sv3nbeast/CVE-2019-1388
guest→system(UAC手动提权)
sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read
Tomcat的文件包含及文件读取漏洞利用POC
sv3nbeast/ImgLoaderShellCode
sv3nbeast/Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
sv3nbeast/One_Monitor
为OneForAll增加一个新增域名监控插件(One_Monitor)
sv3nbeast/CVE-2020-5260
CVE-2020-5260演示记录
sv3nbeast/CVE-2020-5902_RCE
sv3nbeast/X-weight
借用爱站接口进行权重查询,优点:速度飞起,多线程无错漏,缺点:无
sv3nbeast/FindHouse
租房:帮助你在成百上千的房源中找到性价比最高的房屋,以便人工进行再次筛选,用最短的时间找到最适合你的房屋!
sv3nbeast/Middleware-Vulnerability-detection
CMS、中间件漏洞检测利用合集 Since 2019-9-15
sv3nbeast/Shiro-1.4.1-RCE
Shiro<=1.4.1 padding oracle attack导致RCE
sv3nbeast/Baidu_Rank
不追求速度下最好的批量百度权重查询工具,不存在漏查,结果不准确等毛病
sv3nbeast/discuz-x3.4-RCE
利用修改UCenter后台getshell
sv3nbeast/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce
sv3nbeast/fastjson-1.2.47-rce
fastjson-1.2.47-rce-复现
sv3nbeast/CVE-2020-0601
PoC for CVE-2020-0601
sv3nbeast/RedTeamer
红方人员作战执行手册
sv3nbeast/Arjun
HTTP parameter discovery suite.
sv3nbeast/CharlesScripts
My awesome scripts for Arch Linux or Ubuntu Gnome latest LTS or MacBook.
sv3nbeast/cpp-base64
base64 encoding and decoding with c++
sv3nbeast/cve-2020-0688
cve-2020-0688
sv3nbeast/CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
sv3nbeast/dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
sv3nbeast/fakelogonscreen
Fake Windows logon screen to steal passwords
sv3nbeast/fastjson-1.2.58-rce
fastjson-1.2.58-rce with h2 database
sv3nbeast/FRIDA-DEXDump
Fast search and dump dex on memory.
sv3nbeast/iOS-messaging-tools
sv3nbeast/SiteCopy
sitecopy is a tool that facilitates personal website backup and network data collection
sv3nbeast/spear-framework
Best vulnerability library platform