Pinned Repositories
antSword-UnrealWebshell
awesome-security-weixin-official-accounts
网络安全类公众号推荐,欢迎大家推荐
fromJavaSASTtoDocx
SAST
happy
第一个库
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
NUST_PostgraduateExam
jjjjj
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
this_is_my_study
this_my_ctf
Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
tcyba's Repositories
tcyba/awesome-security-weixin-official-accounts
网络安全类公众号推荐,欢迎大家推荐
tcyba/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
tcyba/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
tcyba/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
tcyba/Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
tcyba/Behinder
“冰蝎”动态二进制加密网站管理客户端
tcyba/bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
tcyba/d3ctf-shellgen
shellgen1 & 2 source
tcyba/dracula-theme
🧛🏻♂️ Dark theme for all the things!
tcyba/fastjson-c3p0
fastjson不出网利用、c3p0
tcyba/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
tcyba/Godzilla
哥斯拉
tcyba/hackerone-reports
Top disclosed reports from HackerOne
tcyba/javasec
自己学习java安全的一些总结,主要是安全审计相关
tcyba/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
tcyba/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
tcyba/LadonGo
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
tcyba/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
tcyba/PeiQi-WIKI-POC
鹿不在侧,鲸不予游🐋
tcyba/Penetration_Testing_POC
有关渗透测试的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
tcyba/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
tcyba/Python-FastCGI-Client
A FastCGI Client for Python (directly communicate with fastcgi-server such as PHP-FPM etc.) NOTE: Do not support python 3.x.
tcyba/ssrf-vuls
国光的手把手带你用 SSRF 打穿内网靶场源码
tcyba/ta.github.io
tcyba/TZ
TZ
tcyba/VulWiki
VulWiki
tcyba/webshell
免杀webshell生成工具
tcyba/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
tcyba/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
tcyba/Z1-AggressorScripts
适用于Cobalt Strike的插件