Pinned Repositories
bbht
A script to set up a quick Ubuntu 18.04 LTS x64 box with tools I use..
BurpLog4j2Scan
Burpsuite被动扫描插件
CVE-2019-11510
Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
CVE-2019-19781
Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]
CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
CVE-2023-2640-CVE-2023-32629
GameOver(lay) Ubuntu Privilege Escalation
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
uid-root's Repositories
uid-root/BurpLog4j2Scan
Burpsuite被动扫描插件
uid-root/chisel
A fast TCP/UDP tunnel over HTTP
uid-root/CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
uid-root/CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
uid-root/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
uid-root/nse-log4shell
Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)
uid-root/rogue-jndi
A malicious LDAP server for JNDI injection attacks
uid-root/CVE-2023-2640-CVE-2023-32629
GameOver(lay) Ubuntu Privilege Escalation
uid-root/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
uid-root/adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
uid-root/brutespray
Brute-Forcing from Nmap output - Automatically attempts default creds on found services.
uid-root/Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
uid-root/changeme
A default credential scanner.
uid-root/code_snippets
uid-root/dirhunt
Find web directories without bruteforce
uid-root/dnsFookup
DNS rebinding toolkit
uid-root/dref
DNS Rebinding Exploitation Framework
uid-root/impacket
NTDS - impacket-secretsdump - Impacket is a collection of Python classes for working with network protocols.
uid-root/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
uid-root/nmap-vulners
NSE script based on Vulners.com API
uid-root/Open-Redirect-Payloads
Open Redirect Payloads
uid-root/ParamSpider
Mining parameters from dark corners of Web Archives
uid-root/ReconNote
Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
uid-root/SimpleFTPServer
Python SimpleFTPServer
uid-root/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
uid-root/subdomain-bruteforce-list
subdomain bruteforce list
uid-root/TLS-poison
uid-root/vulscan
Advanced vulnerability scanning with Nmap NSE
uid-root/weblogicScanner
weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551
uid-root/wstg
The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.