unam4's Stars
wy876/POC
收集整理漏洞EXP/POC,大部分漏洞来源网络,目前收集整理了1100多个poc/exp,长期更新。
TheWover/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
projectdiscovery/proxify
A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.
0vercl0k/rp
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
qi4L/JYso
It can be either a JNDIExploit or a ysoserial.
uknowsec/SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
cseroad/Exp-Tools
一款集成高危漏洞exp的实用性工具
qtc-de/remote-method-guesser
Java RMI Vulnerability Scanner
strivexjun/AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
Bl0omZ/JNDIEXP
JNDI在java高版本的利用工具,FUZZ利用链
m-sec-org/d-eyes
D-Eyes为M-SEC社区一款检测与响应工具
qiwentaidi/Slack
安服集成化工具平台,帮助测试人员减少测试脚本多,使用繁琐问题
mrknow001/API-Explorer
API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)
RoomaSec/RmTools
蓝队应急工具
HackerCalico/No_X_Memory_ShellCode_Loader
无可执行权限加载 ShellCode。Loading ShellCode without executable permission.
KimJun1010/inspector
IDEA代码审计辅助插件(深信服深蓝实验室天威战队强力驱动)
MisakiKata/python_code_audit
python 代码审计项目
yzddmr6/Java-Js-Engine-Payloads
Java Js Engine Payloads All in one
RowTeam/SharpSQLTools
R4gd0ll/LazyAnFuZai
安服吗喽化工具
LxxxSec/CTF-Java-Gadget
CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
luelueking/Deserial_Sink_With_JDBC
Some ReadObject Sink With JDBC
INotGreen/SharpScan
内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破(SSH、SMB、MsSQL等)、Socks代理,一键自动化+无文件落地扫描
K-7H7l/Jeecg_Tools
本工具为jeecg框架漏洞利用工具非jeecg-boot!
fdu-sec/JDD
phith0n/tls_proxy
A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
Haunted-Banshee/Shellcode-Hastur
Shellcode Reductio Entropy Tools
Ar3h/utf8-overlong-agent
使用 agent 实现反序列化 utf8 overlong
yaklang/syntaxflow
Lessons for syntaxflow zero to hero
Shelter1234/VulneraLab
该项目收集了很多厂商产品CMS的漏洞环境,以web为主。漏洞环境主要以Dockerfile的文件形式呈现,用户只需一键启动相应漏斗环境,使用项目文章中提供的poc,便可进行复现。