unam4

unam4's Stars

• wy876/POC

  收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1100多个poc/exp，长期更新。

  3.6k15411764

• TheWover/donut

  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

  Language:C3.5k78104628

• projectdiscovery/proxify

  A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.

  Language:Go2.7k53101226

• 0vercl0k/rp

  rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

  Language:C++1.8k6927250

• qi4L/JYso

  It can be either a JNDIExploit or a ysoserial.

  Language:Java1.5k6751179

• uknowsec/SharpDecryptPwd

  对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。源码：https://github.com/RowTeam/SharpDecryptPwd

  1.2k194173

• cseroad/Exp-Tools

  一款集成高危漏洞exp的实用性工具

  995152968

• qtc-de/remote-method-guesser

  Java RMI Vulnerability Scanner

  Language:Java819621102

• strivexjun/AheadLib-x86-x64

  hijack dll Source Code Generator. support x86/x64

  Language:C++7222413217

• Bl0omZ/JNDIEXP

  JNDI在java高版本的利用工具,FUZZ利用链

  Language:Java5133365

• m-sec-org/d-eyes

  D-Eyes为M-SEC社区一款检测与响应工具

  Language:YARA5127668

• qiwentaidi/Slack

  安服集成化工具平台，帮助测试人员减少测试脚本多，使用繁琐问题

  Language:Go49672857

• mrknow001/API-Explorer

  API接口管理工具(目前内置微信公众号、微信小程序、企业微信、飞书、钉钉等)

  Language:Python47261234

• RoomaSec/RmTools

  蓝队应急工具

  Language:YARA42313443

• HackerCalico/No_X_Memory_ShellCode_Loader

  无可执行权限加载 ShellCode。Loading ShellCode without executable permission.

  Language:C++3204555

• KimJun1010/inspector

  IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）

  Language:Java3161628

• MisakiKata/python_code_audit

  python 代码审计项目

  Language:Python2785066

• yzddmr6/Java-Js-Engine-Payloads

  Java Js Engine Payloads All in one

  2584023

• RowTeam/SharpSQLTools

  Language:C#1885227

• R4gd0ll/LazyAnFuZai

  安服吗喽化工具

  Language:Java1842530

• LxxxSec/CTF-Java-Gadget

  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段

  Language:Java183409

• luelueking/Deserial_Sink_With_JDBC

  Some ReadObject Sink With JDBC

  Language:Java1781015

• INotGreen/SharpScan

  内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破（SSH、SMB、MsSQL等）、Socks代理，一键自动化+无文件落地扫描

  Language:C#1773215

• K-7H7l/Jeecg_Tools

  本工具为jeecg框架漏洞利用工具非jeecg-boot！

  Language:Java1182110

• fdu-sec/JDD

  Language:Java742412

• phith0n/tls_proxy

  A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.

  Language:Go648

• Haunted-Banshee/Shellcode-Hastur

  Shellcode Reductio Entropy Tools

  612010

• Ar3h/utf8-overlong-agent

  使用 agent 实现反序列化 utf8 overlong

  Language:Java42106

• yaklang/syntaxflow

  Lessons for syntaxflow zero to hero

  Language:JavaScript39442

• Shelter1234/VulneraLab

  该项目收集了很多厂商产品CMS的漏洞环境，以web为主。漏洞环境主要以Dockerfile的文件形式呈现，用户只需一键启动相应漏斗环境，使用项目文章中提供的poc，便可进行复现。

  Language:PLpgSQL27305