Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
aaaAyyYy
简单的分离免杀demo
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Altman
the cross platform webshell tool in .NET
Exploit-Dictionary
MiscSecNotes
some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019 本地提权2012-2019
Windows-Fuck
Windows 下的提权大合集,提权,我的最爱!
zaproxy
The OWASP ZAP core project
whojeff's Repositories
whojeff/Active-Directory-Pentest-Notes
个人域渗透学习笔记
whojeff/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
whojeff/as_webshell_venom
利用随机异或无限免杀D盾蚁剑版
whojeff/AVIator
Antivirus evasion project
whojeff/awvs_190703137
Docker Awvs
whojeff/Bypass_Disable_functions_Shell
一个各种方式突破Disable_functions达到命令执行的shell
whojeff/Chinese-Names-Corpus
中文人名语料库。中文姓名,姓氏,名字,称呼,日本人名,翻译人名,英文人名。成语词典。
whojeff/Cobaltstrike-MS17-010
cobaltstrike ms17-010 module and some other
whojeff/CVE-2019-0708-PoC-Hitting-Path
It's only hitting vulnerable path in termdd.sys!!! NOT DOS
whojeff/CVE-2019-2725
CVE-2019-2725命令回显+webshell上传
whojeff/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
whojeff/Empire
Empire is a PowerShell and Python post-exploitation agent.
whojeff/fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
whojeff/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
whojeff/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
whojeff/kernel-exploits
Various kernel exploits
whojeff/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
whojeff/mytips
whojeff/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
whojeff/pan-light
百度网盘不限速客户端, golang + qt5, 跨平台图形界面
whojeff/proxychains-ng
proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
whojeff/redis-rce
Redis 4.x/5.x RCE
whojeff/redis-rogue-server
Redis 4.x/5.x RCE
whojeff/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
rce exploit , made to work with pocsuite3
whojeff/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
whojeff/UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
whojeff/Venom-1
Venom - A Multi-hop Proxy for Penetration Testers
whojeff/WeblogicScan
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持
whojeff/WeblogicWeakPwd
Weblogic弱口令批量检测工具
whojeff/webshell-venom
免杀webshell无限生成工具