Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
aaaAyyYy
简单的分离免杀demo
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Altman
the cross platform webshell tool in .NET
Exploit-Dictionary
MiscSecNotes
some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019 本地提权2012-2019
Windows-Fuck
Windows 下的提权大合集,提权,我的最爱!
zaproxy
The OWASP ZAP core project
whojeff's Repositories
whojeff/Exploit-Dictionary
whojeff/C2-Profiles-12
whojeff/Cobalt_Strike_wiki
Cobalt Strike系列
whojeff/collection-document
Collection of quality safety articles
whojeff/CVE-2019-0708
whojeff/CVE-2019-9730
Synaptics Audio Driver LPE
whojeff/dog-tunnel
p2p tunnel,(udp mode work with kcp,https://github.com/skywind3000/kcp)
whojeff/ESD
Enumeration sub domains(枚举子域名)
whojeff/fuxploider
File upload vulnerability scanner and exploitation tool.
whojeff/Invoke-Obfuscation
PowerShell Obfuscator
whojeff/K8tools
K8工具(内网渗透/提权工具/远程溢出/漏洞利用/Exploit/APT/0day/Shellcode/Payload/priviledge/OverFlow/WebShell/PenTest)
whojeff/Micro8
whojeff/Mind-Map
超详细的渗透测试思维导图
whojeff/Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
whojeff/Pictures-Trojans
whojeff/pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
whojeff/Python-100-Days
Python - 100天从新手到大师
whojeff/saucerframe
python3批量poc检测工具
whojeff/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
whojeff/setting
学习炸七炸八
whojeff/SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
whojeff/sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
whojeff/tomcat-
批量爆破tomcat
whojeff/WeblogicR
Weblogic漏洞一键poc检测~
whojeff/webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
whojeff/wesng
Windows Exploit Suggester - Next Generation
whojeff/WhoIsWeblogic
提供Weblogic批量模糊识别检测,定格百万数量级。
whojeff/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
whojeff/Xss_Test
记录个人XSS学习
whojeff/yujianportscan
一个基于VB.NET + IOCP模型开发的高效端口扫描工具,支持IP区间合并,端口区间合并,端口指纹深度探测