Pinned Repositories
BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
BurpCrypto-JsLibrary
BurpCrypto officially confirms the supported JS library (BurpCrypto官方确认支持的JS库).
CVE-2021-22205
CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖,可在win平台使用
cve-2022-22947-godzilla-memshell
CVE-2022-22947 注入Godzilla内存马
ExploitDBHelper
ExploitDB toolkit ExploitDB辅助工具
JDumpSpider
HeapDump敏感信息提取工具
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
pty_bind_shell
Pty bind shell for golang 一款基于SSH协议的远控程序
SpringSpider
Spring Actuator端点的BurpSuite被动扫描插件。
SwaggerHelper
用于启动本地保存的api-docs.json文档。
whwlsfb's Repositories
whwlsfb/BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
whwlsfb/JDumpSpider
HeapDump敏感信息提取工具
whwlsfb/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
whwlsfb/cve-2022-22947-godzilla-memshell
CVE-2022-22947 注入Godzilla内存马
whwlsfb/SpringSpider
Spring Actuator端点的BurpSuite被动扫描插件。
whwlsfb/pty_bind_shell
Pty bind shell for golang 一款基于SSH协议的远控程序
whwlsfb/SwaggerHelper
用于启动本地保存的api-docs.json文档。
whwlsfb/CryptoWatcher
一个简单的虚拟货币盯盘程序,行情数据来源于火币交易所。
whwlsfb/agentcrack
不那么一样的 Java Agent 内存马
whwlsfb/CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
whwlsfb/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
whwlsfb/goby_poc
goby poc or exp,分享goby最新网络安全漏洞检测或利用代码
whwlsfb/HLSpider
基于Scrapy的页面敏感词检测工具
whwlsfb/jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析搜索,方法调用关系搜索,字符串搜索,Spring分析,CFG分析,JVM Stack Frame分析等众多功能
whwlsfb/log4j-payload-generator
Log4j jndi injects the Payload generator
whwlsfb/onedev
Super Easy All-In-One DevOps Platform
whwlsfb/revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
whwlsfb/viewgen
Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
whwlsfb/clash
A rule-based tunnel in Go.
whwlsfb/InstallerFileTakeOver
whwlsfb/linux
Linux kernel source tree
whwlsfb/MS-SharePoint-July-Patch-RCE-PoC
whwlsfb/nas-tools
A fork of NAStool/nas-tools:2.9.1
whwlsfb/no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
whwlsfb/stable-diffusion-webui
Stable Diffusion web UI
whwlsfb/sunlogin_rce_
某日葵远程rce
whwlsfb/TcpServerChannelRce
一款基于James Forshaw的.NET Remoting反序列化工具升级版在TypeFilterLevel.Low模式无文件payload任意代码执行poc的开发心得
whwlsfb/vmprotect-3.5.1
whwlsfb/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
whwlsfb/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档