wooyun-Evil

Wooyun _Evil

Pinned Repositories

authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Language:Go1 0 00
BrowserGhost
这是一个抓取浏览器密码的工具，后续会添加更多功能
Language:C#10
BurpCrypto
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Language:Java10
Bypass
免杀shellcode
11
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️🔥
Language:Jupyter Notebook10
DNSLog-Platform-Golang
DNSLOG平台 golang 一键启动版
Language:Go10
GetMail
利用NTLM Hash读取Exchange邮件
Language:Python1 0 00
godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Language:Go10
imaotai
i茅台app 每日自动预约抢茅台
Language:Objective-C1 0 00
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Language:Java2 0 00

wooyun-Evil's Repositories

wooyun-Evil/Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Language:Java2 0 00
wooyun-Evil/authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Language:Go1 0 00
wooyun-Evil/Bypass
免杀shellcode
11
wooyun-Evil/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️🔥
Language:Jupyter Notebook10
wooyun-Evil/DNSLog-Platform-Golang
DNSLOG平台 golang 一键启动版
Language:Go10
wooyun-Evil/GetMail
利用NTLM Hash读取Exchange邮件
Language:Python1 0 00
wooyun-Evil/godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Language:Go10
wooyun-Evil/imaotai
i茅台app 每日自动预约抢茅台
Language:Objective-C1 0 00
wooyun-Evil/JavaSecInterview
打造最强的Java安全研究与安全开发面试题库，帮助师傅们找到满意的工作
1
wooyun-Evil/JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
1
wooyun-Evil/ksubdomain
Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
11
wooyun-Evil/Medusa
:cat2:Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中
1
wooyun-Evil/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
1
wooyun-Evil/pentest-note
渗透测试☞经验/思路/想法/总结/笔记
1
wooyun-Evil/php-admin
后台管理系统php代码，配合html-admin代码使用
Language:PHP1 0 0
wooyun-Evil/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Language:Python1 0 0
wooyun-Evil/shiro_attack
shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）
1
wooyun-Evil/w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
1
wooyun-Evil/Web-Security-Learning
Web-Security-Learning
Language:HTML1 0 0
wooyun-Evil/yakit
Cyber Security ALL-IN-ONE Platform
Language:TypeScript1 0 0
wooyun-Evil/ysoserial.net
Deserialization payload generator for a variety of .NET formatters
Language:C#1 0 0
wooyun-Evil/awesome-foundry
A curated list of awesome of the Foundry development framework.
wooyun-Evil/better_automation
tweepy-self, Google, googleapis, smshub
wooyun-Evil/CSAgent
CobaltStrike 4.x通用白嫖及汉化加载器
wooyun-Evil/dailytask
每日签到任务
wooyun-Evil/forge-poc-templates
wooyun-Evil/I-S00N
wooyun-Evil/SunnyNet
Sunny网络中间件
wooyun-Evil/SunnyNetTools
SunnyNet网络中间件抓包工具
wooyun-Evil/WTF-Solidity
我最近在重新学solidity，巩固一下细节，也写一个“WTF Solidity极简入门”，供小白们使用，每周更新1-3讲。Now supports English! 官网: https://wtf.academy