yaoxiaodai

yaoxiaodai's Stars

• lzzbb/Adinfo

  域信息收集工具

  Language:Go37634

• BeichenDream/InjectJDBC

  注入JVM进程 动态获取目标进程连接的数据库

  Language:Java29134

• uknowsec/SharpDecryptPwd

  对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。源码：https://github.com/RowTeam/SharpDecryptPwd

  1.1k171

• FeeiCN/Cobra

  Source Code Security Audit (源代码安全审计)

  Language:Python3.1k953

• phith0n/JavaThings

  Share Things Related to Java - Java安全漫谈笔记相关内容

  Language:Java1.7k202

• uknowsec/Active-Directory-Pentest-Notes

  个人域渗透学习笔记

  1.7k358

• Al1ex/CVE-2021-22205

  CVE-2021-22205& GitLab CE/EE RCE

  Language:Python260100

• BaizeSec/bylibrary

  白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目

  Language:HTML1.3k376

• smallcham/sec-admin

  分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

  Language:Python587117

• TheKingOfDuck/MatryoshkaDollTool

  MatryoshkaDollTool-程序加壳/捆绑工具

  Language:C#19057

• fanyibo2009/dingtalk_webhook

  CobaltStrike上线之钉钉提醒

  1

• wgpsec/fofa_viewer

  A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

  Language:Java1.5k154

• rebeyond/Behinder

  “冰蝎”动态二进制加密网站管理客户端

  5.7k958

• threedr3am/ysoserial

  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。

  Language:Java21232

• samratashok/nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  Language:PowerShell8.5k2.4k

• genxor/Deserialize

  Language:Java7216

• Threezh1/JSFinder

  JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

  Language:Python2.5k394

• b1ngz/spring-boot-actuator-cloud-vul

  Spring Boot Actuator + Spring Cloud Vul Env

  Language:Java194

• SkyBlueEternal/thinkphp-RCE-POC-Collection

  thinkphp v5.x 远程代码执行漏洞-POC集合

  1.1k234

• c0ny1/FastjsonExploit

  Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）

  Language:Java1.2k168

• j3ers3/PassList

  👍 Awesome password to hack

  Language:HTML285139

• mpgn/heartbleed-PoC

  :broken_heart: Hearbleed exploit to retrieve sensitive information CVE-2014-0160 :broken_heart:

  Language:Python7742

• adamyordan/cve-2019-1003000-jenkins-rce-poc

  Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

  Language:JavaScript30994

• notable/notable

  The Markdown-based note-taking app that doesn't suck.

  22.5k1.1k

• jerrychan807/WSPIH

  Website Sensitive Personal Information Hunter 网站个人敏感信息文件扫描器

  Language:Python20758

• qianniaoge/F-Scrack

  一款python编写的轻量级弱口令检测脚本，目前支持以下服务：FTP、MYSQL、MSSQL、MONGODB、REDIS、TELNET、ELASTICSEARCH、POSTGRESQL。

  Language:Python13594

• TideSec/Decrypt_Weblogic_Password

  搜集了市面上绝大部分weblogic解密方式，整理了7种解密weblogic的方法及响应工具。

  Language:Java780175

• mabangde/pentesttools

  redteam

  Language:Python14740

• b1ngz/tencent_exmail

  获取腾讯企业邮箱通讯录

  Language:Python5547

• ice-ice/dnstunnel

  dns tunnel backdoor DNS隧道后门

  Language:Go19237