yaoxiaodai's Stars
lzzbb/Adinfo
域信息收集工具
BeichenDream/InjectJDBC
注入JVM进程 动态获取目标进程连接的数据库
uknowsec/SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
FeeiCN/Cobra
Source Code Security Audit (源代码安全审计)
phith0n/JavaThings
Share Things Related to Java - Java安全漫谈笔记相关内容
uknowsec/Active-Directory-Pentest-Notes
个人域渗透学习笔记
Al1ex/CVE-2021-22205
CVE-2021-22205& GitLab CE/EE RCE
BaizeSec/bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
smallcham/sec-admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
TheKingOfDuck/MatryoshkaDollTool
MatryoshkaDollTool-程序加壳/捆绑工具
fanyibo2009/dingtalk_webhook
CobaltStrike上线之钉钉提醒
wgpsec/fofa_viewer
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
rebeyond/Behinder
“冰蝎”动态二进制加密网站管理客户端
threedr3am/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。
samratashok/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
genxor/Deserialize
Threezh1/JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
b1ngz/spring-boot-actuator-cloud-vul
Spring Boot Actuator + Spring Cloud Vul Env
SkyBlueEternal/thinkphp-RCE-POC-Collection
thinkphp v5.x 远程代码执行漏洞-POC集合
c0ny1/FastjsonExploit
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
j3ers3/PassList
👍 Awesome password to hack
mpgn/heartbleed-PoC
:broken_heart: Hearbleed exploit to retrieve sensitive information CVE-2014-0160 :broken_heart:
adamyordan/cve-2019-1003000-jenkins-rce-poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
notable/notable
The Markdown-based note-taking app that doesn't suck.
jerrychan807/WSPIH
Website Sensitive Personal Information Hunter 网站个人敏感信息文件扫描器
qianniaoge/F-Scrack
一款python编写的轻量级弱口令检测脚本,目前支持以下服务:FTP、MYSQL、MSSQL、MONGODB、REDIS、TELNET、ELASTICSEARCH、POSTGRESQL。
TideSec/Decrypt_Weblogic_Password
搜集了市面上绝大部分weblogic解密方式,整理了7种解密weblogic的方法及响应工具。
mabangde/pentesttools
redteam
b1ngz/tencent_exmail
获取腾讯企业邮箱通讯录
ice-ice/dnstunnel
dns tunnel backdoor DNS隧道后门