ekko-zhao Goto Github PK
Name: eee
Type: User
Name: eee
Type: User
前端参数加密渗透测试通用解决方案
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
JSPHorse Project Backup
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/Exploit/APT/0day/Shellcode/Payload/priviledge/OverFlow/WebShell/PenTest)
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Ladon一款用于大型网络渗透的多线程插件化综合扫描神器,含端口扫描、服务识别、网络资产、密码爆破、高危漏洞检测以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描。5.5版本内置39个功能模块,通过多种协议以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、数据库等信息,漏洞检测包含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2等,密码爆破11种含数据库(Mysql、Oracle、MSSQL)、FTP、SSH(Linux主机)、VNC、Windows密码(IPC、WMI、SMB)、Weblogic后台、Rar压缩包密码等,Web指纹识别模块可识别75种(Web应用、中间件、脚本类型、页面类型)等,可高度自定义插件POC支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器可一键生成漏洞POC快速扩展扫描能力。Ladon支持Cobalt Strike插件化扫描快速拓展内网进行横向移动。
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
log4j2 被动 burp rce扫描工具 get post cookie,header,json全类型 全参数识别
Log4j2 RCE Passive Scanner plugin for BurpSuite
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
FilterBased/ServletBased in memory shell for Tomcat and some other middlewares
mpass移动开发框架ios端抓包hook脚本
OAExploit一款基于产品的一键扫描工具。
It is a Python+Perl script to exploit ASP.net Padding Oracle vulnerability.
针对目标已知信息的字典生成工具
校园新闻发布系统
远控工具Njrat
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
在线漏洞平台
绿盟科技漏洞扫描器(RSAS)漏洞库
对反fart壳的脱壳过程文件,记录于次
一些渗透姿势记录
php免杀后门
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE
Notes about attacking Jenkins servers
python黑客与一些脚本
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.