fighttigers Goto Github PK
Type: Organization
Bio: 团队学习仓库
Type: Organization
Bio: 团队学习仓库
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
C# C2 Framework centered around Stage 1 operations
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
Collection of Beacon Object Files
golang+c#乱写了一个基于http的垃圾远控(支持团队协同作战,功能很少)
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
六大云存储,泄露利用检测工具
Automatic credential collection
利用天眼查查询企业子公司
CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”
Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
Discord C2 for Redteam....Need a better name
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
Golang evasion tool, execute-assembly .Net file
memory dll loader
golang implementation of Syswhisper2/Syswhisper3
LSASS memory dumper using direct system calls and API unhooking.
fck2.4.3文件上传通杀脚本
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
Cobalt Strike - Go External C2 Client
A PoC package for hosting the CLR and executing .NET from Go
Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut
Pretty print tables and more in golang!
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
UPX-like packer written in Go
用cel-go重现了长亭xray的poc检测功能的轮子
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.