Giter Site home page Giter Site logo

hissec's Projects

burpy icon burpy

A plugin that allows you execute python and get return to BurpSuite.

cdk icon cdk

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

cve-2021-4034 icon cve-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

cve-2022-0848 icon cve-2022-0848

CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”

dnslog icon dnslog

DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。

follina.py icon follina.py

POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes

getchromepassword icon getchromepassword

The way to get your password which has restored in your localhost by chrome.

go-shellcode icon go-shellcode

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

go-vnc icon go-vnc

VNC client and server library for Go.

goscan icon goscan

GoScan是采用Golang语言编写的一款分布式综合资产管理系统,适合红队、SRC等使用

heapdump_tool icon heapdump_tool

heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等

hissword icon hissword

内网渗透工具、支持sock等代理模式和端口转发模式

injectjdbc icon injectjdbc

注入JVM进程 动态获取目标进程连接的数据库

jndi icon jndi

JNDI 注入利用工具

jndi-inject-exploit icon jndi-inject-exploit

解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入

jndi-injection-exploit icon jndi-injection-exploit

JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.