Giter Site home page Giter Site logo

hxaZzzz's Projects

0day icon 0day

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新

apikit icon apikit

APIKit:Discovery, Scan and Audit APIs Toolkit All In One.

assetshunter icon assetshunter

资产狩猎框架-AssetsHunter,信息收集是一项艺术~

attackwebframeworktools icon attackwebframeworktools

本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。上传getshell。sql注入等高危漏洞直接就可以拿权限出数据。其次对一些构造复杂exp漏洞进行检测。傻瓜式导入url即可实现批量测试,能一键getshell检测绝不sql注入或者不是只检测。其中thinkphp 集成所有rce Exp Struts2漏洞集成了shack2 和k8 漏洞利用工具所有Exp并对他们的exp进行优化和修复此工具的所集成漏洞全部是基于平时实战中所得到的经验从而写入到工具里。例如:通达oA一键getshell实战测试 struts2一键getshell 等等

auto-earn icon auto-earn

一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具

banli icon banli

Banli是一款简单好用的高危资产和高危漏洞扫描工具!

bug-pocket icon bug-pocket

小型漏洞库,提供FOFA语法及批量脚本,具体利用法请参考别的漏洞库,共4种类型47项

burpsuite icon burpsuite

这是一个全世界最强的抓包工具之一

burpsuite-jsscan icon burpsuite-jsscan

burpsuite插件:主动和被动进行JS扫描并分析其中的可利用点

cve-2021-4034 icon cve-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

dict icon dict

一些弱口令、fuzz字典

easy-for-webscan icon easy-for-webscan

根据WebBatchRequest图形化二次开发:增加了指纹识别模块,可识别大概上千条指纹,增加了IP段处理,支持C段和B段处理,增加了301处理,增加了去重空节点的功能,可节省内存消耗,推荐勾选此选项

edusrc_poc icon edusrc_poc

在edusrc平台上对于一些通用漏洞检测时编写的简单python POC脚本

fastjsonscan-1 icon fastjsonscan-1

fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。

front-hub icon front-hub

前渗透:资产、指纹、漏洞、口令、钓鱼

hack icon hack

山屿.EQr开发的python黑客工具库

hxazzzz icon hxazzzz

Config files for my GitHub profile.

ip2domain icon ip2domain

批量查询ip对应域名及百度权重、备案信息;ip反查域名;ip查备案信息;资产归属查询;百度权重查询

kunlun-m icon kunlun-m

KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。

log4j2scan icon log4j2scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.