te5t321 Goto Github PK
Type: User
Type: User
整理的2019年厂商发布的漏洞预警公开POC集合,不足之处还希望多多补充,完善
Apache Log4j 远程代码执行
Apache Log4j 2.x <= 2.14.1 RCE
一个利用OneForAll进行子域收集、Shodan API端口扫描、Xray漏洞Fuzz、Server酱的自动化漏洞扫描、即时通知提醒的漏洞挖掘辅助工具
platform for awd
BlueHound is a GUI based scanner program for hunting threats on host.It supports scanning files for webshell,suspicious PE files injected in memory and CobaltStrike's beacon in memory.
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
什么? 你想用免费的BurpSuitePro版本!!!
CVE-2020-14882_ALL综合利用工具,支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
警惕 一种针对红队的新型溯源手段!
哥斯拉
身份证号码生成器
一些Java编写的小工具。
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
A simple plugin that prevents the Log4J exploit that allows for RCE, IP-Logging and server crashing
Log4j-rce
攻击流量模拟 用于迷惑蓝队 分散蓝队精力 混淆真实攻击流量
Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965)
A Clash Client For OpenWrt
Shiro-721 Padding Oracle Attack
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
内网渗透工具
netshell features all in version 2 powershell
聚合空间测绘搜索(Fofa,Zoomeye,Quake,Shodan,Censys,BinaryEdge)
CommonsBeanutils1,CommonsCollectionsK1
Shiro<=1.2.4反序列化,一键检测工具
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.