I love to make friends. so if you want to say hi, I'll be happy to meet you more!😊
aqimmm Goto Github PK
Name: MMM
Type: User
Name: MMM
Type: User
Issues has been disabled for these PoC's, as they are simply PoC, Public Domain and unsupported.
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
漏洞复现:远程漏洞、本地漏洞
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.
后渗透:代理、C2、免杀、横向、域渗透
自动抓取tg频道、订阅地址、公开互联网上的ss、ssr、vmess、trojan节点信息,聚合去重后提供节点列表,每小时更新
(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
千机-红队免杀木马自动生成器 Bypass defender、火绒、360等国内主流杀软 随机加密混淆shellcode快速生成免杀马
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Redis 漏洞利用工具
红队作战中比较常遇到的一些重点系统漏洞整理。
红队笔记
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/awvs/xray这种
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
LKM Linux rootkit
Framework for building Windows malware, written in C++
RiskScanner 是开源的多云安全合规扫描平台,基于 Cloud Custodian 和 Nuclei 引擎,实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。
锐捷Ruijie Networks RCE漏洞检测工具,可批量检测上🔪、冰蝎、哥斯拉
此项目用来提取收集以往泄露的密码中符合条件的强弱密码
Sandman is a NTP based backdoor for red team engagements in hardened networks.
fast scan for redtools
创建隐藏计划任务,权限维持
漏洞监控,基于scrapy,scrapy-redis,获取每日最新的CVE和CNVD漏洞,邮件通知
🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.