dingxiao77 Goto Github PK
Type: User
Type: User
红队作战中比较常遇到的一些重点系统漏洞整理。
rmi、jndi、ldap、jrmp、jmx、jms一些demo测试
RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets from ysoserial.
利用fofa搜索socks5开放代理进行代理池轮切的工具
Trying to tame the three-headed dog.
Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测
ScareCrow - Payload creation framework designed around EDR bypass.
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Also known by Microsoft as Knifecoat :hot_pepper:
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。
将shellcode用rsa加密并动态编译exe,自带几种反沙箱技术。
A small shellcode loader library written in C#
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
内网穿透(跨平台)
2021 交大程式安全 binary exploit 課程教材
Spring Core 命令执行 文件写入
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
Java自动代码审计工具,尤其针对Spring框架,核心原理是模拟JVM栈帧进行分析,无需提供源码,通过一个JAR包即可
Spring Core RCE 0-day Vulnerability (https://share.vx-underground.org/)
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Thinkphp(GUI)漏洞利用工具,支持各版本TP漏洞检测,命令执行,getshell。
上传漏洞fuzz字典生成脚本
本项目用于搜集 2022 年的漏洞,注意:本项目并不刻意搜集 POC 或 EXP,主要以CVE-2021、CVE-2022 为关键词,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用
绕过专业工具检测的Webshell研究文章和免杀的Webshell
🤖一个基于OpenAi ChatGPT + WeChaty 实现的微信机器人 ,可以用来帮助你自动回复微信消息,或者管理微信群/好友,检测僵尸粉等...
Windows Exploit Suggester - Next Generation
windows-kernel-exploits Windows平台提权漏洞集合
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.