Code Monkey home page Code Monkey logo

fighttigers's Projects

0day icon 0day

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新

atlasc2 icon atlasc2

C# C2 Framework centered around Stage 1 operations

backupoperatortoda icon backupoperatortoda

From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller

bofs icon bofs

Collection of Beacon Object Files

c2_demo icon c2_demo

golang+c#乱写了一个基于http的垃圾远控(支持团队协同作战,功能很少)

cerberus icon cerberus

一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

classhound icon classhound

利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码

cve-2022-0847 icon cve-2022-0847

CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”

dinjector icon dinjector

Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL

discordgo icon discordgo

Discord C2 for Redteam....Need a better name

dllirant icon dllirant

DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.

dumpert icon dumpert

LSASS memory dumper using direct system calls and API unhooking.

fileless-xec icon fileless-xec

Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)

gecc icon gecc

Cobalt Strike - Go External C2 Client

go-clr icon go-clr

A PoC package for hosting the CLR and executing .NET from Go

go-donut icon go-donut

Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut

go-shellcode icon go-shellcode

A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.

go4arun icon go4arun

Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process

godnslog icon godnslog

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

gomapenum icon gomapenum

User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin

gopoc icon gopoc

用cel-go重现了长亭xray的poc检测功能的轮子

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.