Code Monkey home page Code Monkey logo

superneilcn's Projects

cve-2021-44910_springblade icon cve-2021-44910_springblade

在21年,SpringBlade框架曾发现一个JWT认证的漏洞。尽管我们搜索了许多基于原理的扫描工具,但没有找到能够支持这个漏洞的工具。可能是因为这个漏洞相对冷门而不被广泛关注。

cve-2022-22965-rexbb icon cve-2022-22965-rexbb

CVE-2022-22965\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具,基于JavaFx开发,图形化操作更简单,提高效率。

cve-2023-1454-jeecg-boot-qurestsql-sqlvuln icon cve-2023-1454-jeecg-boot-qurestsql-sqlvuln

jmreport/qurestSql 未授权SQL注入批量扫描poc Jeecg-Boot是一款基于Spring Boot和Jeecg-Boot-Plus的快速开发平台,最新的jeecg-boot 3.5.0 中被爆出多个SQL注入漏洞。

cve-2023-22515 icon cve-2023-22515

Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具

cve-2023-28432 icon cve-2023-28432

MinIO存在信息泄露漏洞,未经身份认证的远程攻击者通过发送特殊HTTP请求即可获取所有环境变量,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,造成敏感信息泄露,最终可能导致攻击者以管理员身份登录MinIO

cve-2023-28432new icon cve-2023-28432new

minio系统存在信息泄露漏洞,未经身份认证的远程攻击,通过发送特殊POST请求到/minio/bootstrap/v1/verify即可获取所有敏感信息,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,可能导致管理员账号密码泄露。

ehole icon ehole

EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具

emergency_response_batch icon emergency_response_batch

应急响应,应急响应脚本,应急响应批处理;将Windows查看日志用户端口等命令集成在批处理脚本中。让熟练的应急人员能省去多次重复的敲击和记忆,并通过读取配置文件来调用Windows自带的命令结束进程服务等,本批处理尽量不调用任何外部的工具。任何调用的外部工具都将会存放在plugin目录下可按需使用,力图使用最原生的命令行来完成工作。

f8x icon f8x

红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

fastjsonparty icon fastjsonparty

FastJson全版本漏洞Poc利用(1.2.47/1.2.68/1.2.80)、版本探测、黑盒利用

fscan icon fscan

一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。

gadgetprobe icon gadgetprobe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

github-chinese-top-charts icon github-chinese-top-charts

:cn: GitHub中文排行榜,各语言分设「软件 | 资料」榜单,精准定位中文好项目。各取所需,高效学习。

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.