bi3g0's repositories
jackson-rce-via-spel
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
LaZagne
Credentials recovery project
vulhub
Docker-Compose file for vulnerability environment
labs
Vulnerability Labs for security analysis
vmware_escape
VMware Escape Exploit before VMware WorkStation 12.5.5
VulApps
快速搭建各种漏洞环境(Various vulnerability environment)
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
Some-PoC-oR-ExP
各种漏洞poc、Exp的收集或编写
subDomainsBrute
A simple and fast sub domain brute tool for pentesters
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
js-xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Exploits
Windows Exploits
dev-ui
Minimalistic terminal user interface library
metasploit-framework
Metasploit Framework
MS17-010
MS17-010 Windows SMB RCE -- exploits, payloads, and scanners
redis
Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, HyperLogLogs, Bitmaps.
flexidie
Source code and binaries of FlexiSpy from the Flexidie dump
shadowbroker
The Shadow Brokers "Lost In Translation" leak
EQGRP_Lost_in_Translation
Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
mimipenguin
A tool to dump the login password from the current linux user
S2-046-PoC
S2-046-PoC
cansina
Web Content Discovery Tool
pystemon
Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
xunfeng
巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
TheFatRat
An easy tool to generate backdoor with msfvenom (a part from metasploit framework) and easy post exploitation attack. This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection
BossSensor
Hide screen when boss is approaching.
HaboMalHunter
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
rules
Repository of yara rules
clair
Vulnerability Static Analysis for Containers