19001085's repositories
CVE-2023-2008
Proof of concept code for CVE-2023-2008
DDOS-RootSec
DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
CVE-2023-25136
OpenSSH 9.1 vulnerability mass scan and exploit
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
HFish
安全、可靠、简单、免费的企业级蜜罐
CVE-2022-23131poc-exp-zabbix-
CVE-2022-23131漏洞批量检测与利用脚本
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
CVE-2022-23222
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
CVE-2022-26134
Confluence OGNL expression injected RCE(CVE-2022-26134) poc and exp
W01f-ssh-crack
一款支持爆破任意IP的ssh爆破工具
Awesome-hacking-tools
黑客工具收集仓库,包含主流和非主流漏洞利用工具,subdomain、备案查询工具、CVE仓库、Hacking Tools、Exploits、免杀工具、weblogic漏洞利用工具、Red Team、Cobalt Strike、C免杀、bypassAV、内网渗透工具、漏洞利用、工具插件、burpsuite插件;
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
RedisEXP-1
Redis 漏洞利用工具
Windows-exploits
🎯 Windows 平台提权漏洞大合集,长期收集各种提权漏洞利用工具。 A large collection of rights raising vulnerabilities on the windows platform, which collects various rights raising vulnerability utilization tools for a long time.
AShare
一款阿里云盘多账户直链解析程序
Burp_VulPscan
burp被动扫描插件,目前只有CVE-2022-22947
CVE-2022-22965-Spring-Core-Rce
批量无损检测CVE-2022-22965
CVE-2022-0995
CVE-2022-0995 exploit
FofaMap
FofaMap是一款基于Python3开发的跨平台FOFA数据采集器,支持网站图标查询、批量查询和自定义查询FOFA数据,能够根据查询结果自动去重并生成对应的Excel表格。另外春节特别版还可以调用Nuclei对目标进行漏洞扫描,让你在挖洞路上快人一步。
CVE-2022-25636
CVE-2022-25636
linux_dirty
更改后的脏牛提权代码,可以往任意文件写入任意内容,去除交互过程
ddos
DDoS Attack & Protection Tools for Windows, Linux & Android
Scrapy-CVE-CNVD
漏洞监控,基于scrapy,scrapy-redis,获取每日最新的CVE和CNVD漏洞,邮件通知
security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Unauthorized_Application_Check
Unauthorized_Application_Check 未授权应用漏洞批量检查,包含redis,Hadoop,docker,CouchDB,ftp,zookeeper,elasticsearch,memcached,mongodb,rsync_access,mysql,target,jenkins,target,jboss的未授权访问
CVE-2021-45232-RCE
CVE-2021-45232-RCE-多线程批量漏洞检测