Michelski's repositories
APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Beacon_Source
not a reverse-engineered version of the Cobalt Strike Beacon
BiglyBT
Feature-filled Bittorrent client based on the Azureus open source project
Boom
Boom 是一款基于无头浏览器的智能 Web 弱口令(后台密码)爆破\检测工具
ChatViewTools
红队的微信聊天记录取证工具
chsrc
chsrc 全平台通用换源工具. Change Source for every software on every platform from the command line.
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
CVE-2024-4577-PHP-RCE
[漏洞复现] 全球首款利用PHP默认环境的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP,共享原创EXP,支持SSRF,支持绕过WAF。The world's first CVE-2024-4577 PHP-CGI RCE exploit utilizing the default PHP environment. Sharing original exploit, supports SSRF, supports WAF bypass.
FrchannelPlus
帆软bi反序列化漏洞利用工具
GitLabBrute
Gitlab 用户发现并爆破 / GitLab User discovered and brute force cracked
I-Wanna-Get-All
OA漏洞利用工具
impacket
Impacket is a collection of Python classes for working with network protocols.
InjectLib
你知道我要说什么
jar-analyzer
Jar Analyzer - 一个JAR包分析工具,批量分析JAR包搜索,方法调用关系搜索,字符串搜索,Spring组件分析,CFG分析,JVM Stack Frame分析,远程分析Tomcat,进阶表达式搜索,自定义SQL查询,字节码查看,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码
JDumpSpider
HeapDump敏感信息提取工具
NacosExploit
NacosExploit 命令执行 内存马等利用
nanodump
The swiss army knife of LSASS dumping
nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
ops
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
pdf-exploit
pdf exploit 集成
poc-exp
Discuss POC and Exp
Python-Crypter
Custom Python shellcode encryptor and obfuscator
RdpStrike
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
ruler
A tool to abuse Exchange services
Self-Defective-Program
无Windows API的新型恶意程序:自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究
shiro_rce_tool
shiro 反序列 命令执行辅助检测工具
strongR-frida-android
An anti detection version frida-server for android.
xca
X Certificate and Key management
YYBaby-Spring_Scan
一款针对Spring框架的漏洞扫描及漏洞利用图形化工具