Cunzhang's repositories
AutoBlue-MS17-010
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue
BlueKeep
Proof of concept for CVE-2019-0708
byob
BYOB (Build Your Own Botnet)
Cknife
Cknife
CVE-2017-11882
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
Exploits-1
Windows Exploits
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
MS17-010
MS17-010
ngx_lua_waf
ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
nishang
Nishang - PowerShell for penetration testing and offensive security.
PowerShell-Suite
My musings with PowerShell
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
python-uncompyle6
A Python cross-version decompiler
Python_FuckMySQL
Using To MySQL Elevate Privileges.
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
sqlmap
Automatic SQL injection and database takeover tool
struts-scan
Python2编写的struts2漏洞全版本检测和利用工具
subDomainsBrute
A simple and fast sub domain brute tool for pentesters
vulhub
Docker-Compose file for vulnerability environment
webshell
This is a webshell open source project
webshell-sample
webshell sample
webshellSample
webshell sample for WebShell Log Analysis
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
WMIHACKER
A Bypass Anti-virus Software Lateral Movement Command Execution Tool
wydomain
to discover subdomains of your target domain
xmrig
Monero (XMR) CPU miner
xssor2
XSS'OR - Hack with JavaScript.