Gh0stz1's repositories
Awesome-RCE-techniques
Awesome list of techniques to achieve Remote Code Execution on various apps!
blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
btcloud
一个宝塔第三方云端的php站点程序
CameraHack
批量扫描破解海康威视、大华等摄像头的常见漏洞。
CVE-2021-22006
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2023-3519
RCE exploit for CVE-2023-3519
DHLYK
大灰狼远控木马 V9.5 源码
ev
EV: IDS Evasion via Packet Manipulation
GolangBypassAV
研究golang各种姿势bypassAV
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
JNDIScan
无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
JSP-Webshells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
kernel_window_hide
内核级别隐藏指定窗口
KillDefender
A small POC to make defender useless by removing its token privileges and lowering the token integrity
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
log4j-fuzz-head-poc
批量检测log4j漏洞,主要还是批量fuzzz 头
mac_wxapkg_decrypt
mac 端wxpkg文件解密(非解包)
netspy
netspy是一款快速探测内网可达网段工具
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
8亿QQ绑定数据泄露查询源码,附送数据。不定期更新下载地址 关注越多送的越多
SeeyonExploit-GUI
致远OA综合利用工具
SharpMemshell
Memshell
ShiroAttack2
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
StopDefender
Stop Windows Defender programmatically
the-way-to-go_ZH_CN
《The Way to Go》中文译本,中文正式名《Go 入门指南》
UserAdd
Bypass AV 用户添加
ysoserial
此项目为su18大佬的仓库镜像,如有问题可发issuse删库