Ice-001's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
2022-HW-POC
2022 护网行动 POC 整理
arkime
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
AttackWebFrameworkTools-5.0
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
Awesome-POC
一个各类漏洞POC知识库
Blue-topaz-examples
Blue topaz themes example vault for Obsidian
CursedChrome
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
cve
Gather and update all available and newest CVEs with their PoC.
DongTai-1
DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp
警惕 一种针对红队的新型溯源手段!
GolangBypassAV
研究利用golang各种姿势bypassAV
GrabAccess
Bypass Windows Password And Bitlocker
HackReport
渗透测试报告/资料文档/渗透经验文档/安全书籍
JS-Forward
前端参数加密渗透测试通用解决方案
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
notion-widget
阿汪同学自制版 Notion | Wolai | FlowUs 组件库
PeiQi-WIKI-Book
面向网络安全从业者的知识文库🍃
Pentest_Note
渗透测试常规操作记录
php_bugs
PHP代码审计分段讲解
pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
QuantumultX-Script
自用QX脚本,参考各位大佬。
RequestTemplate
双语双端内网扫描以及验证工具
Ruoyi-All
若依后台定时任务一键利用
SeeyonOA_RCE
SeeyonOA_RCE——钓鱼
ThinkPHP_RCE
一款综合漏洞利用工具箱。
web-sec
WEB安全手册(红队安全技能栈),漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】
wsMemShell
WebSocket 内存马,一种新型内存马技术