絢辻詞's repositories
Apache-Log4j-Learning
Apache-Log4j漏洞复现笔记
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
BurpLog4j2Scan
Burpsuite被动扫描插件
CobaltStrike4.4
WIPE YOUR ASS WITH THE REAL COBALT STRIKE
cobaltstrike4.4_cdf
cobaltstrike4.4\4.3版本破解、去除checksum8特征、bypass BeaconEye
CobaltStrikeDos
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos
EHole
EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具
InfoScraper
一个基于Electron的自动化Web资产探测工具,用于渗透前期的信息搜集工作
javasec
自己学习java安全的一些总结,主要是安全审计相关
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
Log4j-rce
Log4j-rce
Log4j2-RCE-Scanner
BurpSuite Extension: Log4j RCE Scanner
log4j2burpscanner
CVE-2021-44228,log4j2 burp插件 Java版本,可自定义ceye.io,也可以自定义内网的dnslog平台及请求接口定位内网漏洞机器(log4j2 RCE Burp Suite Passive Scanner,can customize the ceye.io api or other apis,including internal networks)
log4jScan_Modify
对接JNDIMonitor的Burp Suite被动扫描插件
nacosleak
一键获取nacos中的配置文件信息和绘制密码本
nanodump
Dumping LSASS has never been so stealthy
PentesterSpecialDict
渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker
PocOrExp_in_Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
port_tunnel
这个工具只是临时名称,我称他为端口隧道技术,解决隔离内网上线问题。
scaninfo
fast scan for redtools
SharpStay
.NET project for installing Persistence
Small_Log4j2Scan
一款无须借助dnslog且完全无害的log4j2反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
Suspended-Thread-Injection
Another meterpreter injection technique using C# that attempts to bypass Defender
SysWhispers
AV/EDR evasion via direct system calls.
UserAdd
Bypass AV 用户添加
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.