Brouard Madan's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
2022-HW-POC
2022 护网行动 POC 整理
API-s-for-OSINT
List of API's for gathering information about phone numbers, addresses, domains etc
AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
CVE-2021-4034
CVE-2021-4034 1day
CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
DDexec
A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process.
ev
EV: IDS Evasion via Packet Manipulation
git-flight-rules
Flight rules for git
go_proxy_pool
无环境依赖开箱即用的代理IP池
hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
httpx2Cxlsx
httpx cmd输出转xlsx 带色彩
impacket
Impacket is a collection of Python classes for working with network protocols.
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以整理出来希望跟小伙伴们一起更新维护~
JdBuyer
京东抢购自动下单助手,GUI 支持 Windows 和 macOS
JNDIEXP
JDNI在java高版本的利用工具
JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
lamda
⚡️ Android reverse engineering & automation framework | 史上最强安卓抓包/逆向/HOOK & 云手机/自动化辅助框架,你的工作从未如此简单快捷。
next-terminal
Next Terminal是一个轻量级堡垒机系统,支持RDP、SSH、VNC、Telnet、Kubernetes协议。
offsec-tools
Compiled tools for internal assessments
oscp-pre-preparation-plan-and-notes
My OSCP Pre-Preparation Phase. I'm not sure if I'll be able to afford the exam but what count's trying and learning things. I'm gonna give it a try. [Start Date: 21st March 2022]
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pwn_jenkins
Notes about attacking Jenkins servers
pxplan
CVE-2022-2022
redshift-jdbc-RCE
redshift-jdbc-RCE proof
x8
Hidden parameters discovery suite
YongyouNC-Unserialize-Tools
用友NC反序列化漏洞payload生成