エゴ's repositories
exploits
Pwn stuff.
GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
how-to-exploit-a-double-free
How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'
my-re0-k8s-security
:atom: [WIP] 整理整理过去的分享,从零开始的Kubernetes攻防 ...
noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
NoPacScan
NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script
Pentest-and-Development-Tips
A collection of pentest and development tips
redis-rogue-server
Redis 4.x/5.x RCE
SecDictionary
实战沉淀字典
SecOpsDev
自己闲来无事所写以及工作中抽取的安全/运维/开发方面的小脚本
Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
windows-syscalls
Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
ysoserial-1
ysoserial for su18