r0fus0d's repositories
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
Awesome-POC
一个各类漏洞POC知识库
go_proxy_pool
无环境依赖开箱即用的代理IP池
jjjjjjjjjjjjjs
爬网站JS文件,自动fuzz api接口,指定api接口(针对前后端分离项目,可指定后端接口地址),回显api响应
PKINITtools
Tools for Kerberos PKINIT and relaying to AD CS
SharpDBeaver
DBeaver数据库密码解密工具
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
CF-Worker-Dir
A web directories base on Cloudflare worker.
ChYing
承影 - 一款安全工具箱,集成了目录扫描、JWT、Swagger 测试、编/解码、轻量级 BurpSuite、杀软辅助功能
CrackMapExec
A swiss army knife for pentesting networks
DNSLog-Platform-Golang
DNSLOG平台 golang 一键启动版
docker_v2_catalog
Registry API 未授权访问漏洞利用
dogxss
dogxss(基于Go-admin框架和ezxss_payload完成):ezxss的Golang版本.
evil-winrm
The ultimate WinRM shell for hacking/pentesting
ffuf
Fast web fuzzer written in Go
frpCracker
一款golang编写的,批量检测frp server未授权访问、弱token的工具
GitHacker
🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches, common tags.
GodPotato_CLR
A Custom CLR Assembly for MSSQL of the popular tool GodPotato
mysql-fake-server
MySQL Fake Server (纯Java实现,内置常见Java反序列化Payload,支持GUI版和命令行版,提供Dockerfile)
reverse_ssh
SSH based reverse shell
video-api-check
check hikvision/ys7 api
xia_sql
xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。
ysoserial.net
Deserialization payload generator for a variety of .NET formatters