OvO's repositories
cobalt_strike_extension_kit
Tired of typing execute-assembly everytime you use Cobalt Strike? Clone this.
CVE-2021-22005
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2022-21661
The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661)
CVE-2022-29072
7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.
JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
laZzzy
laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Limelighter
A tool for generating fake code signing certificates or signing real ones
OA-tongda-RCE
Office Anywhere网络智能办公系统
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
pyarmor-docs-zh
PyArmor 中文文档库
shiro_attack
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)
tongdaoa_poc
详见公众号
wooyun_articles
drops.wooyun.org 乌云Drops文章备份
wsMemShell
一种全新的内存马
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.