SuperDolby's repositories
spring-boot-upload-file-lead-to-rce-tricks
spring boot Fat Jar 应用文件上传漏洞到 RCE 的利用技巧
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile
weblogic-framework
weblogic-framework
Mind_Map
渗透测试/应急响应思维导图
APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Red-Team-Challenge-Questions
We publish our challenge questions for everyone.
Exch-CVE-2021-26855
CVE-2021-26855: PoC (Not a HoneyPoC for once!)
CVE-2021-26855
CVE-2021-26855 SSRF Exchange Server
Search-Tools
聚合空间测绘搜索(Fofa,Zoomeye,Quake,Shodan,Censys,BinaryEdge)
domain_hunter_pro
domain_hunter的内部版本
Dork-Admin
盘点近年来的数据泄露、供应链污染事件
mbtm
攻击流量模拟 用于迷惑蓝队 分散蓝队精力 混淆真实攻击流量
OSSEM
Open Source Security Events Metadata (OSSEM)
CyberSecurityRSS
CyberSecurityRSS: 优秀的网络安全知识来源 / A collection of cybersecurity rss to make you better!
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
BT_Panel_Privilege_Escalation
宝塔面板Windows版提权方法
poc-collection
poc-collection 是对 github 上公开的 PoC 进行收集的一个项目。
SimpleShellcodeInjector
SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.
logparser
A toolkit for automated log parsing [ICSE'19, TDSC'18, DSN'16]
Taie-Bugbounty-killer
挖掘国内外漏洞平台必备的自动化捡钱赏金技巧,看了并去做了捡钱如喝水。
AD-Pentest-Notes
用于记录内网渗透(域渗透)学习 :-)
InfoScan
一个web信息收集工具,包括子域名收集、多线程子域名爆破、指纹信息收集、备案信息收集、可进行批量子域名收集和批量子域名爆破,,挖掘SRC的小工具
xray-crack
xray社区高级版证书生成,支持到 1.2.0 版本,仅供学习研究,正常使用请支持正版
python_data_analysis_and_mining_action
《python数据分析与挖掘实战》的代码笔记
Powershell-Attack-Guide
Powershell攻击指南----黑客后渗透之道