TimeSHU's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
awesome-java-security
Java安全☞代码审计/漏洞分析/武器化
awesome-serverless
🔥 腾讯云 云函数 SCF / Serverless 的 100 种玩法,签到,打卡,小程序,图床,刷金币等各种应用集合。
Awesome-WAF
🔥 Everything about web-application firewalls (WAF).
Cobalt4.4
WIPE YOUR ASS WITH THE REAL COBALT STRIKE
CVE-2021-20837
XMLRPC - RCE in MovableTypePoC
CVE-2022-20699
Cisco Anyconnect VPN unauth RCE (rwx stack)
fofax
fofaX is a command line query tool based on the API of https://fofa.so/, simple is the best!
gost
GO Simple Tunnel - a simple tunnel written in golang
HackJava
《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
injectAmsiBypass
Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
JavaSecInterview
打造最强的Java安全研究与安全开发面试题库,包含问题和详细的答案,帮助师傅们找到满意的工作
Log4j2_RCE
log4j2版本漏洞复现
MacDirtyCowDemo
Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
mscan
一款域渗透扫描工具,方便一键自动化、全方位的信息收集及扫描域提权漏洞。
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
PentestNote
渗透测试☞经验/思路/想法/总结/笔记/面经. . .
post-hub
后渗透:免杀、代理、横向
RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
RCE-0-day-for-GhostScript-9.50
RCE 0-day for GhostScript 9.50 - Payload generator
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
ShuiZe_0x727
信息收集自动化工具
small-spring
🌱《 Spring 手撸专栏》,本专栏以 Spring 源码学习为目的,通过手写简化版 Spring 框架,了解 Spring 核心原理。在手写的过程中会简化 Spring 源码,摘取整体框架中的核心逻辑,简化代码实现过程,保留核心功能,例如:IOC、AOP、Bean生命周期、上下文、作用域、资源处理等内容实现。
ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
whatweb-plus
whatweb 增强版 合并多个指纹库 8000+插件(提供exe版)
wsMemShell
一种全新的内存马