W01fh4cker's repositories

Serein

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。

VcenterKit

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

LearnJavaMemshellFromZero

【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安

CVE-2023-46747-RCE

exploit for f5-big-ip RCE cve-2023-46747

LearnFastjsonVulnFromZero-Improvement

【两万字原创】零基础学fastjson漏洞(提高篇),公众号:追梦信安

CVE-2024-27198-RCE

CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4

LearnFastjsonVulnFromZero-Basic

【两万字原创】零基础学fastjson漏洞(基础篇),公众号:追梦信安

ScreenConnect-AuthBypass-RCE

ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!

Karlin

【解放双手】一款支持17种OA、19种CMS的批量漏洞检测利用工具。

cve-2022-33891

cve-2022-33891-poc

CVE-2023-47246-EXP

exploit for cve-2023-47246 SysAid RCE (shell upload)

Language:PythonStargazers:49Issues:2Issues:0

weblogic-batch-memshell-kit

weblogic批量打入内存马,electron+vue3+springboot实现。

Language:JavaStargazers:49Issues:0Issues:0

Serein_Linux

【Lazy Artifact】A graphical tool that collects urls in batches, and performs various nday detections on the collected urls in batches. It can be used for src mining, cnvd mining, 0day exploitation, building your own arsenal and other scenarios.

MemshellKit

针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks

Language:JavaLicense:MITStargazers:39Issues:1Issues:0

CVE-2023-1671-POC

CVE-2023-1671-POC, based on dnslog platform

javaVersionManager

A script for installing and switching multiple java versions on Linux x86_64, suitable for code audit workers.

Language:ShellStargazers:20Issues:2Issues:0

QuickPocSuite

基于yaml的简单漏洞的快速批量验证工具 Fast batch validation tool for simple vulnerabilities based on yaml

Language:PythonStargazers:16Issues:2Issues:0

Serein_hvv

Serein工具的护网版,针对2022年护网(hvv)期间出现的漏洞编写。

Fofa-url

fofa采集器,但是只采集url

NetCat_self_comoile

netcat self-compiled version【netcat自编译版本】

Language:CStargazers:7Issues:2Issues:0

yingji

应急相关内容积累

Language:PowerShellStargazers:4Issues:1Issues:0

JavaVulnLearningJourney

Record the notes I wrote on the journey of learning Java security.

License:MITStargazers:3Issues:2Issues:0

nucleiTemplatesClassifier

Classify the yaml scripts in nuclei-templates according to the vulnerability severity and year and export them to html or json(api).

Language:GoStargazers:3Issues:1Issues:0

AllSearch

A tool that can collect url and other information through multiple network mapping engines.

Language:VueLicense:Apache-2.0Stargazers:2Issues:2Issues:0

W01fh4cker.github.io

W01fh4cker's Blog

Language:HTMLStargazers:2Issues:2Issues:0

BypassAntiVirus

远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。

Language:XSLTStargazers:1Issues:1Issues:0
Stargazers:0Issues:2Issues:0
Stargazers:0Issues:2Issues:0
Stargazers:0Issues:2Issues:0