Giters
X1r0z

X1r0z

Geek Repo

629

followers

179

following

455

stars

Company:NJUPT

Location:Nanjing, China

Home Page:exp10it.io

Twitter:@X1r0z

Github PK Tool:Github PK Tool

X1r0z's repositories

Godzilla-Suo5MemShell

使用 Godzilla 一键注入 Suo5 内存马

Language:JavaStargazers:368Issues:8Issues:4

JNDIMap

JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK

Language:JavaStargazers:303Issues:5Issues:5

ActiveMQ-RCE

ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具

Language:GoStargazers:221Issues:4Issues:6

frp

基于原版 frp 二开, 添加了一些小功能

Language:GoLicense:Apache-2.0Stargazers:96Issues:4Issues:1

EBurstGo

利用 Exchange 服务器 Web 接口爆破邮箱账户 | Brute force email accounts using Exchange server web endpoints

Language:GoStargazers:78Issues:2Issues:1

cpploader

c++ shellcode loader

Language:C++Stargazers:39Issues:4Issues:1

JettyFuzz

Language:JavaStargazers:32Issues:1Issues:0

Dubbo-RCE

PoC of Apache Dubbo CVE-2023-23638

Language:JavaStargazers:31Issues:2Issues:3

Nacos-Hessian-RCE

PoC of Nacos JRaft Hessian RCE

Language:JavaStargazers:14Issues:2Issues:0

go-ntlmssp

NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (Pth)

Language:GoLicense:MITStargazers:12Issues:2Issues:0

spring-amqp-deserialization

PoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)

Language:JavaStargazers:12Issues:2Issues:0

hessian-utf-8-overlong-encoding

Hessian UTF-8 Overlong Encoding

Language:JavaStargazers:8Issues:2Issues:0

dork

dork everything

Language:PythonStargazers:5Issues:1Issues:0

ShortPayload

如何将 Java 反序列化 Payload 极致缩小

Language:JavaLicense:Apache-2.0Stargazers:3Issues:1Issues:0

JSPKiller

基于污点分析的JSP Webshell检测工具,模拟JVM的栈帧操作进行数据流分析,可以检测出各种变形的JSP Webshell

License:Apache-2.0Stargazers:2Issues:0Issues:0

X1r0z

Profile

Stargazers:2Issues:2Issues:0

MirrorScan

bugscan scanner

Language:PythonStargazers:1Issues:1Issues:0

SeaMoon

月海 (Sea Moon) 是一款 FaaS/BaaS 实现的 Serverless 云渗透工具集,致力于开启云原生的渗透模式。

Language:TypeScriptLicense:MITStargazers:1Issues:1Issues:0

webscan

Find the same IP site

Language:HTMLStargazers:1Issues:1Issues:0

DllHijackTest

test dll hijacking

Language:C++Stargazers:0Issues:2Issues:0

msfvenom-ng

MSFvenom-NG

Language:PythonStargazers:0Issues:1Issues:0

ARL

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。

Language:PythonLicense:NOASSERTIONStargazers:0Issues:0Issues:0

cf

Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作

Language:GoLicense:Apache-2.0Stargazers:0Issues:1Issues:0