Y1Shui's repositories
JSFinderAAA
JSFinder魔改版
Nmap_tools
nmap结果处理工具
Samsung-WLAN_RCE
Samsung WLAN_RCE tools
xssplatform
一个经典的XSS渗透管理平台
2021_Hvv
2021 hw
2023Hvv
2023 HVV情报速递~
ARL
ARL官方仓库备份项目+指纹添加工具:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
awsKeyTools
aws云平台 accessKey 泄漏利用工具
BurpSuite_403Bypasser
Burpsuite Extension to bypass 403 restricted directory
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
dddd_trainer
ddddocr训练工具
ddddocr
带带弟弟 通用验证码识别OCR pypi版
fastjson-local-echo
基于dbcp的fastjson rce 回显
java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具
kscan
Kscan是一款轻量级的资产发现工具,可针对IP/IP段或资产列表进行端口扫描以及TCP指纹识别和Banner抓取,在不发送更多的数据包的情况下尽可能的获取端口更多信息。
metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Middleware-Vulnerability-detection
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
ncDecode
用友nc数据库密码解密
PeiQi-WIKI-POC
鹿不在侧,鲸不予游🐋
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin
RedTeamNotes
红队笔记
RMI_Inj_MemShell
rmi打内存马工具,适用于目标用不了ldap的情况
runtime
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
vcenter_saml_login
A tool to extract the IdP cert from vCenter backups and log in as Administrator
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.