_1478's repositories
0xagent
CobaltStrike 4.0 - 4.5 Patch
2022-HW-POC
2022 护网行动 POC 整理
awesome-java-security
Java安全☞代码审计/漏洞分析/武器化
awesome-reverse-engineering
Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
ByPassBehinder4J
冰蝎Java WebShell自动化免杀生成
Cnblogs-Theme-SimpleMemory
🍭 Cnblogs theme _ Basic theme : SimpleMemory
cve-2022-23131
cve-2022-23131 zabbix-saml-bypass-exp
elearning
elearning linux/mac/db/cache/server/tools/人工智能
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
fc-proxy
利用阿里云函数当作代理池.
fuso
一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption)
H5SC
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
icmptunnel
Tunnel IP over ICMP.
JDumpSpider
HeapDump敏感信息提取工具
JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
PeiQi-WIKI-POC
鹿不在侧,鲸不予游🐋
PwdBUD
一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典
pydictor
A powerful and useful hacker dictionary builder for a brute-force attack
RedisEXP
Redis 漏洞利用工具
Spring4shell-CVE-2022-22965-POC
Another spring4shell (Spring core RCE) POC
SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
WeChatUserDB
GetWeChat DBPassword&&UserInfo(PC数据库密码以及相关微信用户信息)
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
zabbix-saml-bypass-exp
cve-2022-23131 exp