cakw1's repositories
SpringBoot-Labs
一个涵盖六个专栏:Spring Boot 2.X、Spring Cloud、Spring Cloud Alibaba、Dubbo、分布式消息队列、分布式事务的仓库。希望胖友小手一抖,右上角来个 Star,感恩 1024
360SafeBrowsergetpass
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本,用于节省红队人员工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
ActuatorExploit
SpringBoot Actuator未授权自动化利用,支持信息泄漏/RCE
alicloud-tools
阿里云ECS、策略组辅助小工具
AndroidSecurityStudy
安卓应用安全学习
CobaltStrike
CobaltStrike's source code
CobaltStrikeScan
Scan files or process memory for CobaltStrike beacons and parse their configuration
cve-2019-0708_bluekeep_rce
it works on xp (all version sp2 sp3)
CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
EventLogMaster
Cobalt Strike插件 - RDP日志取证&清除
Hawkeye
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
Homework-of-Python
Python codes of my blog.
impacket
Impacket is a collection of Python classes for working with network protocols.
javaweb-sec
攻击Java Web应用-[Java Web安全]
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Kernelhub
:palm_tree:Windows Kernel提权漏洞合集,附带编译环境,演示GIF图,漏洞详细信息,可执行文件
OneForAll
OneForAll是一款功能强大的子域收集工具
Pentest-and-Development-Tips
A collection of pentest and development tips
pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
Pentest_Note
渗透测试常规操作记录
POC
一些漏洞检测/利用脚本
pystinger
bypass firewall by webshell 一款使用webshell进行流量转发的出网工具
redis-ssrf
redis ssrf gopher generater && redis ssrf to rce by master-slave-sync
RedisWriteFile
通过 Redis 主从写出无损文件
SecureScaner
基于nmap的扫描脚本
Solr-RCE-CVE-2019-0192
Apache Solr remote code execution via dataImportHandler
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
SuperWordlist
基于实战沉淀下的各种弱口令字典
TPscan
一键ThinkPHP漏洞检测
WechatTogetherOffline
微信聚合离线版本 http://wechat.doonsec.com