cakw1's repositories
CVE-2019-0193
Apache Solr DataImport Handler RCE
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
linux-exploit-suggester-2
Next-Generation Linux Kernel Exploit Suggester
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Sublist3r
Fast subdomains enumeration tool for penetration testers
Vxscan
python3写的综合扫描工具,主要用来敏感文件探测(目录扫描与js泄露接口),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,弱口令探测,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
CNVD-C-2019-48814
CNVD-C-2019-48814 Weblogic wls9_async_response 反序列化利用工具
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
CVE-2019-2725
CVE-2019-2725 命令回显
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
DDOS-TOLL
A tool that performs HULK HTTP flood, Ping of Death, UDP flood, SNMP, Smurf ICMP, and Slowloris attacs
Python-100-Days
Python - 100天从新手到大师
awesome-mac
Now we have become very big, Different from the original idea. Collect premium software in various categories.
cmsprint
CMS和中间件指纹库
tools
https://github.com/k8gege/K8tools
Pentest
tools
MS17-010
MS17-010
Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
actuator-testbed
A vulnerable application exposing Spring Boot Actuators
collection-document
Collection of quality safety articles
CVE-2019-5736-PoC
PoC for CVE-2019-5736
BypassAVAddUsers
绕过杀毒软件添加用户
awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
BB-datas
Tools and datas related to bug bounty programs.
Windows-Hack-Programming
《WINDOWS黑客编程技术详解》,作者甘迪文,2018年12月由人民邮电出版社出版,是一本面向黑客编程初学者的书,较为全面的地总结黑客编程技术。其内容重在实践,着重剖析技术实现原理,向读者讲解黑客编程技术的实现方法。
juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
POC-T
渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
CMS-Hunter
CMS漏洞测试用例集合