cakw1's starred repositories
SecDictionary
实战沉淀字典
ClassHound
利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
defender-control
An open-source windows defender manager. Now you can disable windows defender permanently.
Exchange2domain
CVE-2018-8581
ChatGLM-6B
ChatGLM-6B: An Open Bilingual Dialogue Language Model | 开源双语对话语言模型
ChangeTimestamp
一键修改exe、dll的编译时间、创建时间、修改时间和访问时间
RedTeamNotes
红队笔记
JavaPassDump
JavaPassDump
vulnerability-paper
收集的文章 https://mrwq.github.io/tools/paper/
PySQLTools
Mssql利用工具
cve-2022-41352-zimbra-rce
Zimbra <9.0.0.p27 RCE
AtomPePacker
A Highly capable Pe Packer
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
SharpToken
Windows Token Stealing Expert
SharpSQLTools
SharpSQLTools 和@Rcoil一起写的小工具,可上传下载文件,xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
SharpNTLMSSPExtract
利用 NTLMSSP 探测 Windows 信息
CS-Situational-Awareness-BOF
Situational Awareness commands implemented using Beacon Object Files
container-escape-check
docker container escape check || Docker 容器逃逸检测
Vajra
Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure and AWS environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.
Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~