badguy0827's repositories
SecurityInterview
收集厂商安全面经
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
BloodHound
Six Degrees of Domain Admin
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
CVE-2021-34486
Windows Etw LPE
exploits
Pwn stuff.
Fastjson
Fastjson姿势技巧集合
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
go-mimikatz
A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
HackJava
《深入理解Java代码审计》
HellgateLoader_CSharp
Load shelcode via HELLGATE, rewrite hellgate for learning purpose.
maketoolkit-db
Search database collection from github project or internet.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PentestDB
各种数据库的利用姿势
PoC-CVE-2021-30632
PoC CVE-2021-30632 - Out of bounds write in V8
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
RedTeamNotes
红队笔记
scripts
Shadowsocks/SS一键脚本、ShadowsocksR/SSR一键脚本、V2Ray一键脚本、trojan一键脚本、VPS教程
SharpADUserIP
提取DC日志,快速获取域用户对应IP地址
SpringSecurity
A list for Spring Security
tencentcloud-sdk-python
Tencent Cloud API 3.0 SDK for Python
test
test
ysomap
A helpful Java Deserialization exploit framework.