dinosn

hikvision

Hikvision log4j PoC

CVE-2024-20931

CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839

synackDUO

Python Duo Push API

citrix_cve-2023-4966

Citrix CVE-2023-4966 from assetnote modified for parallel and file handling

netscaler-startwebview

Netscaler simple python exploit for mass checks

ysoserial.net-docker

ysoserial.net docker image

weblogic

Weblogic exploits

2024-PocLib

此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现，POC已通过nuclei或xray武器化，本项目旨在为网络安全爱好者们提供一点参考资料，可供个人研究使用，共勉

avred

Analyse your malware to surgically obfuscate it

awesome-industrial-protocols

Security-oriented list of resources about industrial network protocols.

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

Caro-Kann

Encrypted shellcode Injection to avoid Kernel triggered memory scans

cs2br-bof

CVE-2022-36537

POC of CVE-2022-36537

CVE-2023-46604

CVE-2024-21006_jar

CVE-2024-21006 exp

DonPAPI

Dumping DPAPI credz remotely

ExecIT

Execute shellcode files with rundll32

JNDI-Injection-Exploit-Plus

60+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

JNDI-Injection-LDAP-Deserialization

KubeStalk

KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.

LOLDrivers_finder

maigret

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

nanodump

The swiss army knife of LSASS dumping

redis_get

Get redis keys from open redis, or by using a password. This is to create a proof of concept to be used later in reports.

RichFaces

A collection of exploits created or modified by me

SeeYouCM-Thief

stealer-parser

Information stealer logs parser

Weblogic-1

WebLogic vulnerability exploration from beginner to expert.

WeblogicEnvironment

WeblogicEnvironment docker setup for research