flypig5211's repositories
AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
AttackWebFrameworkTools-5.0
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
cdn-proxy
A tool that can be used by web app pentesters to create a copy of a targeted website with CDN and WAF restrictions disabled.
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
CVE-2022-29464
WSO2 RCE (CVE-2022-29464) exploit and writeup.
CVE-2023-34039
VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
CVE-2023-38831-winrar-exploit
CVE-2023-38831 winrar exploit generator
edusrc_POC
在edusrc平台上对于一些通用漏洞检测时编写的简单python POC脚本
GoWxDump
SharpWxDump的Go语言版。微信客户端取证,获取信息(微信号、手机号、昵称),微信聊天记录分析(Top N聊天的人、统计聊天最频繁的好友排行、关键词列表搜索等)
ibox-art-app
https://www.ibox.art
Landray-OA-Treexml-Rce
蓝凌OA远程代码执行漏洞批量检查
MonkeyDev
CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
natpass
🔥居家办公,远程开发神器
netspy
netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)
Poc-Monitor
🔍 Github CVE POC 信息监控推送 🚀
qq-tim-elevation
CVE-2023-34312
QuantumulX_hs
for ios quantumul x, just test for myself.
Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Some-PoC-oR-ExP
各种漏洞poc、Exp的收集或编写
termux-app
Termux - a terminal emulator application for Android OS extendible by variety of packages.
theHarvester
E-mails, subdomains and names Harvester - OSINT
VMware-CVE-2022-22954
POC for VMWARE CVE-2022-22954
vshell
vshell 是一款go编写的主机管理工具 vshell is a Remote Administation tool written in Go (RAT)
weaverOA_sql_RCE
泛微OA_V9全版本的SQL远程代码执行漏洞
woodpecker-framework-release
高危漏洞精准检测与深度利用框架
wsMemShell
WebSocket 内存马/Webshell,一种新型内存马/WebShell技术