forlin's repositories
CVE-2018-2628
CVE-2018-2628
xss_html_dom
HTML DOM事件对象下的XSS
CVE-2018-8174_EXP
CVE-2018-8174_python
burpExtender
burp的漏洞检测插件扩展
CNVD-C-2019-48814
WebLogic wls9-async反序列化远程命令执行漏洞
CVE-2018-14729
Discuz backend getshell
CVE-2018-3191
CVE-2018-3191 payload generator
CVE-2018-9206
A Python PoC for CVE-2018-9206
CVE-2019-11581
Atlassian JIRA Template injection vulnerability RCE
easyXssPayload
XssPayload List . Usage:
EventCleaner
A tool mainly to erase specified records from Windows event logs, with additional functionalities.
HTTPHeadModifer
一款快速修改HTTP数据包头的Burp Suite插件
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
laravel-poc-CVE-2018-15133
PoC for CVE-2018-15133 (Laravel unserialize vulnerability)
lxhToolHTTPDecrypt
HTTPDecrypt
NodeJS-Red-Team-Cheat-Sheet
NodeJS Red-Team Cheat Sheet
redis-rogue-getshell
利用redis 4.x/5.x master/slave 模式getshell
sh00t
Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
zimbra_poc
Zimbra XXE+SSRF+UPLOAD Poc