gcxtx

pentest's repositories

Zoom

Automatic & lightning fast wordpress vulnerability scanner

Language:PythonGPL-3.048 50

geacon

Practice Go programming and implement CobaltStrike's Beacon in Go

Language:Go300

AppInfoScanner

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Language:Python100

CVE-2019-17564-FastJson-Gadget

Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https://www.checkmarx.com/blog/apache-dubbo-unauthenticated-remote-code-execution-vulnerability

Language:Java1 10

cve-2020-0688

Language:Python100

CVE-2020-11651-CVE-2020-11652-EXP

CVE-2020-11651&&CVE-2020-11652 EXP

Language:Python100

CVE-Flow

CVE Data Analysis, CVE Monitor, CVE EXP Prediction Based on Deep Learning. 1999-2020年存量CVE数据分析、监控CVE增量更新、基于深度学习的CVE EXP预测和自动化推送

Language:PythonMIT100

EHole

EHole(棱洞)-红队重点攻击系统指纹探测工具

100

evil-ldap-service

Emulate the evil LDAP service in a vulnerable JNDI lookup

Language:Java100

exploit-exploitdb

Language:CGPL-2.0100

fastjson_rce_tool

fastjson命令执行利用工具， remote code execute

100

fscan

一款内网扫描工具，方便一键大保健~

Language:Go100

fuzzDicts

Web Pentesting Fuzz 字典,一个就够了。

Language:Python100

ghostmirror

通过webshell实现的内网穿透工具

Language:Python100

LandrayDES

蓝凌OA的前后台密码的加解密工具

Language:Java100

LSpider

LSpider 一个为被动扫描器定制的前端爬虫

Language:PythonMIT100

MySQL_Fake_Server

MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize

100

Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等，欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql

Language:JavaApache-2.0100