halodoom's starred repositories
WeaverExploit_All
泛微最近的漏洞利用工具(PS:2023)
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
JSP-WebShells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
MyMalwareAnalyze
本项目记录一些我分析的恶意代码用于归档使用
domain_hunter_pro
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
python_sec
python安全和代码审计相关资料收集 resource collection of python security and code review
GlllPowerloader
绕过AV/EDR的代码例子(Code example to bypass AV/EDR)
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
AV_Evasion_Tool
掩日 - 免杀执行器生成工具
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
JavaLearnVulnerability
Java漏洞学习笔记 Deserialization Vulnerability
ShiroAttack2
shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
ctfhub_base_image
Index of CTFHub Base Images