hittimes's repositories
Tomcat-AJP-EXP
Java version of Tomcat-AJP-EXP, for practice
cve-2020-7247-exploit
Python exploit of cve-2020-7247
ysoserial.net
Deserialization payload generator for a variety of .NET formatters
CVE-2020-0618
SQL Server Reporting Services(CVE-2020-0618)中的RCE
convert-outlook-msg-file
Python library to convert Microsoft Outlook .msg files to .eml/MIME message files.
ATTCK-PenTester-Book
ATTCK-PenTester-Book
expressvpn_leak_testing
ExpressVPN Leak Testing Tools
jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
CurveBall
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
spikeSystem
一个秒杀系统的例子分析
Red_Team
Some scripts useful for red team activities
chainoffools
A PoC for CVE-2020-0601
shellcode
myshellcode
php-version-audit
Audit your PHP version for known CVEs and patches
wooyun-payload
从wooyun中提取的payload,以及burp插件
w12scan
🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
Antivirus_R3_bypass_demo
分别用R3的0day与R0的0day来干掉杀毒软件
nmap-vulners
NSE script based on Vulners.com API
Decrypt_Weblogic_Password
搜集了市面上绝大部分weblogic解密方式,整理了7种解密weblogic的方法及响应工具。
proton
Proton Framework is a Windows post exploitation framework similar to other penetration testing tools such as Meterpreter and Powershell Invader Framework. The major difference is that the Proton Framework does most of its operations using Windows Script Host (a.k.a. JScript/VBScript), with compatibility in the core to support a default installation of Windows 2000 with no service packs (and potentially even versions of NT4) all the way through Windows 10.
Sreg
Sreg可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。
phuip-fpizdam
Exploit for CVE-2019-11043
fluxion
Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality.
CVE-2019-7609
exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
dirmap
An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。
THC-Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Anime4K
A High-Quality Real Time Upscaler for Anime Video
iplist
:book: IP CIDRs List / IP 地址列表,每周更新
CTFCrackTools
China's first CTFTools framework.**国内首个CTF工具框架,旨在帮助CTFer快速攻克难关