K3vin's repositories
kevien.github.io
personal blog
awesome-opensource-security
A list of interesting open-source tools
linux-pam-backdoor
Linux PAM Backdoor
log4jshell-pdf
The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel
2022-HW-POC
2022 护网行动 POC 整理
BehinderClientSource
❄️冰蝎客户端源码-V4.0.6🔞
commix
Automated All-in-One OS Command Injection Exploitation Tool.
Cpp-Primer-Plus-6th
《C++ Primer Plus 第6版(中文版)》原书代码、习题答案和个人笔记,仅供学习和交流。
CTF-Challenges
Capture the flag challenges
ctf_challenges
适用于一线安服的ctf培训题目,全docker环境一键启动
dicectf-2023-challenges
All challenges from DiceCTF 2023
GRecon
Automated Google Search
kevien
Config files for my GitHub profile.
LiquidSnake
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
olist213_Information_Security_Books
150本信息安全方面的书籍书籍(持续更新)
PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
PetitPotam
替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, a series of local rights escalation methods have been realized
SystemSecurity-ReverseAnalysis
该资源为系统安全和逆向分析实验,包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本,基础性文章,希望对您有所帮助~
template-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
traitor
:arrow_up: :skull_and_crossbones: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
upload-fuzz-dic-builder
上传漏洞fuzz字典生成脚本
vulawdhub
该项目是利用docker技术创建的有漏洞的cms环境集合,可以进行练习
WechatDecrypt
微信消息解密工具