hahaheihei's repositories
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
backend-init
一个 go后端的模板框架,有很多重复性的初始化代码。从这里开始,只需要专心写业务逻辑。
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
2021_Hvv
2021 hw
2021hvv_vul
2021hvv漏洞汇总
SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
GitLab-11.4.7-RCE
POC for GitLabs Authenticated RCE in version 11.4.7 community edition
r0capture
安卓应用层抓包通杀脚本
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
linux-exploit-suggester
Linux privilege escalation auditing tool
Behinder
“冰蝎”动态二进制加密网站管理客户端
OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Sublist3r
Fast subdomains enumeration tool for penetration testers
xssplatform
一个经典的XSS渗透管理平台
CNVD-2020-10487-Tomcat-Ajp-lfi
Tomcat-Ajp协议文件读取漏洞
fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner
CNVD-2020-10487/CVE-2020-1938,批量扫描工具
exploits
Pwn stuff.
webshell-detect-bypass
绕过专业工具检测的Webshell研究文章和免杀的Webshell
webshell
This is a webshell open source project
jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
sec-chart
安全思维导图集合
bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
POC-CVE-2018-10933
LibSSH Authentication Bypass Exploit using RCE