原来是老王's repositories
Fiora
Fiora:漏洞PoC框架的图形版,快捷搜索PoC、一键运行Nuclei
netspy
netspy是一款快速探测内网可达网段工具
JNDIExploit
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
UserAdd
Bypass AV 用户添加
vscan
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
H
H是一款强大的资产收集管理平台
JNDI-Inject-Exploit
解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
jsubfinder
jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
ddddocr
带带弟弟 通用验证码识别OCR pypi版
wmiexec-RegOut
Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-software in lateral movement like WMIHACKER.
Log4j2-RCE-Scanner
BurpSuite Extension: Log4j2 RCE Scanner
socks5-server
socks5 over tls server(tcp/udp) written in golang
Auto-Elevate
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
log4j-sniffer
A tool that scans archives to check for vulnerable log4j versions
Ortau
一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。
restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
log4j2burpscanner
CVE-2021-44228 log4j2 RCE Burp Suite Passive Scanner,can customize the ceye.io api or other apis,including internal networks
JNDIMonitor
一个LDAP请求监听器,摆脱dnslog平台
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
log4jScan_Modify
对接JNDIMonitor的Burp Suite被动扫描插件
Log4j2Scan-2
一款无须借助dnslog且完全无害的log4j2反连检测工具(已有burp插件适配可搭配进行被动扫描),解析RMI和LDAP协议实现,可用于甲方内网自查
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
log4j2Scan-1
用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.