lazylee007's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
afrog
一个挖洞工具 - A tool for finding vulnerabilities
auto_xuexiqiangguo
每日拿满61分!免root,四人赛双人对战秒答,安卓端学习强国自动化脚本
awvs_xray
子域名爆破+awvs+xray自动扫描公司全网
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
box
TVbox开源版(空壳-自行配置)
ChatGPTScanner
A white box code scan powered by ChatGPT
cve
Gather and update all available and newest CVEs with their PoC.
CVE-2021-31805
S2-062 (CVE-2021-31805) / S2-061 / S2-059 RCE
CVE-2023-37847
CVE-2023-37847漏洞证明
DARC
Decentralized Autonomous Regulated Company (DARC), a company virtual machine that runs on any EVM-compatible blockchain, with on-chain law system, multi-level tokens and dividends mechanism.
HoneypotDic
蜜罐抓到的Top密码,根据使用频率排序,持续更新中...
iMaoTai-reserve
Actions自动预约i茅台
JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
KeymouseGo
类似按键精灵的鼠标键盘录制和自动化操作 模拟点击和键入 | automate mouse clicks and keyboard input
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
log4j2burpscanner
CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名
log4j_masscan_validator
log4j basic vulnrablity scanner for determining if log4j vulnrablity exists within an IP set collected via masscan, obviously this is not to be used for malicious or illegal purposes, only for scanning your own subnets or those you have permison to scan
NucleiTP
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
oFx
漏洞批量验证框架
POC-bomber
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
QingScan
一个漏洞扫描器粘合剂;支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证,SSH批量测试、vulmap。
SCPA
Sophisticated cyber penetration attacks is a series of advanced techniques, notes and guidance that will help you to prepare as a hacker on your journey.
Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
stock
stock,股票系统。使用python进行开发。
SZhe_Scan
碎遮SZhe_Scan Web漏洞扫描器,基于python Flask框架,对输入的域名/IP进行全面的信息搜集,漏洞扫描,可自主添加POC
WebShell-Bypass-Guide
从零学习Webshell免杀手册
wool
小羊毛薅起来