lbcnp's repositories
black-hat-go
《Black.Hat.Go》中文翻译
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
CVE-2021-40444
CVE-2021-40444 PoC
dubbo-exp
Dubbo反序列化一键快速攻击测试工具,支持dubbo协议和http协议,支持hessian反序列化和java原生反序列化。
FileMonitor
文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
httpwaf2.0
httpwaf是一款永久免费的web应用防火墙,是最好用的waf。
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
JNDIScan
无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
JSFinder
JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
JSP-Webshells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
LinkFinder
A python script that finds endpoints in JavaScript files
log4j2burpscanner
CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
MS17-010
MS17-010
muggle-ocr
A backup of muggle-ocr pip package
oracleShell
oracle 数据库命令执行
pxplan
POCs
rdpwrap
RDP Wrapper Library
revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
SharpWifiGrabber
Sharp Wifi Password Grabber retrieves in clear-text the Wi-Fi Passwords from all WLAN Profiles saved on a workstation.
shellcodeloader
shellcodeloader
webshellSample
webshell sample for WebShell Log Analysis
wxapkg-unpacker
微信小程序反编译