M0r41's repositories
Kling-AI-Webui
Kling AI, Make Imagination Alive. This is a revolutionary text-to-video model like Sora. Kling AI WebUI is the open source project to integrate Kling AI Video Generation Model.
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
Archive
Hacking Methodology, Cheatsheats, Conceptual-Breakdowns
awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
awesome-linux-rootkits
awesome-linux-rootkits
ctf-wiki
CTF Wiki Online. Come and join us, we need you!
CVE-2021-22205
Gitlab CE/EE RCE 未授权远程代码执行漏洞 POC && EXP CVE-2021-22205
CVE-2021-22214
Gitlab CI Lint API未授权 SSRF漏洞 CVE-2021-22214
CVE-2021-26084
POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.
CVE-2021-31166
Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166
dash-shell-rootkit
Dash rootkit. Linux Trojan Backdoor. (MALWARE)
Dejavu
DejaVU - Open Source Deception Framework
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
ghidra_scripts
Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well.
KoviD
Kernel rk
OneDriveUpdaterSideloading
Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
orbitaldump
A simple multi-threaded distributed SSH brute-forcing tool written in Python
pamspy
Credentials Dumper for Linux using eBPF
r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
rbacr
针对kubernetes中的RBAC可能被攻击检测工具。Detection tool for possible attacks on RBAC in kubernetes.
SharpTerminator
Terminate AV/EDR Processes using kernel driver
Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
Trojan
Trojans generally spread by some form of social engineering; for example, where a user is duped into executing an email attachment disguised to appear innocuous (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else. Although their payload can be anything, many modern forms act as a backdo
watchvuln
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.