mai-lang-chai

echarts

Apache ECharts is a powerful, interactive charting and data visualization library for browser

nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

playwright-python

Python version of the Playwright testing and automation library.

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

sql-injection-payload-list

🎯 SQL Injection Payload List

exploits

CVE-2021-1675

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

upload-fuzz-dic-builder

上传漏洞fuzz字典生成脚本

IoT-vulhub

IoT固件漏洞复现环境

Ghostpack-CompiledBinaries

Compiled Binaries for Ghostpack (.NET v4.0)

CVE-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

svnExploit

SvnExploit支持SVN源代码泄露全版本Dump源码

Alaris

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

shelling

SHELLING - a comprehensive OS command injection payload generator

Apache-Solr-RCE

Apache Solr Exploits 🌟

ShuiYing_0x727

检测域环境内，域机器的本地管理组成员是否存在弱口令和通用口令，对域用户的权限分配以及域内委派查询

hexo-theme-alpha-dust

🌠 Original Futuristic Hexo Theme

WebBatchRequest

WEB批量请求器（WebBatchRequest）是对目标地址批量进行快速的存活探测、Title获取，简单的banner识别，支持HTTP代理以及可自定义HTTP请求用于批量的漏洞验证等的一款基于JAVA编写的轻量工具。

xp_CAPTCHA

xp_CAPTCHA_api burp 验证码识别插件 调用接口 准确率更高

xxl-job-rce

xxl-job未授权命令执行

jumpserver_rce

Automotive-Security-Timeline

汽车信息安全事件时间轴

xxl-job

xxl-job RESTful API RCE

Inspur

Inspur vul repo

Papers

Papers

CVE-2020-26259

CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights.

sourceincite.github.io

Shiro-Vuln-Demo

Shiro漏洞实例源码