miner67's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
Audit-Learning
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
awd_auto_attack_framework
AWD 自动化攻击框架
awvs_script_decode
解密好的AWVS10.5 data/script/目录下的脚本
CVE-2018-1111
Environment for DynoRoot (CVE-2018-1111)
CVE-2018-8120
CVE-2018-8120 Windows LPE exploit
EtherTokens
created by miner67
FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp
警惕 一种针对红队的新型溯源手段!
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
IIS_exploit
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
IntruderPayloads
A collection of Burpsuite Intruder payloads, fuzz lists and file uploads
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
metasploit-framework
Metasploit Framework
pentest
渗透测试用到的东东
trackerslist
Updated list of public BitTorrent trackers
TrojanSourceFinder
🔎 Help find Trojan Source vulnerability in code 👀 . Useful for code review in project with multiple collaborators (CI/CD)
webdav_exploit
An exploit for Microsoft IIS 6.0 CVE-2017-7269
WeblogicScan
增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持
webshell
This is a webshell open source project
webshell-find-tools
分析web访问日志以及web目录文件属性,用于根据查找可疑后门文件的相关脚本。
wongoose_lib
wongoose网络库
ydxred_tools
一些实用的小工具