MrFk's starred repositories
404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
SpringBoot-Scan
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
WeblogicTool
WeblogicTool,GUI漏洞利用工具,支持漏洞检测、命令执行、内存马注入、密码解密等(深信服深蓝实验室天威战队强力驱动)
Supershell
Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell
HiddenDesktop
HVNC for Cobalt Strike
FastjsonScan
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
mysql-fake-server
MySQL Fake Server (纯Java实现,支持GUI版和命令行版,提供Dockerfile,支持多种常见JDBC利用)
KRBUACBypass
UAC Bypass By Abusing Kerberos Tickets
S-BlastingDictionary
自己搜集的爆破字典,包括常用用户名、密码弱口令、SQL万能密码等
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
elevationstation
elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative
SSH-Harvester
Harvest passwords automatically from OpenSSH server
Arbitrium-RAT
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
evil_minio
EXP for CVE-2023-28434 MinIO unauthorized to RCE
HexDnsEchoT
命令执行不回显但DNS协议出网的命令回显场景解决方案(修改为使用ceye接收请求,添加自定义DNS服务器)
PigScheduleTask
添加计划任务方法集合
CallStackMasker
A PoC implementation for dynamically masking call stacks with timers.
CVE-2023-3519
RCE exploit for CVE-2023-3519
CVE-2023-0179-PoC
针对(CVE-2023-0179)漏洞利用 该漏洞被分配为CVE-2023-0179,影响了从5.5到6.2-rc3的所有Linux版本,该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。