muyuxx

Apache-Solr-RCE

Apache Solr Exploits 🌟

CcRemote

这是一个基于gh0st远程控制的项目，使自己更深入了解远控的原理，来编写一款自己的远控(正在编写)，项目采用VS2017

Chimera

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

CobaltStrike

CobaltStrike's source code

CVE-2021-1732-Exploit

CVE-2021-1732 Exploit

CVE-2021-22986

CVE-2021-22986 & F5 BIG-IP RCE

Eternalblue

Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010

EternalBlueC

EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader

ethminer

Ethereum miner with OpenCL, CUDA and stratum support

exploits

exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House

fastjson_rec_exploit

fastjson一键命令执行

Godzilla

哥斯拉

javaserializetools

Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具，采用JDK 1.8+NetBeans8.2开发，软件运行必须安装JDK 1.8或者以上版本。 支持：weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。

kivy

Open source UI framework written in Python, running on Windows, Linux, macOS, Android and iOS

Medusa

:cat2:Medusa是一个主动+被动扫描平台，目前包含200+个漏洞 http://medusa.ascotbe.com

PEzor

Open-Source PE Packer

RainbowMiner

GPU/CPU Mining script with intelligent profit-switching between miningpools, algorithms, miners, using all possible combinations of devices (NVIDIA, AMD, CPU). Features: actively maintained, uses the top actual miner programs (Bminer, Ccminer, Claymore, Dstm, EnemyZ, Sgminer, T-rex and more) easy setup wizard, webinterface, auto update.

RedTeamTools

记录自己编写、修改的部分工具

RMIDeserialize

RMI 反序列化环境 一步步

sandfly-processdecloak

Sandfly Linux Stealth Rootkit Decloaking Utility

ScreenToGif

🎬 ScreenToGif allows you to record a selected area of your screen, edit and save it as a gif or video.

shiro_rememberMe_Rce

利用长亭xray高级版的回显Gadget重写的一个shiro反序列化利用工具。

skyscorpion

天蝎权限管理工具采用Java平台的JavaFX技术开发的桌面客户端，支持跨平台运行，目前基于JDK1.8开发，运行必须安装JDK或JRE 1.8，注意不能是open jdk，只能是oracle的jdk。 天蝎权限管理工具基于冰蝎加密流量进行WebShell通信管理的原理，目前实现了jsp、aspx、php、asp端的常用操作功能，在原基础上，优化了大文件上传下载、Socket代理的问题，修改了部分API接口代码。

SNETCracker

超级弱口令检查工具是一款Windows平台的弱口令审计工具，支持批量多线程检查，可快速发现弱密码、弱口令账号，密码支持和用户名结合进行检查，大大提高成功率，支持自定义服务端口和字典。

SpringBootVulExploit

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 checklist

taowu-cobalt-strike

tinyfecVPN

A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.

TitanHide

Hiding kernel-driver for x86/x64.

weevely3

Weaponized web shell

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.