nansjcn's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
0day-1
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
AttackWebFrameworkTools-5.0
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
CryptoVulhub
Analyze and reproduce attack events or vulnerabilities in the blockchain world.
CVE-2022-22947-POC
CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更
CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE
Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作
CVE-2022-22947_Rce_Exp
Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947
DeFiHackLabs
Reproduce DeFi hack incidents using Foundry.
Fofa-collect
Fofa平台采集工具
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
jndi_tool
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
Knowledge-Base
Knowledge Base 慢雾安全团队知识库
Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
Log4j2-RCE-Scanner
BurpSuite Extension: Log4j RCE Scanner
Metamon
This is a script which can be used to autobattle, upgrade metamon, compose eggs and open eggs in metamon game. The only parameters you need to input are you wallet address and sign. The sign can be obtained in console and you can refer to sign.png.
mintTool
This is a tool to mint stoned ape club.
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始Kubernetes攻防 🧐
Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
RequestTemplate
双语双端内网扫描以及验证工具
Ruoyi-All
若依后台定时任务一键利用
ShuiZe_0x727
信息收集自动化工具
spring-cloud-function-SpEL-RCE
spring-cloud-function SpEL RCE, Vultarget & Poc
Vuln-List
(持续更新)对网上出现的各种OA、中间件、CMS等漏洞进行整理,主要包括漏洞介绍、漏洞影响版本以及漏洞POC/EXP等,并且会持续更新。
Web3_Tutorial
🐳 Web3科学家极简入门指南
ZentaoSqli
禅道存在SQL注入漏洞 CNVD-2022-42853