Giters
nebrvherbvqljwvb

nebrvherbvqljwvb

Geek Repo

0

followers

4

following

139

stars

Github PK Tool:Github PK Tool

nebrvherbvqljwvb's starred repositories

xia_sql

xia SQL (瞎注) burp 插件 ,在每个参数后面填加一个单引号,两个单引号,一个简单的判断注入小插件。

Language:JavaStargazers:896Issues:0Issues:0

NoAgent-memshell-scanner

Language:JavaStargazers:99Issues:0Issues:0

Empire

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Language:PowerShellLicense:BSD-3-ClauseStargazers:4127Issues:0Issues:0

Empire

Empire is a PowerShell and Python post-exploitation agent.

Language:PowerShellLicense:BSD-3-ClauseStargazers:7366Issues:0Issues:0

learnjavabug

Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Language:JavaLicense:MITStargazers:2572Issues:0Issues:0

jndi_tool

JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具

Stargazers:1869Issues:0Issues:0

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Language:PythonLicense:CC-BY-SA-4.0Stargazers:27353Issues:0Issues:0

V2rayU

V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持trojan,vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等

Stargazers:18494Issues:0Issues:0

FastjsonExploit

Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)

Language:JavaStargazers:1233Issues:0Issues:0

BypassAntiVirus

远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。

Language:XSLTStargazers:4455Issues:0Issues:0

ShiroScan

Shiro RememberMe 1.2.4 反序列化漏洞图形化检测工具(Shiro-550)

Language:JavaStargazers:770Issues:0Issues:0

javaserializetools

Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。

Language:JavaStargazers:442Issues:0Issues:0

CVE-2017-3506

CVE-2017-3506

Stargazers:7Issues:0Issues:0

WeblogicScan

Weblogic一键漏洞检测工具,V1.5,更新时间:20200730

Language:PythonLicense:MITStargazers:2150Issues:0Issues:0

TideFinger

TideFinger——指纹识别小工具,汲取整合了多个web指纹库,结合了多种指纹检测方法,让指纹检测更快捷、准确。

Language:PythonStargazers:1895Issues:0Issues:0

Web-Dict

Web渗透测试中常用的目录字典

Stargazers:12Issues:0Issues:0

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPLicense:MITStargazers:56244Issues:0Issues:0

vulstudy

使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。

Language:ShellStargazers:2185Issues:0Issues:0

Hello-Java-Sec

☕️ Java Security,安全编码和代码审计

Language:JavaStargazers:1265Issues:0Issues:0

metasploit-framework

Metasploit Framework

Language:RubyLicense:NOASSERTIONStargazers:33546Issues:0Issues:0

MiscSecNotes

some learning notes about Web Application Security、 Penetration Test

License:MITStargazers:808Issues:0Issues:0

LearnJavaMemshellFromZero

【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安

Stargazers:660Issues:0Issues:0

Hosts_scan

这是一个用于IP和域名碰撞匹配访问的小工具,旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。

Language:PythonStargazers:1115Issues:0Issues:0

GitHack

A `.git` folder disclosure exploit

Language:PythonStargazers:3033Issues:0Issues:0

CVE-2022-0847

CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”

Language:ShellStargazers:271Issues:0Issues:0

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Language:GoLicense:MITStargazers:6580Issues:0Issues:0

Reactive-Resume

A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!

Language:TypeScriptLicense:MITStargazers:21183Issues:0Issues:0

HackJava

《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.

Stargazers:2496Issues:0Issues:0

GScan

本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。

Language:PythonStargazers:2580Issues:0Issues:0

LinuxTQ

《Linux提权方法论》

Stargazers:649Issues:0Issues:0