nr4v3n's repositories
SuperWordlist
基于实战沉淀下的各种弱口令字典
Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
anti-sandbox
Windows对抗沙箱和虚拟机的方法总结
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
chunked-coding-converter
Burp suite 分块传输辅助插件
CloudSecWiki
CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.
CrackMapExec
A swiss army knife for pentesting networks
CVE-2019-0604
cve-2019-0604 SharePoint RCE exploit
CVE-2019-1040
CVE-2019-1040 with Exchange
CVE-2021-40444
CVE-2021-40444 PoC
Dapp-Learning
Dapp learning project for developers at all stages. Becoming and cultivating sovereign individuals. Nonprofit organization.
gld
Go shellcode LoaDer
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
ihoneyBakFileScan
多进程批量网站备份文件泄露扫描工具v0.2
JDSRC-Small-Classroom
京东SRC小课堂系列文章
JNDIExploit
一款用于JNDI注入利用的工具,大量参考/引用了Rogue JNDI项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。
Pentest-and-Development-Tips
A collection of pentest and development tips
springboot_actuator
actuator_vulnerability
TerraformGoat
TerraformGoat is HuoCorp research lab's "Vulnerable by Design" multi cloud deployment tool.
Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
webshell-venom
免杀webshell无限生成工具
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.