passwa11's repositories
AJ-REPORT-EXPLOIT
AJ-REPORT未授权远程命令执行CNVD-2024-15077利用工具,在原版基础上增加了新的鉴权绕过以及远程命令执行方式,可以绕过最新修复。
-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server
This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server
Certificate-Transparency-Monitor---Rust
This project monitor certificate transparency lists . Additional feature is that this can be used to monitor with wildcards from bugbounties
cnext-exploits
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
CVE-2023-34992
CVE-2023-34992: Fortinet FortiSIEM Command Injection Proof of Concept Exploit
CVE-2024-21683-RCE
CVE-2024-21683 Post Auth RCE
CVE-2024-22120-RCE
Time Based SQL Injection in Zabbix Server Audit Log --> RCE
CVE-2024-27130
PoC for CVE-2024-27130
CVE-2024-27460
Plantronics Desktop Hub LPE
CVE-2024-32002
CVE-2024-32002 RCE PoC
CVE-2024-4367-POC
CVE-2024-4367 arbitrary js execution in pdf js
darkPulse
darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,目前免杀火绒,360,360核晶。
e0e1-wx
微信小程序辅助渗透-自动化
encrypt-decrypt-vuls
加解密逻辑漏洞靶场
Fence_php_horse
栅栏加密php木马bypass
jar-obfuscator
Jar Obfuscator - 一个 JAR/CLASS 字节码混淆工具,支持包名类名方法名字段名参数名重命名混淆,支持字符串加密整型异或混淆,垃圾代码花指令混淆,支持 JVMTI 代码加密,配置简单,容易上手
Microsoft-Edge-Information-Disclosure
CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
nginx_shell
nginx WebShell/内存马,更优雅的nignx backdoor
No_X_Memory_ShellCode_Loader
无可执行权限加载 ShellCode (点点 Star,非常感谢!) Loading ShellCode without executable permission (Click Star, thank you very much!)
openssl_extract_and_decrypt
针对IoT固件的openssl加密的暴力破解脚本
POC
收集整理漏洞EXp/POC,大部分漏洞来源网络,目前收集整理了500多个poc/exp,长期更新。
RingQ
一款后渗透免杀工具,助力每一位像我这样的脚本小子快速实现免杀,支持bypass 360 火绒 Windows Defender
RuishuBypass
瑞数 bypass all
微信收藏的文章
wx-hook
用于存取记录以前的基址和小程序文件
XG_NTAI
一键免杀冰蝎、哥斯拉等webshell的php、jsp木马文件
YongYouNcTool
用友NC系列漏洞检测利用工具,支持一键检测、命令执行回显、文件落地、一键打入内存马、文件读取等