pimps's repositories
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.
CVE-2018-7600
Exploit for Drupal 7 <= 7.57 CVE-2018-7600
CVE-2017-5645
CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization
CVE-2017-1000486
Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit
CVE-2019-2725
WebLogic Insecure Deserialization - CVE-2019-2725 payload builder & exploit
gopher-tomcat-deployer
Gopher Tomcat Deployer
pdf-NTLMLeaker
This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"
docker-java-xxe
Docker image to test XXE attacks in java with tomcat.
rizzoma-docker
This is a docker image to run rizzoma standalone for testing or quick deploys.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
CTF-Write-ups
My CTF Write-ups
CVE-2019-2726
CVE-2019-2725 命令回显
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
ipwndfu
open-source jailbreaking tool for many iOS devices
knary
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
TheGoonies-Assets-1
All the assets done for TheGoonies CTF Team.