qingege888's repositories
ApiAddUserTools
BypassAV无net添加windows用户
dedecmscan
织梦全版本漏洞扫描
ReadTeamExpTemplate
基于C#的Exploit模板
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
Backstab
A tool to kill antimalware protected processes
captcha-killer
burp验证码识别接口调用插件
DirDar
DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,优先更新高危且易利用的漏洞利用脚本,最新添加CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
govcl
Cross-platform Golang GUI library.
Gr33k
图形化漏洞利用集成工具
java-object-searcher
java内存对象搜索辅助工具
JNDIExploit
A malicious LDAP server for JNDI injection attacks
JSINFO-SCAN
递归式寻找域名和api。
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Kernelhub
Windows 提权漏洞合集,附带编译环境,演示GIF图,漏洞详细信息,可执行文件
MDUT
MDUT - Multiple Database Utilization Tools
Packer-Fuzzer
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
pc_wxapkg_decrypt
windows pc端wxpkg文件解密(非解包)
pentest
渗透测试用到的东东
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
rogue-jndi
A malicious LDAP server for JNDI injection attacks
SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
ThinkphpGUI
Thinkphp(GUI)漏洞利用工具,支持各版本TP漏洞检测,命令执行,getshell。
webshell-venom
免杀webshell无限生成工具(利用随机异或无限免杀D盾)
Windows-exploits
🎯 Windows 平台提权漏洞大合集(收集)
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.