Qlng

activemq_Throwable

Apache ActiveMQ (版本 < 5.18.3) RCE

ActiveMqRCE

用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入

ADCSCoercePotato

Awesome-POC

一个漏洞POC知识库

Be-a-Docker-Escaper

The container escape challenge of Be A RWCTFer competition (https://be-a-rwctfer.realworldctf.com/)

Beacon_Source

not a reverse-engineered version of the Cobalt Strike Beacon

CallBackDump

dump lsass进程工具

Cobalt_Strike_wiki

Cobalt Strike系列

connectwise-screenconnect_auth-bypass-add-user-poc

CVE-2023-27372

SPIP Vulnerability Scanner - CVE-2023-27372 Detector

CVE-2023-34039

VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)

CVE-2023-3519

RCE exploit for CVE-2023-3519

CVE-2023-36745

cve-2023-36802

Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver

CVE-2023-38035

Ivanti Sentry CVE-2023-38035

CVE-2023-48788

Fortinet FortiClient EMS SQL Injection

CVE-2024-0204

Authentication Bypass in GoAnywhere MFT

CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

CVE-2024-21413

Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC

CVE-2024-21413-

CVE-2024-21413 PoC for THM Lab

CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

cve-2024-21762-check

Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762

Databasetools

一款用Go语言编写的数据库自动化提权工具，支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接

fscan

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

NacosRce

Proxy-Attackchain

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

SearchAvailableExe

寻找可利用的白文件

Urldns

wechat

微信收藏的文章

wmiexec-Pro

New generation of wmiexec.py