rULe4Ker4pwn's starred repositories
IoT_Sec_Tutorial
IoT安全教程
CVE-2022-1388-EXP
CVE-2022-1388 F5 BIG-IP RCE 批量检测
SimpleRemoter
基于gh0st的远程控制器:实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能,优化全部代码及整理排版,修复内存泄漏缺陷,程序运行稳定。项目代码仅限于学习和交流用途。
Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
AutoPWN-Suite
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
CVE-2022-30190-follina-Office-MSDT-Fixed
CVE-2022-30190-follina.py-修改版,可以自定义word模板,方便实战中钓鱼使用。
CVE-2022-1292
CVE-2022-1292 OpenSSL c_rehash Vulnerability - POC
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
WeChatPhishing
go语言实现钓鱼抓取微信信息,搜索微信AccInfo.dat文件,从中正则匹配出当前微信名,手机号,邮箱,地区等信息,发送到cobaltstrike服务器。
Mofosploit
An attempt at a framework to automate metasploit by making the machine learning modules as plug and play packages. Alpha software and still developing. Essentially a fork of Deep Exploit at https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit.
machine_learning_security
Source code about machine learning and security.
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
real_ip_discover
Bypass Cloudflare getting real ip address bruteforcing ipv4 ranges
KARMA-DDoS
DDoS Script (DDoS Panel) with Multiple Bypass ( Cloudflare UAM,CAPTCHA,BFM,NOSEC / DDoS Guard / Google Shield / V Shield / Amazon / etc.. )
CVE-2022-30525
Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)
linux_dirty
更改后的脏牛提权代码,可以往任意文件写入任意内容,去除交互过程