樱花の飘落's repositories
QAX_VPN_POC
奇安信VPN任意用户密码重置
blogs
PentestNotes
CmdLineSpoofer
How to spoof the command line when spawning a new process from C#.
CVE-2021-40444--CABless
Modified code so that we don´t need to rely on CAB archives
CVE-2022-21661
The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' / CVE-2022-21661)
CVE-2022-22947
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行Exp
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
GolangBypassAV
研究利用golang各种姿势bypassAV
HackPHP
《深入理解PHP代码审计》
InScan
边界打点后的自动化渗透工具
JNDIExploit
A malicious LDAP server for JNDI injection attacks
JNDIScan
无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Phantom-Evasion
Python antivirus evasion tool
Qv2ray
:star: Linux / Windows / macOS 跨平台 V2Ray 客户端 | 支持 VMess / VLESS / SSR / Trojan / Trojan-Go / NaiveProxy / HTTP / HTTPS / SOCKS5 | 使用 C++ / Qt 开发 | 可拓展插件式设计 :star:
QVD-2023-13065
Nacos JRaft Hessian 反序列化 RCE EXP
SCFProxy
A proxy tool based on cloud function.
SocialEngineeringDictionaryGenerator
社会工程学密码生成器,是一个利用个人信息生成密码的工具
Spring-Core-RCE
Spring Core RCE
spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合