shad0w008's repositories
advent-vmpwn
2019 Advent Calendar, vmware pwnables
CVE-2020-0796
CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
CVE-2020-11107
This is a writeup for CVE-2020-11107 reported by Maximilian Barz
CVE-2020-8515-PoC
CVE-2020-8515-PoC
dynTaintTracer
a tain tracer based on DynamoRIO, currently ARM only
ESD
Enumeration sub domains(枚举子域名)
exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本,均为亲测可用的脚本文件,优先更新高危且易利用的漏洞利用脚本,最近添加CVE-2020-1938、CVE-2020-2551、CVE-2019-2618、CVE-2019-6340
GhostShell
Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
gospider
Gospider - Fast web spider written in Go
JSshell
JSshell - A JavaScript reverse shell for exploiting XSS remotely or finding blind XSS, working with both Unix and Windows OS
LeakLooker-X
LeakLooker GUI - Discover, browse and monitor database/source code leaks
mysql-server
MySQL Server, the world's most popular open source database, and MySQL Cluster, a real-time, open source transactional database.
MySQL_Fake_Server
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
nmap_draytek_rce
nmap script to detect CVE-2020-8515 on Draytek Devices
poc-1
Proof of Concepts
PrivescCheck
Privilege Escalation Enumeration Script for Windows
pywinsandbox
Windows Sandbox Utillities Python Package
redis-rce-1
Redis RCE 的几种方法
SDBbot-Unpacker
SDBbot Unpacker
StyleCop
Analyzes C# source code to enforce a set of style and consistency rules.
SysWhispers
AV/EDR evasion via direct system calls.
UACME
Defeating Windows User Account Control
WinObjEx64
Windows Object Explorer 64-bit
XSHOCK
XSHOCK Shellshock Exploit
xxexploiter
Tool to help exploit XXE vulnerabilities
Z0FCourse_ReverseEngineering
Reverse engineering focusing on x64 Windows.