shi han wang's repositories
My-CTF-Web-Challenges
Collection of CTF Web challenges I made
Atlas
Quick SQLMap Tamper Suggester
St2-057
St2-057 Poc Example
CVE-2018-2893
CVE-2018-2893 PoC
theftfuzzer
TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
vulhub
Docker-Compose file for vulnerability environment
UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
upload-labs
一个帮你总结所有类型的上传漏洞的靶场
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
manticore
Symbolic execution tool
oyente
An Analysis Tool for Smart Contracts
BloodHound
Six Degrees of Domain Admin
MAIAN
MAIAN: automatic tool for finding trace vulnerabilities in Ethereum smart contracts
ROPgadget
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
Pandoras-Box
This repo contains my custom scripts for Penetration Testing and Red Team Assessments. I will keep on updating this repo as and when I get time.
CORScanner
Fast CORS misconfiguration vulnerabilities scanner
proxychains
proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
iOS
Most usable tools for iOS penetration testing
wooyun_articles
drops.wooyun.org 乌云Drops文章备份
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
RAU_crypto
Hard-coded encryption key remote file upload exploit for CVE-2017-11317, CVE-2017-11357 (Telerik UI for ASP.NET AJAX)
impacket
Impacket is a collection of Python classes for working with network protocols.
CVE-2017-8759
CVE-2017-8759
JavaTimeAgent
fix time for java application using javaAgent
Dictator
Penetration Testing Orehestrator
burpa
Burp-Automator: A Burp Suite Automation Tool with Slack Integration
Exploits
Windows Exploits
oyente-1
The project has been moved to this new repo https://github.com/melonproject/oyente
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.