shine_clown's starred repositories
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
520apkhook
将安卓远控Apk附加进普通的App中,运行新生成的App时,普通App正常运行,远控正常上线。Attach the Android remote control APK to a regular app. When the newly generated app is launched, the regular app operates as normal while the remote control goes online seamlessly.
reverse_ssh
SSH based reverse shell
Databasetools
一款用Go语言编写的数据库自动化提权工具,支持Mysql、MSSQL、Postgresql、Oracle、Redis数据库提权、命令执行、爆破以及ssh连接
ScopeSentry
ScopeSentry-网络空间测绘、子域名枚举、端口扫描、敏感信息发现、漏洞扫描、分布式节点
JenkinsExploit-GUI
一款Jenkins的综合漏洞利用工具
CVE_2024_30078_POC_WIFI
basic concept for the latest windows wifi driver CVE
OSSFileBrowse
存储桶遍历漏洞利用工具
mssql-command-tool
xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作,上传,job等相应操作。
cve_2024_0044
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
docker-escape-tool
Tool to test if you're in a Docker container and attempt simple breakouts
my_script_tools
平时工作上写的脚本工具或者二开修改的。
YYBaby-Spring_Scan
一款针对Spring框架的漏洞扫描及漏洞利用图形化工具
GzWebsocket
哥斯拉webshell管理工具的插件,用于连接websocket型webshell
CVE-2024-4358
Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
Z-Fscan_ekp
fscan二开,增加一些扫描完内网常见漏洞后的利用,方便被应急响应后还有其他机器在线
CVE-2024-4577
PHP CGI Argument Injection vulnerability
CVE-2021-32819
SquirrellyJS mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options, remote code execution may be triggered in downstream applications.
CVE-2024-30270-PoC
The script exploits Mailcow vulnerabilities via XSS and RCE, emphasizing the need for robust security measures and responsible usage to enhance web application security.