Draven's repositories
BurpHttpHelper
BurpHttpHelper是基于Burpsuite的插件,通过自定义规则的来对Http请求头进行增删改操作。
CVE-2022-36537
POC of CVE-2022-36537
evil-mysql-server
evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
FastjsonScan-1
Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency
Gofreeproxy
自用的动态代理小工具
jar-analyzer
A Java GUI Tool for Analyzing Jar
JNDIExploit-1
对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改
JNDInjector
一个高度可定制化的JNDI和Java反序列化利用工具
mimikatz-rs
Rusty Mimikatz - All credits to: github.com/ThottySploity/mimiRust (Original author deleted account so I uploaded for community use)
PySQLTools
Mssql利用工具
RasmanPotato
Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do
XshellCrack
XshellCrack is a secondary development based on SharpXDecrypt, rewritten with go language, increased the registry query Settings, more convenient for xshell local password cracking
ysoserial-1
ysoserial for su18
ALLirt
Tool that converts All of libc to signatures for IDA Pro FLIRT Plugin. and utility make sig with FLAIR easily
cola_dnslog
Cola Dnslog v1.3.2 更加强大的dnslog平台/无回显漏洞探测辅助平台 完全开源 dnslog httplog ldaplog rmilog 支持dns http ldap rmi等协议 提供API调用方式便于与其他工具结合 支持钉钉机器人、Bark等提醒 支持docker一键部署 后端完全使用python实现 前端基于vue-element-admin二开
cookie_crimes
Read local Chrome cookies without root or decrypting
glibc-all-in-one
🎁A convenient glibc binary and debug file downloader and source code auto builder
IPRotate_Burp_Extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
kernel-exploit-factory
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
SocialEngineeringDictionaryGenerator
社会工程学密码生成器,是一个利用个人信息生成密码的工具
SpringSecurity
A list for Spring Security