jond's repositories
BurpLog4j2Scan
Burpsuite被动扫描插件
CVE-2021-44228-Apache-Log4j-Rce
Apache Log4j 远程代码执行
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
nse-log4shell
Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)
rogue-jndi
A malicious LDAP server for JNDI injection attacks
CVE-2023-2640-CVE-2023-32629
GameOver(lay) Ubuntu Privilege Escalation
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
adidnsdump
Active Directory Integrated DNS dumping by any authenticated user
brutespray
Brute-Forcing from Nmap output - Automatically attempts default creds on found services.
Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
impacket
NTDS - impacket-secretsdump - Impacket is a collection of Python classes for working with network protocols.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
nmap-vulners
NSE script based on Vulners.com API
Open-Redirect-Payloads
Open Redirect Payloads
ParamSpider
Mining parameters from dark corners of Web Archives
SimpleFTPServer
Python SimpleFTPServer
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
subdomain-bruteforce-list
subdomain bruteforce list
weblogicScanner
weblogic 漏洞扫描工具。目前包含 CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551