ur10ser's repositories
Local-user-Privilege-Escalation-EXP
There is some EXP maybe help a local user or malicious program obtain system privileges on the targeted machine.
bypass_disablefunc_via_LD_PRELOAD
bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
Cachet
📛 An open source status page system for everyone.
CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
CVE-2021-30551
my exp for chrome V8 CVE-2021-30551
CVE-2021-4034
PoC for CVE-2021-4034
FakeToa
Fake IP sources using Linux's BPF feature
GoBypass
Golang免杀生成工具,参考网上已有的免杀方式实现的半自动免杀马生成工具,需要本地安装Golang环境,支持多种参数与方式生成
IntruderPayloads
A collection of Burpsuite Intruder payloads, fuzz lists and file uploads
JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
Log4j2Scan
Log4j2 RCE Passive Scanner plugin for BurpSuite
Paddle
PArallel Distributed Deep LEarning: Machine Learning Framework from Industrial Practice (『飞桨』核心框架,深度学习&机器学习高性能单机、分布式训练和跨平台部署)
Penetration_Testing_Case
用于记录分享一些有趣的案例
prvd
PHP Runtime Vulnerability Detection
sec-jobs
信息安全实习和校招的面经、真题和资料 减少安全选手找实习/工作的痛苦
Security-PPT
大安全各领域各公司各会议分享的PPT
SharpChromium
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
shiro_rce_exp
Shiro RCE (Padding Oracle Attack)
TarsWeb
TARS Projects Dashboard
tongdaoa_poc
详见公众号
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
xxl-job
A distributed task scheduling framework.(分布式任务调度平台XXL-JOB)