wangxiaomo's repositories
LoaderFly
助力每一位RT队员,快速生成免杀木马
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
Awesome-CobaltStrike
CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
Webshell_Generate
用于生成各类免杀webshell
GobypassAV-shellcode
使用go写的shellcode免杀加载器,免杀主流杀软,bypass火绒、360、def等
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
BurpLoaderKeygen
Burp Suite Pro Loader & Keygen
poc-hub
漏洞复现、漏洞检测
nessus
nessus crack for docker
bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
xray_crack
适配mac和linux的crack xray启动
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Youtube-Downloader
php youtube video streamer / downloader
sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
sunlogin_rce
向日葵 RCE
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
username-anarchy
Username tools for penetration testing
CobaltStr4.4
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors". Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.
hyper-darkmatter
Darkmatter theme for Hyper, inspired by Sublime Darkmatter
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference