wangxiaomo's repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Awesome-CobaltStrike
CobaltStrike的相关资源汇总 / List of Awesome CobaltStrike Resources
BurpLoaderKeygen
Burp Suite Pro Loader & Keygen
bylibrary
白阁文库是白泽Sec安全团队维护的一个漏洞POC和EXP公开项目
cf
云环境利用框架(Cloud exploitation framework)主要用来方便红队人员在获得 AK 的后续工作。
CobaltStr4.4
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors". Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.
FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
FilelessPELoader
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
goby-poc
451个goby poc,是否后门及重复自行判断,来源于网络收集的Goby&POC,不定时更新。
GobypassAV-shellcode
使用go写的shellcode免杀加载器,免杀主流杀软,bypass火绒、360、def等
LoaderFly
助力每一位RT队员,快速生成免杀木马
my-re0-k8s-security
:atom: [WIP] 整理过去的分享,从零开始的Kubernetes攻防 🧐
nessus
nessus crack for docker
poc-hub
漏洞复现、漏洞检测
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
reapoc
OpenSource Poc && Vulnerable-Target Storage Box.
RingQ
一款后渗透免杀工具,助力每一位像我这样的脚本小子快速实现免杀,支持bypass 360 火绒 Windows Defender
Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
sunlogin_rce
向日葵 RCE
ultimaste-nuclei-templates
极致攻防实验室 nuclei 检测 POC
username-anarchy
Username tools for penetration testing
Webshell_Generate
用于生成各类免杀webshell
xray_crack
适配mac和linux的crack xray启动
Youtube-Downloader
php youtube video streamer / downloader