werwolfz

followers

following

stars

zzzz's repositories

cloudSec

云安全利用工具-云平台AK/SK-WEB利用工具，添加AK/SK自动检测资源，无需手动执行，支持云服务器、存储桶、数据库操作

Apache-2.0000

cloudTools

云资产管理工具目前工具定位是云安全相关工具，目前是两个模块云存储工具、云服务工具，云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等云服务工具主要是针对rds、服务器的管理，查看、执行命令、接管等等

000

Collection_TianYa

天涯神贴合集 pdf版无水印版免费分享方便阅读

000

Cryptocurrency-Security-Audit-Guide

Apache-2.0000

CVE-2024-0204

Authentication Bypass in GoAnywhere MFT

000

CVE-2024-21378

This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.

Language:Python000

CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Language:Python000

CVE-2024-21683-RCE

CVE-2024-21683 Confluence Post Auth RCE

Language:Python000

CVE-2024-3116_RCE_in_pgadmin_8.4

Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4

000

CVE-2024-38077

RDL的堆溢出导致的RCE

000

CVE-2024-6387

SSH RCE PoC CVE-2024-6387

000

developer-roadmap

Interactive roadmaps, guides and other educational content to help developers grow in their careers.

NOASSERTION000

EDRSilencer

推荐1_致盲edr A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Language:CMIT000

Frchannel

帆软bi反序列化漏洞利用工具

Language:Java000

GPT_API_free

Free ChatGPT API Key，免费ChatGPT API，支持GPT4 API（免费），ChatGPT国内可用免费转发API，直连无需代理。可以搭配ChatBox等软件/插件使用，极大降低接口使用成本。国内即可无限制畅快聊天。

Language:PythonMIT000

java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

Language:Java000

JDumpSpider

HeapDump敏感信息提取工具

Apache-2.0000

LaZagne

Credentials recovery project

LGPL-3.0000

mimikatz

A little tool to play with Windows security

Language:C000

nacos-poc

000

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

MIT000

PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Language:C#NOASSERTION000

Tianji

天机是 SocialAI（来事儿AI）制作的一款免费使用、非商业用途的人工智能系统。您可以利用它进行涉及传统人情世故的任务，如如何敬酒、如何说好话、如何会来事儿等，以提升您的情商和"核心竞争能力"

Language:PythonApache-2.0000

tianya-docs

精心收集的天涯神贴，不带水印，方便阅读

000

TscanPlus

一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

000

vshell

vshell 是一款安全对抗模拟、红队工具。提供隧道代理和隐蔽通道，模拟长期潜伏攻击者的策略和技术

000

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT000

vulnerability

收集、整理、修改互联网上公开的漏洞POC

Language:GoMIT000

yakit

yak gRPC Client GUI - 集成化单兵工具平台

Language:TypeScriptAGPL-3.0000

ysoserial_sanmeng

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。

Language:JavaMIT000