zzzz's repositories
ArduinoCore-avr
The Official Arduino AVR core
BypassAVzzzz
This map lists the essential techniques to bypass anti-virus and EDR
Collection_TianYa
天涯神贴合集 pdf版 无水印版 免费分享 方便阅读
CVE-2022-26923
A proof of concept exploiting CVE-2022-26923.
CVE-2024-21378
This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
CVE-2024-3116_RCE_in_pgadmin_8.4
Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4
EDRSilencer
推荐1_致盲edr A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Frchannel
帆软bi反序列化漏洞利用工具
GPT_API_free
Free ChatGPT API Key,免费ChatGPT API,支持GPT4 API(免费),ChatGPT国内可用免费转发API,直连无需代理。可以搭配ChatBox等软件/插件使用,极大降低接口使用成本。国内即可无限制畅快聊天。
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
LaZagne
Credentials recovery project
linux-exploit-suggester
Linux privilege escalation auditing tool
mimikatz
A little tool to play with Windows security
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
RelayX
NTLM relay test.
security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
shadow-tls
A proxy to expose real tls handshake to the firewall
SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
Tianji
天机是 SocialAI(来事儿AI)制作的一款免费使用、非商业用途的人工智能系统。您可以利用它进行涉及传统人情世故的任务,如如何敬酒、如何说好话、如何会来事儿等,以提升您的情商和"核心竞争能力"
tianya-docs
精心收集的天涯神贴,不带水印,方便阅读
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
vulnerability
收集、整理、修改互联网上公开的漏洞POC
ysoserial_sanmeng
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.优化了一些东西。
ZhiShanGongFangAVV
免杀 推荐1