whojeff

PrintSpoofer

Abusing Impersonation Privileges on Windows 10 and Server 2019 本地提权2012-2019

Windows-Fuck

Windows 下的提权大合集，提权，我的最爱！

0day

各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新

aaaAyyYy

简单的分离免杀demo

Antivirus_R3_bypass_demo

分别用R3的0day与R0的0day来干掉杀毒软件

BypassShell

anti AV

Cas_Exploit

CAS反序列化漏洞利用工具

CobaltStrike

CobaltStrike's source code

EHole

EHole(棱洞)-红队重点攻击系统指纹探测工具

Exp-collect

Fake-flash.cn

www.flash.cn 的钓鱼页，中文+英文

geacon

Practice Go programming and implement CobaltStrike's Beacon in Go

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Hessian-Deserialize-RCE

Hession-Deserialize-RCE 反序列化命令执行

Homework-of-C-Language

C/C++ code examples of my blog.

jsp-webshell

single file jsp webshell, work on jdk5+

linux-exploit-suggester

Linux privilege escalation auditing tool

MDUT

MDUT - Multiple Database Utilization Tools

MSSQL_BackDoor

OA-ezOFFICE

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Security_Learning

Security Learning For All~

shiro_exp

shiro_rememberme 反序列化漏洞 利用EXP

Shiro_Xray

CommonsBeanutils1,CommonsCollectionsK1

ShiroScan

Shiro<=1.2.4反序列化，一键检测工具

SimpleShellcodeInjector

SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.

SpringBootVulExploit

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 checklist

TongDaOA-Fake-User

通达OA 任意用户登录漏洞

whojeff.github.io

纯属娱乐

xray

xray 安全评估工具