whwlsfb

BurpCrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

JDumpSpider

HeapDump敏感信息提取工具

Log4j2Scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

cve-2022-22947-godzilla-memshell

CVE-2022-22947 注入Godzilla内存马

SpringSpider

Spring Actuator端点的BurpSuite被动扫描插件。

pty_bind_shell

Pty bind shell for golang 一款基于SSH协议的远控程序

CVE-2021-22205

CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖，可在win平台使用

SwaggerHelper

用于启动本地保存的api-docs.json文档。

CryptoWatcher

一个简单的虚拟货币盯盘程序，行情数据来源于火币交易所。

agentcrack

不那么一样的 Java Agent 内存马

CDK

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

goby_poc

goby poc or exp,分享goby最新网络安全漏洞检测或利用代码

HLSpider

基于Scrapy的页面敏感词检测工具

jar-analyzer

Jar Analyzer - 一个JAR包分析工具，批量分析搜索，方法调用关系搜索，字符串搜索，Spring分析，CFG分析，JVM Stack Frame分析等众多功能

log4j-payload-generator

Log4j jndi injects the Payload generator

onedev

Super Easy All-In-One DevOps Platform

revsuit

RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

viewgen

Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

clash

A rule-based tunnel in Go.

dotnet-sdk

Dapr SDK for .NET

InstallerFileTakeOver

linux

Linux kernel source tree

nas-tools

A fork of NAStool/nas-tools:2.9.1

penelope

Penelope Shell Handler

stable-diffusion-webui

Stable Diffusion web UI

sunlogin_rce_

某日葵远程rce

vmprotect-3.5.1

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

xray

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档