xxh396's repositories
BypassAnti-Virus
免杀姿势学习、记录、复现。
CNVD-2020-10487-Tomcat-ajp-POC
CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc
exp_hub
漏洞复现与poc收集,CVE-2021-21975,cve-2021-22005,CVE-2021-26295,VMware vCenter任意文件读取
fuso
一款体积小, 快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 (A small volume, fast, stable, efficient, and lightweight intranet penetration, port forwarding tool supports multiple connections, cascading proxy, and transmission encryption)
githack3
A `.git` folder disclosure exploit; A script based on Crawler,used python3 and you can use it in windows
Java-Shellcode-Loader
基于Java实现的Shellcode加载器
JustC2file
Burp插件,Malleable C2 Profiles生成器;可以通过Burp代理选中请求,生成Cobalt Strike的profile文件(CSprofile)
pentest-note
渗透测试☞经验/思路/想法/总结/笔记
RedTeamTools
记录自己编写、修改的部分工具
SeBruteGUI
专注登入框暴力破解,selenium+chromedriver模拟浏览器点击登入,无视复杂的前端JS加密,弱口令多线程快速检测。
SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
spring4shell_behinder
CVE-2022-22965写入冰蝎webshell脚本
Supershell
Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
win-shellcode-rs
improved shellcode template for b1tg/rust-windows-shellcode
WindowsElevation
Windows Elevation(持续更新)
winx64-InjectAllProcessesMeterpreter-Shellcode
64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
yaegi
Yaegi is Another Elegant Go Interpreter