xxnbyy's repositories
ByPassBehinder4J
冰蝎Java WebShell自动化免杀生成
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
ArbitraryDirectoryDeletion
From directory deletion to SYSTEM shell
chaos-public-program-list
Source for bug bounty programs available on Chaos
CN_Nessus_Plugins_Interface
nessus插件中文查询接口
CVE-2019-7192_QNAP_Exploit
QNAP pre-auth root RCE Exploit (CVE-2019-7192 ~ CVE-2019-7195)
CVE-2020-1066-EXP
CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统
CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
CVE-2020-12800
POC Script for CVE-2020-12800: RCE through Unrestricted File Type Upload
CVE-2020-1337-exploit
CVE-2020-1337 Windows Print Spooler Privilege Escalation
cve-2020-1337-poc
poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)
CVE-2020-3956
PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)
CVE-2021-1675
Impacket implementation of CVE-2021-1675
fastjsonScan
fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
flannel
flannel is a network fabric for containers, designed for Kubernetes
JNDIExploit
A malicious LDAP server for JNDI injection attacks
MYExploit
OAExploit一款基于产品的一键扫描工具。
PrintDemon
PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality.
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
ShiroExploit
Shiro550/Shiro721 一键化利用工具
SweetPotato
SweetPotato修改版,用于webshell下执行命令 感谢@zcgonvh和@RcoIl两位师傅的耐心指导
SylantStrike
Simple EDR implementation to demonstrate bypass
TaskScheduler-Bypass
TaskScheduler-Bypass
ThinkphpGUI
Thinkphp(GUI)漏洞利用工具,支持各版本TP漏洞检测,命令执行,getshell。