xxnbyy's repositories
cve-2017-7269-tool
CVE-2017-7269 to webshell or shellcode loader
datasploit
An #OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.
dnsAutoRebinding
ssrf、ssrf内网地址fuzz、dns二次rebinding、支持ipv4/ipv6、支持ip地址转码、dns记录污染
dnsmaper
子域名枚举与地图标记
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
EQGRP_Lost_in_Translation
Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
jenkins
jenkins payload
jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
MS17-010
MS17-010
nishang
Nishang - PowerShell for penetration testing and offensive security.
OCIFT
一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)
p0wnedShell
PowerShell Runspace Post Exploitation Toolkit
password_cracking_rules
One rule to crack all passwords. or atleast we hope so.
PocCollect
a plenty of poc based on python
post-exploitation
Post Exploitation Collection
pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
pymmh3
a pure python MurmurHash3 implementation.
QuasarRAT
Remote Administration Tool for Windows
Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Scan-T
a new crawler based on python with more function including Network fingerprint search
the-backdoor-factory
Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)
tomcat-weak-password-scanner
醉考拉tomcat后台弱口令扫描器,命令行版+图形界面版。
weblogic_cmd
weblogic t3 deserialization rce
WebRtcXSS
利用XSS入侵内网(Use XSS automation Invade intranet)
wydomain
to discover subdomains of your target domain
xiaomiquan_bak
小密圈备份
XX-Net
a web proxy tool