yaunsky's repositories
s2-061-rce
s2-061批量扫描兼命令执行exp
cve-2021-25646
Apache Druid 远程代码执行;检测脚本
CVE-2020-13937
Apache Kylin API未授权访问漏洞;CVE-2020-13937;Apache Kylin漏洞
CVE-202122986-EXP
F5 BIG-IP远程代码执行;cve-2021-22986,批量检测;命令执行利用
seeyon_fileupload
致远oa文件上传;批量检测;getshell
yonyouEdr-NC-exp
用友EDR-NC目录遍历、文件读取漏洞
cve-2021-3156
cve-2021-3156;sudo堆溢出漏洞;漏洞检测
2021hw-exp
2021年hvv期间收集的漏洞POC;EXP;其他项目里有某些相关漏洞的利用脚本
CVE-2017-11610
Supervisord远程命令执行漏洞脚本
SolrFileRead
apache solr 任意文件读取 exp
thinkadminreadfile
ThinkAdmin任意文件读取
Unomi-CVE-2020-13942
CVE-2020-13942 Apache Unomi 远程代码执行漏洞脚getshell
EmailVerifiy
验证邮箱真实性,对Tzeross师傅的代码稍作了修改
EmergencyResponse
Linux服务器应急响应简单脚本
yongyouGRP
用友GRP命令执行
ClusterEngine_EXP
浪潮ClusterEngine v4 命令执行; 漏洞检测
CVE-2020-17519-Apache-Flink
CVE-2020-17519; Apache Flink 任意文件读取; 批量检测
yaunsky.github.io
YaunSky Blog
bad-bpf
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
libbpf-bootstrap
Scaffolding for BPF application development with libbpf and BPF CO-RE
POC
收集整理漏洞EXp/POC
sshd_backdoor
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
TripleCross
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.