Giters
yearnming

yearnming

Geek Repo

6

followers

5

following

797

stars

Github PK Tool:Github PK Tool

yearnming's repositories

PentestDB

各种数据库的利用姿势

Stargazers:0Issues:0Issues:0

yakit

Cyber Security ALL-IN-ONE Platform

License:AGPL-3.0Stargazers:0Issues:0Issues:0

CVE-2021-4034

CVE-2021-4034 1day

License:MITStargazers:0Issues:0Issues:0

GoBypass

Golang免杀生成工具

License:MITStargazers:0Issues:0Issues:0

xssplatform

一个经典的XSS渗透管理平台

Stargazers:0Issues:0Issues:0

JNDIScan

无须借助dnslog且完全无害的JNDI反连检测工具,解析RMI和LDAP协议实现,可用于甲方内网自查

License:Apache-2.0Stargazers:0Issues:0Issues:0

log4j-scanner

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Stargazers:0Issues:0Issues:0

cve-2021-22005-exp

Stargazers:0Issues:0Issues:0

bypass

License:MPL-2.0Stargazers:0Issues:0Issues:0

CVE-mitre

https://cve.mitre.org/

Stargazers:0Issues:0Issues:0

L4sh

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Stargazers:0Issues:0Issues:0

Command2API

Command2API - 万物皆可API

Stargazers:0Issues:0Issues:0

log4j-scan

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

License:MITStargazers:0Issues:0Issues:0

JNDIExploit-1

一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)

Stargazers:1Issues:0Issues:0

goon

goon,集合了fscan和kscan等优秀工具功能的扫描爆破工具。功能包含:ip探活、port扫描、web指纹扫描、title扫描、压缩文件扫描、fofa获取、ms17010、mssql、mysql、postgres、redis、ssh、smb、rdp、telnet、tomcat等爆破以及如netbios探测等功能。

Stargazers:0Issues:0Issues:0

PwdBUD

一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典

Stargazers:0Issues:0Issues:0

ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

License:MITStargazers:0Issues:0Issues:0

webshell

This is a webshell open source project

License:MITStargazers:0Issues:0Issues:0

toolset

免杀小小工具集

Stargazers:0Issues:0Issues:0

SCFProxy

A little proxy tool based on Tencent Cloud Function Service.

Stargazers:0Issues:0Issues:0

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

License:MITStargazers:0Issues:0Issues:0

fastjson_rce_tool

JNDI服务利用工具 RMI/LDAP,支持部分场景回显,内存shell等,fastjson漏洞检测辅助工具, Log4j漏洞检测辅助工具

Stargazers:1Issues:0Issues:0

CSAgent

CobaltStrike 4.x通用白嫖及汉化加载器

Stargazers:0Issues:0Issues:0

CVE-2021-22005

CVE-2021-22005 - VMWare vCenter Server File Upload to RCE

Stargazers:0Issues:0Issues:0

mooder

Mooder是一款开源、安全、简洁、强大的团队内部知识分享平台。

License:LGPL-3.0Stargazers:0Issues:0Issues:0

redteam_vul

红队作战中比较常遇到的一些重点系统漏洞整理。

Stargazers:0Issues:0Issues:0

traitor

:arrow_up: :skull_and_crossbones: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

License:MITStargazers:0Issues:0Issues:0

scf-proxy

Stargazers:0Issues:0Issues:0

JSFinder

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

Stargazers:0Issues:0Issues:0

ListRDPConnections

C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录,从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机

Stargazers:0Issues:0Issues:0