dxm's repositories
POC-2022-HW-POC
2022 护网行动 POC 整理
2023Hvv
2023 HVV情报速递~
BehinderClientSource
❄️冰蝎客户端源码-V4.0.6🔞
CVE-2022-23222
CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
CVE-2022-47966
POC for CVE-2022-47966 affecting multiple ManageEngine products
dddd
一款高可拓展的指纹识别、供应链漏洞探测工具。支持从Hunter、Fofa批量拉取目标。
evil_minio
EXP for CVE-2023-28434 MinIO unauthorized to RCE
HowToCook
程序员在家做饭方法指南。Programmer's guide about how to cook at home (Chinese only).
Java-Js-Engine-Payloads
Java-Js-Engine-Payloads
Leaked-Credentials
how to look for Leaked Credentials !
msmap
Msmap is a Memory WebShell Generator.
PostConfluence
哥斯拉Confluence后渗透插件 MakeToken SearchPage ListAllUser AddAdminUser ListAllPage ........
ScreenConnect-AuthBypass-RCE
ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!
Sec-Interview-4-2023
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
SecurityList
A list for Web Security and Code Audit
shiro_attack
shiro attack
thinkphp_lang_RCE
about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
utf-8-overlong-encoding
抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组
WeChatMsg
提取微信聊天记录,将其导出成HTML、Word、CSV文档永久保存,对聊天记录进行分析生成年度聊天报告
XG_NTAI
用于Webshell木马免杀、流量加密传输
Xray-crack
Xray 1.9.3
ysomap
A helpful Java Deserialization exploit framework.
ysoserial-
ysoserial修改版,着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。
Zentao-Captcha-RCE
禅道研发项目管理系统`misc-captcha-user`认证绕过后台命令注入漏洞
zentaopms_poc
禅道相关poc
zip-slip-vulnerability
Zip Slip Vulnerability (Arbitrary file write through archive extraction)