zil0ng's repositories
fastjsonScan
fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
Middleware-Vulnerability-detection
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
BeanShellGadgets
Generated by the specified version
beacon-c2-go
backdoor c2
CVE-2018-15473-Exploit
Exploit written in Python for CVE-2018-15473 with threading and export formats
CVE-2021-3156
Sudo Baron Samedit Exploit
CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
go-shellcode
Load shellcode into a new process
golang-shellcode-bypassav
2021.12.9 使用go语言免杀360、微软、腾讯、火绒
kernel-exploits-1
Various kernel exploits
Kernelhub
:palm_tree:Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
kunpeng
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
memShell
FilterBased/ServletBased in memory shell for Tomcat and some other middlewares
pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
portscan
Python多线程和异步协程扫描速度比较
redis-rogue-server
Redis 4.x & 5.x RCE
seeyonAjaxGetshell
致远OA seeyon未授权漏洞批量getshell
Shiro-721
Shiro-721 RCE Via RememberMe Padding Oracle Attack
Shiro_721_Padding_Oracle_RCE
Shiro_721 exp 纯手工实现Padding Oracle整个过程
vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Vulnerability-analysis
Vulnerability-analysis Poc、python shell
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.