Discover Al1ex/APT-GUID Open Source project by @Al1ex

CVE-2021-22205& GitLab CE/EE RCE

855

WindowsElevation

Windows Elevation(持续更新)

CSPlugins

LinuxEelvation

Linux Eelvation(持续更新)

373

CVE-2021-22205

Red-Team

Information-Security

CVE-2021-22986

CVE-2021-22986 & F5 BIG-IP RCE

Collection of penetration testing tools

Awesome-Pentest

CVE-2020-36179

CVE-2020-36179~82 Jackson-databind SSRF&RCE

Heptagram

This project is used to collect the EXP/POC disclosed on the Internet and provide project support for Heptagram security team.

CVE-2022-0847

CVE-2021-27928

CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞

Monitor

A old way to Persistence

C++

CVE-2020-35728

CVE-2020-35728 & Jackson-databind RCE

CVE-2022-1388

CVE-2022-1388 F5 BIG-IP iControl REST RCE

Hadoop Yan ResourceManager unauthorized RCE

Hadoop-Yarn-ResourceManager-RCE

CVE-2021-2109 && Weblogic Server RCE via JNDI

CVE-2021-2109

CVE-2020-17530

S2-061 CVE-2020-17530

CVE-2020-36184 && Jackson-databind RCE

Map-of-IT-Architects-Technical-Knowledge

MysqlHoneypot

BlockChainSec

HW-2023

Pentest-Command

CVE-2020-36184

0DayList

FastJsonAutoTypeBypass

CVE-2021-21975 vRealize Operations Manager SSRF

CVE-2021-21975

WebShells

WebShell studying

PHP

CVE-2021-30461

Alibab Nacos Unauthorized Login

Alibab-Nacos-Unauthorized-Login

SelectMyParent

PPID Spoofing

HTML

CVE-2020-36188

CVE-2020-36188 &&Jackson-databind RCE

CVE-2020-5902

CVE-2017-16995（Ubuntu本地提权漏洞）

CVE-2017-16995

CheckPWD

Check the default pwd of product via checklist.

CVE-2017-7269

Ruby

SonicWall

SonicWall SSL-VPN RCE

CVE-2019-0230

S2-059(CVE-2019-0230)

php_mt_seed is a PHP mt_rand() seed cracker

TongDa-RCE

通达文件包含+文件上传导致RCE

PHP

RemoteDLLInjector

php_mt_seed

CVE-2020-10673

CVE-2020-10673:jackson-databind RCE

RDPLinkEnum

Apache Kylin API Unauthorized Access

CVE-2020-13937

CVE-2020-2883

CVE-2020-35729

CVE-2020-11652 & CVE-2020-11651

EmergencyTools

CVE-2020-11652

SoliditySecurity

Solidity Security

CVE-2017-3506

JEP290_RMI_Bypass

Rogue-MySql-Server

CVE-2020-11113:Jackson-databind RCE

CVE-2020-11113

BlockChain Security Construction

BlockChainConstruction

LM-HASH

CVE-2020-17456 & Seowon SLC 130 Router RCE

CVE-2020-17456

CVE-2019-12814:Jackson JDOM XSLTransformer Gadget

CVE-2019-12814

Alibab-Nacos-Unauthorized-Reset PWD

Alibab-Nacos-Unauthorized-Reset-PWD

CVE-2021-34045

Novel-plus-install-v3.5.3-Druid Unauthorized access

PSTools

reDuh

reDuhServers

ASP.NET

WCE

Window Hash&Password dump

CVE-2020-26217

CVE-2020-26217 && XStream RCE

ExtensionHijack

C++

CVE-2021-3317

CVE-2017-17485:Jackson-databind RCE

CVE-2017-17485

Active Directory Group Policy Preferences cpassword cracker/decrypter.

GPOCrack

MakeMeEnterpriseAdmin

Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

CVE-2021-4034

AdFind

Perl

Hook-PasswordChangeNotify

Hook PasswordChangeNotify

This is a simple test for FasterXML jackson-databind

CVE-2020-14195

EvilReflex

CVE-2019-12086

CVE-2020-8635

Wing FTP Server 6.2.3 - Privilege Escalation

Class to base64 String，base64 String to class

ICMPTunnel

icmptunnel

JavaDeRe

Powershell-C2

CVE-2020-24750

Invoke-DCSync

CVE-2020-26259

CVE-2020-26259 &&XStream Arbitrary File Delete

Al1ex

CVE-2017-10271

Environment for CVE_2019_17571

CVE-2019-17571

CVE-2020-35713

Wing FTP Server 6.2.5 - Privilege Escalation

CVE-2020-9470

Shell

Asmtools

Redis-RCE

Redis 4.x/5.x RCE

SSHServer

Mysql-Readfile

Use the scrapy framework to climb the top 250 movies of Douban

CVE-2018-1297

EXP for CVE-2018-1297

PowerShellProfiler

JEP290Test

DoubanMovieTop

This is a simple Shiro-basic project .Just for pentest env

Shiro-basic

CVE-2020-26258 && XStream SSRF

CVE-2020-26258

JMXAttacking

JMXTest