There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cmsBurpSuite-collections
有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version fileRedTeam_BlueTeam_HW
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具hackbar2.1.3
the free firefox extions of hackbar v2.1.3 v2.2.9 v2.3.1,hackbar 插件未收费的免费版本。适用于chrome浏览器的HackBar-v2.2.6.zip,HackBar-v2.3.1.zipBLACKHAT_Asia2023
Black Hat Asia 2023 PDF PublicBLACKHAT_USA2022
BLACKHAT USA2022 PDF Publicsunlogin_rce
向日葵 RCEsubdomain_shell
一键调用subfinder+ksubdomain+httpx 强强联合 从域名发现-->域名验证-->获取域名标题、状态码以及响应大小 最后保存结果,简化重复操作命令JNDIExploit-1
一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)kms-server-deploy
一键搭建kms激活服务端&&Windows客户端一键激活脚本cve-2022-23131
cve-2022-23131 zabbix-saml-bypass-expspring-core-rce
CVE-2022-22965 : about spring core rceHCMendetool
HCM宏景加解密工具CVE-2022-24112
CVE-2022-24112:Apache APISIX apisix/batch-requests RCECVE-2021-42342
CVE-2021-42342 RCECVE-2022-40127
Apache Airflow < 2.4.0 DAG example_bash_operator RCE POCburpsuite_pro_for_mac
A script to easily activate the macOS version of Burp Suite Professional [Free]thinkphp_lang_RCE
about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.xShellcodeLoader
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用CVE-2022-24086
CVE-2022-24086 about Magento RCECrossC2
来自 gloxec 的 CrossC2 frameworkfork 备份 2.0版本CVE-2023-28432
CVE-2023-28434 nuclei templatesCVE-2024-36401
Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploitCVE-2022-21371
Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File InclusionCVE-2021-43798
CVE-2021-43798:Grafana 任意文件读取漏洞CVE-2024-32113
Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]Joker
一款基于Http.sys的利用工具 ZhuriLab/Joker 备份CVE-2022-25064
k3_packages_backup
k3的固件和插件备份仓库,Mac下解决音乐解锁插件证书到期,升级ssr-plus和v2ray版本,以及xrayCVE-2023-23333
SolarView Compact through 6.00 downloader.php commands injection (RCE) nuclei-templatesinfohunter
pentester payload ,info huntecheck_proxy
Multi-threaded socks proxy checker written in Go!Onekey-Open-BT-panel-ssl-with-domain
宝塔(bt.cn)面板开启域名登录并且使用域名证书,解决浏览器信任证书问题,强迫症福音@_@Kill_zsxq_Watermark
清除知识星球水印(包括文章、首页、topic等部分)CVE-2024-36991
Path Traversal On The "/Modules/Messaging/" Endpoint In Splunk Enterprise On WindowsCNVD_Modify
适用于CNVD的篡改猴(Tampermonkey、Greasemonkey)脚本CVE-2021-26855-d
CVE-2022-3328
CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973Mr-xn
my profilezhihuishu
2018新版智慧树视频自动播放刷课chrome插件modify_freebuf_pic
支持t00ls.com文章图片放大&去除 freebuf.com 的文章部分的图片末尾追加的 !small ,让图片直接显示最佳尺寸而不是缩小版的,不需要点击放大查看,方便查看文章。hysteria_mac.sh
hysteria shell script for MacCVE-2023-43482
TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerabilitysqli-scripts
Scripts that make SQL injection faster, more convenient, and easierTG
About TGserver-bash-script
some useful server bash scriptscrapy_douban_top250movie
Use Python Scrapy crawl douban.com/top250seniverse_location
seniverse api location codebt770back
bt770backLove Open Source and this site? Check out how you can help us